CVE-2024-53425

{"id": "CVE-2024-53425", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}]}, "published": "2024-11-21T14:15:18.303", "references": [{"url": "https://github.com/assimp/assimp/issues/5860", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash."}, {"lang": "es", "value": "Se descubri\u00f3 una vulnerabilidad de desbordamiento de b\u00fafer de mont\u00f3n en la funci\u00f3n SkipSpacesAndLineEnd en Assimp v5.4.3. Este problema ocurre al procesar ciertos archivos de modelo MD5 malformados, lo que provoca una lectura fuera de los l\u00edmites y un posible bloqueo de la aplicaci\u00f3n."}], "lastModified": "2024-11-26T18:15:20.090", "sourceIdentifier": "cve@mitre.org"}