{"id":"UBUNTU-CVE-2024-48425","details":"A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address 0x000000000460, which points to the zero page, indicating a null or invalid pointer dereference.","modified":"2026-05-20T16:09:49.157551266Z","published":"2024-10-24T21:15:00Z","upstream":["CVE-2024-48425"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-48425"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2024-48425"}],"affected":[{"package":{"name":"assimp","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/assimp?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.0~dfsg-4ubuntu4","3.1.1~dfsg-5","3.2~dfsg-1","3.2~dfsg-2","3.2~dfsg-3"],"ecosystem_specific":{"binaries":[{"binary_version":"3.2~dfsg-3","binary_name":"assimp-utils"},{"binary_version":"3.2~dfsg-3","binary_name":"libassimp3v5"},{"binary_version":"3.2~dfsg-3","binary_name":"python-pyassimp"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"spring","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/spring?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["100.0+dfsg-2","100.0+dfsg-2build1"],"ecosystem_specific":{"binaries":[{"binary_version":"100.0+dfsg-2build1","binary_name":"spring"},{"binary_version":"100.0+dfsg-2build1","binary_name":"spring-common"},{"binary_version":"100.0+dfsg-2build1","binary_name":"spring-javaai"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"assimp","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/assimp?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.3.1~dfsg-5","3.3.1~dfsg-5ubuntu1","3.3.1~dfsg-5+build1","4.0.1~dfsg-1~exp2","4.0.1~dfsg-1","4.1.0~dfsg-1","4.1.0~dfsg-2","4.1.0~dfsg-3"],"ecosystem_specific":{"binaries":[{"binary_version":"4.1.0~dfsg-3","binary_name":"assimp-utils"},{"binary_version":"4.1.0~dfsg-3","binary_name":"libassimp4"},{"binary_version":"4.1.0~dfsg-3","binary_name":"python-pyassimp"},{"binary_version":"4.1.0~dfsg-3","binary_name":"python3-pyassimp"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"spring","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/spring?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["103.0+dfsg2-1","103.0+dfsg2-1build1","104.0+dfsg-2"],"ecosystem_specific":{"binaries":[{"binary_version":"104.0+dfsg-2","binary_name":"spring"},{"binary_version":"104.0+dfsg-2","binary_name":"spring-common"},{"binary_version":"104.0+dfsg-2","binary_name":"spring-javaai"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"assimp","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/assimp?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.1.0~dfsg-5","4.1.0~dfsg-5ubuntu1","5.0.1~ds0-1build1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.0.1~ds0-1build1","binary_name":"assimp-testmodels"},{"binary_version":"5.0.1~ds0-1build1","binary_name":"assimp-utils"},{"binary_version":"5.0.1~ds0-1build1","binary_name":"libassimp5"},{"binary_version":"5.0.1~ds0-1build1","binary_name":"python3-pyassimp"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"spring","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/spring?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["104.0+dfsg-3build2","104.0+dfsg-4ubuntu1","104.0+dfsg-4ubuntu2","104.0+dfsg-4ubuntu5","104.0+dfsg-4ubuntu6","104.0+dfsg-4ubuntu7"],"ecosystem_specific":{"binaries":[{"binary_version":"104.0+dfsg-4ubuntu7","binary_name":"spring"},{"binary_version":"104.0+dfsg-4ubuntu7","binary_name":"spring-common"},{"binary_version":"104.0+dfsg-4ubuntu7","binary_name":"spring-javaai"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"assimp","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/assimp?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.0.1~ds0-2","5.0.1~ds0-3ubuntu1","5.1.4~ds0-1","5.1.5~ds0-1","5.1.6~ds0-1","5.2.0~ds0-2","5.2.1~ds0-1","5.2.2~ds0-1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.2.2~ds0-1","binary_name":"assimp-testmodels"},{"binary_version":"5.2.2~ds0-1","binary_name":"assimp-utils"},{"binary_version":"5.2.2~ds0-1","binary_name":"libassimp5"},{"binary_version":"5.2.2~ds0-1","binary_name":"python3-pyassimp"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"qt6-3d","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/qt6-3d?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.2.2+dfsg-3","6.2.4+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"6.2.4+dfsg-1","binary_name":"libqt63danimation6"},{"binary_version":"6.2.4+dfsg-1","binary_name":"libqt63dcore6"},{"binary_version":"6.2.4+dfsg-1","binary_name":"libqt63dextras6"},{"binary_version":"6.2.4+dfsg-1","binary_name":"libqt63dinput6"},{"binary_version":"6.2.4+dfsg-1","binary_name":"libqt63dlogic6"},{"binary_version":"6.2.4+dfsg-1","binary_name":"libqt63dquick6"},{"binary_version":"6.2.4+dfsg-1","binary_name":"libqt63dquickanimation6"},{"binary_version":"6.2.4+dfsg-1","binary_name":"libqt63dquickextras6"},{"binary_version":"6.2.4+dfsg-1","binary_name":"libqt63dquickinput6"},{"binary_version":"6.2.4+dfsg-1","binary_name":"libqt63dquickrender6"},{"binary_version":"6.2.4+dfsg-1","binary_name":"