UBUNTU-CVE-2021-45948
- Source
- https://ubuntu.com/security/CVE-2021-45948
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-45948.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2021-45948
- Upstream
- Withdrawn
- 2025-07-18T16:47:05Z
- Published
- 2022-01-01T00:15:00Z
- Modified
- 2025-07-16T07:20:02.969764Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in m3dsafestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper).
- References
-
- https://ubuntu.com/security/CVE-2021-45948
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34416
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/assimp/OSV-2021-775.yaml
- https://github.com/assimp/assimp/pull/4146
- https://github.com/assimp/assimp/commit/30f17aa2064b86c0096f0ec701b9e8ea9312fef2
- https://www.cve.org/CVERecord?id=CVE-2021-45948
Affected packages
Ubuntu:22.04:LTS / assimp
Package
- Name
- assimp
- Purl
- pkg:deb/ubuntu/assimp@5.2.2~ds0-1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.2.2~ds0-1
Affected versions
5.*
5.0.1~ds0-2
5.0.1~ds0-3ubuntu1
5.1.4~ds0-1
5.1.5~ds0-1
5.1.6~ds0-1
5.2.0~ds0-2
5.2.1~ds0-1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "assimp-testmodels",
"binary_version": "5.2.2~ds0-1"
},
{
"binary_name": "assimp-utils",
"binary_version": "5.2.2~ds0-1"
},
{
"binary_name": "assimp-utils-dbgsym",
"binary_version": "5.2.2~ds0-1"
},
{
"binary_name": "libassimp-dev",
"binary_version": "5.2.2~ds0-1"
},
{
"binary_name": "libassimp-doc",
"binary_version": "5.2.2~ds0-1"
},
{
"binary_name": "libassimp5",
"binary_version": "5.2.2~ds0-1"
},
{
"binary_name": "libassimp5-dbgsym",
"binary_version": "5.2.2~ds0-1"
},
{
"binary_name": "python3-pyassimp",
"binary_version": "5.2.2~ds0-1"
}
]
}