How severe is CVE-2025-5168?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 3.3 out of 10.

What type of vulnerability is CVE-2025-5168?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2025-5168 - MEDIUM Severity | CVSS 3.3

Vulnerability Description

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as problematic. Affected by this issue is the function MDLImporter::ImportUVCoordinate_3DGS_MDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument iIndex leads to out-of-bounds read. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.

Related Vulnerabilities

CVE-2016-1758

LOW

CVSS:3.3(Low)

The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app.

CWE-1192016

CVE-2016-1790

LOW

CVSS:3.3(Low)

Buffer overflow in the Accessibility component in Apple iOS before 9.3.2 allows attackers to obtain sensitive kernel memory-layout information via a crafted app.

CWE-1192016

CVE-2017-17293

LOW

CVSS:3.3(Low)

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, ...

CWE-1192017

CVE-2017-17321

LOW

CVSS:3.3(Low)

Huawei eNSP software with software of versions earlier than V100R002C00B510 has a buffer overflow vulnerability. Due to the improper validation of specific command line parameter, a local attacker cou...

CWE-1192017

CVE-2017-3020

LOW

CVSS:3.3(Low)

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the weblink module.

CWE-1192017

CVE-2017-3029

LOW

CVSS:3.3(Low)

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling a JPEG 2000 code-stream.

CWE-1192017