osv-2026-521
Vulnerability from osv_ossfuzz
Published
2026-04-04 00:05
Modified
2026-07-03 14:33
Summary
UNKNOWN READ in unsigned long Assimp::StreamReader<true, true>::Get<unsigned long>
Details
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=499121788
Crash type: UNKNOWN READ
Crash state:
unsigned long Assimp::StreamReader<true, true>::Get<unsigned long>
bool Assimp::Blender::Structure::ResolvePointer<std::__1::shared_ptr, Assimp::Bl
bool Assimp::Blender::Structure::ReadFieldPtr<2, Assimp::Blender::vector, std::_
{
"affected": [
{
"database_specific": {
"introduced_range": "4c8a3bd39c449eba1b07f81fd4177ad938a7fd93:69f8eb21fd1da5688523986cc911346c333806c2"
},
"ecosystem_specific": {
"severity": "MEDIUM"
},
"package": {
"ecosystem": "OSS-Fuzz",
"name": "assimp",
"purl": "pkg:generic/assimp"
},
"ranges": [
{
"events": [
{
"introduced": "72b9939b9f5a34d155b5b11b61f4474f1176d51a"
},
{
"introduced": "fee5c267e764abaacbf8de6a764da6ca7a0292bd"
}
],
"repo": "https://github.com/assimp/assimp.git",
"type": "GIT"
}
],
"versions": [
"master",
"v6.0.3",
"v6.0.4",
"v6.0.5"
]
}
],
"details": "OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=499121788\n\n```\nCrash type: UNKNOWN READ\nCrash state:\nunsigned long Assimp::StreamReader\u003ctrue, true\u003e::Get\u003cunsigned long\u003e\nbool Assimp::Blender::Structure::ResolvePointer\u003cstd::__1::shared_ptr, Assimp::Bl\nbool Assimp::Blender::Structure::ReadFieldPtr\u003c2, Assimp::Blender::vector, std::_\n```\n",
"id": "OSV-2026-521",
"modified": "2026-07-03T14:33:49.012945Z",
"published": "2026-04-04T00:05:03.478370Z",
"references": [
{
"type": "REPORT",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=499121788"
}
],
"schema_version": "1.7.5",
"summary": "UNKNOWN READ in unsigned long Assimp::StreamReader\u003ctrue, true\u003e::Get\u003cunsigned long\u003e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…