Browse all 38 CVE security advisories affecting Open Asset Import Library. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The Open Asset Import Library serves as a widely adopted, open-source tool for developers to load and convert various 3D model and animation file formats into a unified internal data structure. Its primary utility lies in simplifying asset pipeline integration for game engines and simulation software. Historically, the library has been vulnerable to numerous security flaws, predominantly involving buffer overflows, out-of-bounds reads, and integer overflows within its parsing logic. These defects frequently enable remote code execution or denial-of-service attacks when processing maliciously crafted input files. With thirty-eight recorded CVEs, the project has faced significant scrutiny regarding its input validation mechanisms. While no massive, high-profile data breaches directly attributed to the library have dominated public discourse, the sheer volume of vulnerabilities highlights persistent challenges in maintaining robust security hygiene within complex C++ codebases that handle untrusted binary data.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-2751 | Open Asset Import Library Assimp CSM File CSMLoader.cpp InternReadFile out-of-bounds — AssimpCWE-125 | 4.3 | Medium | 2025-03-25 |
| CVE-2025-2750 | Open Asset Import Library Assimp CSM File CSMLoader.cpp InternReadFile out-of-bounds write — AssimpCWE-787 | 6.3 | Medium | 2025-03-25 |
| CVE-2025-2592 | Open Asset Import Library Assimp CSMLoader.cpp InternReadFile heap-based overflow — AssimpCWE-122 | 6.3 | Medium | 2025-03-21 |
| CVE-2025-2591 | Open Asset Import Library Assimp MDLLoader.cpp InternReadFile_Quake1 divide by zero — AssimpCWE-369 | 4.3 | Medium | 2025-03-21 |
| CVE-2025-2152 | Open Asset Import Library Assimp File BaseImporter.cpp ConvertToUTF8 heap-based overflow — AssimpCWE-122 | 6.3 | Medium | 2025-03-10 |
| CVE-2025-2151 | Open Asset Import Library Assimp File ParsingUtils.h GetNextLine stack-based overflow — AssimpCWE-121 | 6.3 | Medium | 2025-03-10 |
| CVE-2024-45679 | assimp 安全漏洞 — Assimp | 7.8AI | HighAI | 2024-09-18 |
| CVE-2024-40724 | assimp 安全漏洞 — Assimp | 7.8AI | HighAI | 2024-07-19 |
This page lists every published CVE security advisory associated with Open Asset Import Library. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.