NVD

Vulnerability Change Records for CVE-2025-2591

Action	Type	New Value
Added	Description	A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd. It is recommended to apply a patch to fix this issue.
Added	CVSS V4.0	AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Added	CVSS V3.1	AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Added	CVSS V2	(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Added	CWE	CWE-369
Added	CWE	CWE-404
Added	Reference	https://github.com/assimp/assimp/issues/6009
Added	Reference	https://github.com/assimp/assimp/issues/6009#issue-2877367021
Added	Reference	https://github.com/assimp/assimp/pull/6047
Added	Reference	https://github.com/assimp/assimp/pull/6047/commits/ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd
Added	Reference	https://vuldb.com/?ctiid.300574
Added	Reference	https://vuldb.com/?id.300574
Added	Reference	https://vuldb.com/?submit.517781