OSV-2025-31

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/assimp/OSV-2025-31.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2025-31
Published
2025-01-15T00:14:05.357161Z
Modified
2025-05-17T14:21:13.704657Z
Summary
Heap-buffer-overflow in Assimp::FBXExporter::WriteObjects
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=389339262

Crash type: Heap-buffer-overflow READ 4
Crash state:
Assimp::FBXExporter::WriteObjects
Assimp::FBXExporter::ExportBinary
Assimp::ExportSceneFBX
References

Affected packages

OSS-Fuzz / assimp

Package

Name
assimp
Purl
pkg:generic/assimp

Affected ranges

Type
GIT
Repo
https://github.com/assimp/assimp.git
Events
Introduced
9d6b32f5c5118e67e99d4be3087f49ad0b7660de
Fixed
1933313ec82fe5f5a2feca949bced04cf194dda6

Affected versions

v5.*
v5.3.0
v5.3.1
v5.4.0
v5.4.1
v5.4.2
v5.4.3

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/assimp/OSV-2025-31.yaml"
introduced_range 
"41102eeda6aa1461a5f4a52a743b2a4133732f9c:0c4d5909f8ca1931f3ca5c66ab5f0c37ea2efc2e"
fixed_range 
"b40e41f9c3c413efd6818734585fe7dc7d0ec16c:1933313ec82fe5f5a2feca949bced04cf194dda6"