OSV-2025-54

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/assimp/OSV-2025-54.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2025-54
Published
2025-01-22T00:15:23.827419Z
Modified
2025-03-18T00:29:47.108675Z
Summary
UNKNOWN READ in Assimp::SceneCombiner::CopyScene
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=390864967

Crash type: UNKNOWN READ
Crash state:
Assimp::SceneCombiner::CopyScene
Assimp::Exporter::Export
Assimp::Exporter::ExportToBlob
References

Affected packages

OSS-Fuzz / assimp

Package

Name
assimp
Purl
pkg:generic/assimp

Affected ranges

Type
GIT
Repo
https://github.com/assimp/assimp.git
Events
Introduced
9d6b32f5c5118e67e99d4be3087f49ad0b7660de
Fixed
bcf11c252a9635af83c0f48b5ebdfad8e1ab5522
Fixed
ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd

Affected versions

v5.*
v5.3.0
v5.3.1
v5.4.0
v5.4.1
v5.4.2
v5.4.3

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/assimp/OSV-2025-54.yaml"
introduced_range 
"41102eeda6aa1461a5f4a52a743b2a4133732f9c:0c4d5909f8ca1931f3ca5c66ab5f0c37ea2efc2e"
fixed_range 
"f398a701634dccbd555d851598f26191605e2e59:bcf11c252a9635af83c0f48b5ebdfad8e1ab5522"