VDB
CVE-2024-40724
CVE-2024-40724
PUBLISHED
CVSS 8.399999618530273 HIGH
Assimp provided by Open Asset Import Library contains a heap-based buffer overflow vulnerability (CWE-122). Yuhei Kawakoya of NTT Security Holdings reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
EPSS 0.12% · 29.9th percentile
Risk Scores
CVSS v3.0
8.399999618530273
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.12%
29.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Asset Import Library | Assimp |
Timeline
- Jul 18, 2024 CVE Published
- Jul 19, 2024 EPSS Score
- Aug 10, 2024 EPSS Score
- Aug 31, 2024 EPSS Score
- Sep 22, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 14, 2024 EPSS Score
- Nov 4, 2024 EPSS Score
- Nov 26, 2024 EPSS Score
- Dec 19, 2024 EPSS Score
- Jan 9, 2025 EPSS Score
- Jan 31, 2025 EPSS Score