Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

Vulnerability IntelligenceCVE-2025-2151

CVE-2025-2151

MEDIUM6.3

Open Asset Import Library Assimp File ParsingUtils.h GetNextLine stack-based overflow

Published Mar 10, 2025

Modified 11 months ago

Details

A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

References

https://github.com/assimp/assimp/issues/6016

https://github.com/assimp/assimp/issues/6026

https://github.com/sae-as-me/Crashes/raw/refs/heads/main/assimp/assimp_crash_1

https://vuldb.com/?ctiid.299062

https://vuldb.com/?id.299062

https://vuldb.com/?submit.510582

https://www.cve.org/CVERecord?id=CVE-2025-2151

CVSS Analysis

CVSS v4.0

5.3

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Attack Requirements

NoneAT:N

Privileges Required

NonePR:N

User Interaction

PassiveUI:P

Vulnerable System

Vuln. Confidentiality

LowVC:L

Vuln. Integrity

LowVI:L

Vuln. Availability

LowVA:L

Subsequent System

Subseq. Confidentiality

NoneSC:N

Subseq. Integrity

NoneSI:N

Subseq. Availability

NoneSA:N

5.3/CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Weakness Type (CWE)

Memory Safety

Buffer Overflow

Other

Ecosystems

Timeline

PublishedMar 10, 2025

ModifiedMar 21, 2025

CVE-2025-2151 | Mondoo Vulnerability Intelligence