CVE-2025-2591

MEDIUM Year: 2025
CVSS v3 Score
4.3
Medium
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-369
View all →

Vulnerability Description

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd. It is recommended to apply a patch to fix this issue.

Related Vulnerabilities

CVE-2024-27239

MEDIUM
CVSS:4.3(Medium)

Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access.

CWE-3692024

CVE-2024-42102

MEDIUM
CVSS:4.7(Medium)

In the Linux kernel, the following vulnerability has been resolved: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" Patch series "mm: Avoid possible overflows in dirty t...

CWE-3692024

CVE-2019-9084

MEDIUM
CVSS:4.9(Medium)

In Hoteldruid before 2.3.1, a division by zero was discovered in $num_tabelle in tab_tariffe.php (aka the numtariffa1 parameter) due to the mishandling of non-numeric values, as demonstrated by the /t...

CWE-3692019

CVE-2023-4678

MEDIUM
CVSS:5.1(Medium)

Divide By Zero in GitHub repository gpac/gpac prior to 2.3-DEV.

CWE-3692023

CVE-2018-18058

MEDIUM
CVSS:5.3(Medium)

An issue was discovered in Bitdefender Engines before 7.76662. A vulnerability has been discovered in the iso.xmd parser that results from a lack of proper validation of user-supplied data, which can ...

CWE-3692018

CVE-2020-14415

LOW
CVSS:3.3(Low)

oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.

CWE-3692020