D3Ng03

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A critical issue has been found in the Open Asset Import Library Assimp, affecting the function `Assimp::LWO::AnimResolver::UpdateAnimRangeSetup` in the file `code/AssetLib/LWO/LWOAnimation.cpp` of the LWO File Handler component. This issue leads to a heap-based buffer overflow. The attack can be launched on the local host. **Recommendations** For Open Asset Import Library Assimp version 5.4.3, consider disabling the `Assimp::LWO::AnimResolver::UpdateAnimRangeSetup` function until a patch is available to prevent heap-based buffer overflow exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A vulnerability has been found in the Open Asset Import Library Assimp, affecting the function `Assimp::SceneCombiner::AddNodeHashes` of the file `code/Common/SceneCombiner.cpp` of the component File Handler. The manipulation leads to out-of-bounds read. An attack has to be approached locally. **Recommendations** Apply the patch identified as a0993658f40d8e13ff5823990c30b43c82a5daf0 to fix this issue. As a temporary workaround, consider disabling the `Assimp::SceneCombiner::AddNodeHashes` function until the patch is applied.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A problematic vulnerability was found in the Open Asset Import Library Assimp. This issue affects the function `Assimp::MDLImporter::ParseTextureColorData` of the MDL File Handler component. The manipulation of the arguments `mWidth` and `mHeight` leads to resource consumption. The attack can be initiated remotely. **Recommendations** For Open Asset Import Library Assimp version 5.4.3, upgrade to version 6.0 to address this issue. As a temporary workaround, consider restricting the use of the `Assimp::MDLImporter::ParseTextureColorData` function until the patch is applied.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A critical issue has been found in the ASE File Handler component of the Open Asset Import Library Assimp. This issue affects the `Assimp::ASEImporter::BuildUniqueRepresentation` function in the file `ASELoader.cpp`. The manipulation of the `mIndices` argument leads to an out-of-bounds read. It is possible to initiate the attack remotely. **Recommendations** For Open Asset Import Library Assimp version 5.4.3, upgrade to version 6.0 to address this issue. As a temporary workaround, consider restricting access to the `ASELoader.cpp` file or the `Assimp::ASEImporter::BuildUniqueRepresentation` function until the patch is applied. Apply the patch named 7c705fde418d68cca4e8eff56be01b2617b0d6fe to fix this issue.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A critical issue has been identified, affecting the function `SceneCombiner::MergeScenes` of the component LWS File Handler. This issue leads to an out-of-bounds read and can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** For Open Asset Import Library Assimp version 5.4.3, as a temporary workaround, consider disabling the `SceneCombiner::MergeScenes` function until a patch is available. Restrict access to the LWS File Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A critical issue has been identified in the AC3D File Handler component, specifically in the function `Assimp::AC3DImporter::ConvertObjectSection` of the file `code/AssetLib/AC/ACLoader.cpp`. The manipulation of the `it` argument leads to a heap-based buffer overflow. This issue can be exploited remotely. **Recommendations** For Open Asset Import Library Assimp version 5.4.3, consider disabling the `Assimp::AC3DImporter::ConvertObjectSection` function until a patch is available to prevent heap-based buffer overflow exploitation. Restrict access to the AC3D File Handler component to minimize the risk of remote attacks.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A critical issue has been found in the Open Asset Import Library Assimp. This issue affects the `Assimp::AC3DImporter::ConvertObjectSection` function in the `AC3D File Handler` component, specifically in the file `code/AssetLib/AC/ACLoader.cpp`. The manipulation of the `tmp` argument leads to a heap-based buffer overflow. It is possible to initiate the attack remotely. **Recommendations** For Open Asset Import Library Assimp version 5.4.3, as a temporary workaround, consider disabling the `Assimp::AC3DImporter::ConvertObjectSection` function until a patch is available. Restrict access to the `AC3D File Handler` component to minimize the risk of exploitation. Avoid using the `tmp` argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A critical vulnerability was found in Open Asset Import Library Assimp, affecting the function `AI MD5 PARSE STRING IN QUOTATION` of the file `code/AssetLib/MD5/MD5Parser.cpp` of the component MD5 File Handler. The manipulation of the argument data leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Open Asset Import Library Assimp version 5.4.3, consider disabling the `AI MD5 PARSE STRING IN QUOTATION` function until a patch is available. Restrict access to the MD5 File Handler component to minimize the risk of exploitation. Avoid using the affected function in the `code/AssetLib/MD5/MD5Parser.cpp` file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A critical issue affects the function `Assimp::AC3DImporter::ConvertObjectSection` of the component AC3D File Handler. The manipulation of the argument `src.entries` leads to an out-of-bounds read. This issue can be exploited remotely. **Recommendations** For Open Asset Import Library Assimp version 5.4.3, as a temporary workaround, consider disabling the `Assimp::AC3DImporter::ConvertObjectSection` function until a patch is available. Restrict access to the AC3D File Handler component to minimize the risk of exploitation. Avoid using the argument `src.entries` in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A critical vulnerability was found in the Open Asset Import Library Assimp, affecting the `Assimp::CSMImporter::InternReadFile` function of the CSM File Handler component. This issue leads to an out-of-bounds write and can be initiated remotely. The exploit has been disclosed publicly. **Recommendations** For Open Asset Import Library Assimp version 5.4.3, consider disabling the `InternReadFile` function of the CSM File Handler component as a temporary workaround until a patch is available. Restrict access to the CSM File Handler to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A vulnerability has been found in the Open Asset Import Library Assimp, affecting the function `Assimp::CSMImporter::InternReadFile` of the file `code/AssetLib/CSM/CSMLoader.cpp` of the component CSM File Handler. The manipulation of the argument `na` leads to an out-of-bounds read. The attack can be initiated remotely. **Recommendations** For Open Asset Import Library Assimp version 5.4.3, consider disabling the `Assimp::CSMImporter::InternReadFile` function until a patch is available to prevent out-of-bounds read. Restrict access to the CSM File Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A vulnerability was found in the Open Asset Import Library Assimp, affecting the function `fast atoreal move` in the library include/assimp/fast atof.h of the component CSM File Handler. This issue leads to an out-of-bounds read and may be initiated remotely. **Recommendations** For Open Asset Import Library Assimp version 5.4.3, consider disabling the `fast atoreal move` function as a temporary workaround until a patch is available. Restrict access to the CSM File Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A critical vulnerability has been found in Open Asset Import Library Assimp. This issue affects the function `CSMImporter::InternReadFile` of the file `code/AssetLib/CSM/CSMLoader.cpp`. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** To fix this issue, apply the patch named `2690e354da0c681db000cfd892a55226788f2743`. As a temporary workaround, consider disabling the `CSMImporter::InternReadFile` function until a patch is available. Restrict access to the vulnerable file `code/AssetLib/CSM/CSMLoader.cpp` to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A vulnerability was found in the Open Asset Import Library Assimp. This issue affects the function `MDLImporter::InternReadFile Quake1` of the file `code/AssetLib/MDL/MDLLoader.cpp`. The manipulation of the arguments `skinwidth` and `skinheight` leads to a divide by zero error. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** To fix this issue, apply the patch identified as `ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd`. As a temporary workaround, consider restricting the use of the `MDLImporter::InternReadFile Quake1` function until a patch is available. Avoid manipulating the `skinwidth` and `skinheight` arguments in the affected function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Open Asset Import Library Assimp version 5.4.3 **Description** A critical issue was found in the ASE File Handler component, specifically affecting the function `Assimp::ASE::Parser::ParseLV4MeshBonesVertices` in the file `code/AssetLib/ASE/ASEParser.cpp`. This leads to a heap-based buffer overflow. The attack must be launched locally. **Recommendations** For Open Asset Import Library Assimp version 5.4.3, apply a patch to fix this issue. As a temporary workaround, consider disabling the `Assimp::ASE::Parser::ParseLV4MeshBonesVertices` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** dot-diver versions prior to 1.0.2 **Description** The issue is related to a Prototype Pollution vulnerability in the `setByPath` function, which can lead to remote code execution (RCE). This vulnerability allows an attacker to modify object attributes, potentially enabling them to execute arbitrary code. The vulnerability is present in versions prior to 1.0.2 of the dot-diver library. **Recommendations** For versions prior to 1.0.2, upgrade to release 1.0.2 or later to address the Prototype Pollution vulnerability in the `setByPath` function. As a temporary workaround, consider restricting the use of the `setByPath` function until a patch is applied.