libqt63dquickscene2d6"},{"binary_version":"6.2.4+dfsg-1","binary_name":"libqt63drender6"},{"binary_version":"6.2.4+dfsg-1","binary_name":"qml6-module-qt3d-animation"},{"binary_version":"6.2.4+dfsg-1","binary_name":"qml6-module-qt3d-core"},{"binary_version":"6.2.4+dfsg-1","binary_name":"qml6-module-qt3d-extras"},{"binary_version":"6.2.4+dfsg-1","binary_name":"qml6-module-qt3d-input"},{"binary_version":"6.2.4+dfsg-1","binary_name":"qml6-module-qt3d-logic"},{"binary_version":"6.2.4+dfsg-1","binary_name":"qml6-module-qt3d-render"},{"binary_version":"6.2.4+dfsg-1","binary_name":"qml6-module-qtquick-scene2d"},{"binary_version":"6.2.4+dfsg-1","binary_name":"qml6-module-qtquick-scene3d"},{"binary_version":"6.2.4+dfsg-1","binary_name":"qt6-3d-assimpsceneimport-plugin"},{"binary_version":"6.2.4+dfsg-1","binary_name":"qt6-3d-defaultgeometryloader-plugin"},{"binary_version":"6.2.4+dfsg-1","binary_name":"qt6-3d-gltfsceneio-plugin"},{"binary_version":"6.2.4+dfsg-1","binary_name":"qt6-3d-scene2d-plugin"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"qt6-quick3d","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/qt6-quick3d?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.2.2-3","6.2.2-4","6.2.4-1"],"ecosystem_specific":{"binaries":[{"binary_version":"6.2.4-1","binary_name":"libqt6quick3d6"},{"binary_version":"6.2.4-1","binary_name":"libqt6quick3dassetimport6"},{"binary_version":"6.2.4-1","binary_name":"libqt6quick3dassetutils6"},{"binary_version":"6.2.4-1","binary_name":"libqt6quick3deffects6"},{"binary_version":"6.2.4-1","binary_name":"libqt6quick3dhelpers6"},{"binary_version":"6.2.4-1","binary_name":"libqt6quick3diblbaker6"},{"binary_version":"6.2.4-1","binary_name":"libqt6quick3dparticles6"},{"binary_version":"6.2.4-1","binary_name":"libqt6quick3druntimerender6"},{"binary_version":"6.2.4-1","binary_name":"libqt6quick3dutils6"},{"binary_version":"6.2.4-1","binary_name":"qml6-module-quick3d"},{"binary_version":"6.2.4-1","binary_name":"qml6-module-quick3d-assetutils"},{"binary_version":"6.2.4-1","binary_name":"qml6-module-quick3d-effects"},{"binary_version":"6.2.4-1","binary_name":"qml6-module-quick3d-helpers"},{"binary_version":"6.2.4-1","binary_name":"qml6-module-quick3d-particles3d"},{"binary_version":"6.2.4-1","binary_name":"qt6-quick3d-assetimporters-plugin"},{"binary_version":"6.2.4-1","binary_name":"qt6-quick3d-dev-tools"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"spring","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/spring?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["105.0.1+dfsg-2","105.0.1+dfsg-3ubuntu1","105.0.1+dfsg-3ubuntu2","105.0.1+dfsg-4"],"ecosystem_specific":{"binaries":[{"binary_version":"105.0.1+dfsg-4","binary_name":"spring"},{"binary_version":"105.0.1+dfsg-4","binary_name":"spring-common"},{"binary_version":"105.0.1+dfsg-4","binary_name":"spring-javaai"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"assimp","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/assimp?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.2.5~ds0-1.1build1","5.3.1+ds-1","5.3.1+ds-2","5.3.1+ds-2build1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.3.1+ds-2build1","binary_name":"assimp-testmodels"},{"binary_version":"5.3.1+ds-2build1","binary_name":"assimp-utils"},{"binary_version":"5.3.1+ds-2build1","binary_name":"libassimp5"},{"binary_version":"5.3.1+ds-2build1","binary_name":"python3-pyassimp"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"qt6-3d","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/qt6-3d?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.4.2+dfsg-6","6.4.2+dfsg-6build1","6.4.2+dfsg-6build2","6.4.2+dfsg-6build3"],"ecosystem_specific":{"binaries":[{"binary_version":"6.4.2+dfsg-6build3","binary_name":"libqt63danimation6"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"libqt63dcore6"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"libqt63dextras6"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"libqt63dinput6"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"libqt63dlogic6"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"libqt63dquick6"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"libqt63dquickanimation6"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"libqt63dquickextras6"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"libqt63dquickinput6"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"libqt63dquickrender6"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"libqt63dquickscene2d6"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"libqt63drender6"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qml6-module-qt3d-animation"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qml6-module-qt3d-core"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qml6-module-qt3d-extras"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qml6-module-qt3d-input"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qml6-module-qt3d-logic"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qml6-module-qt3d-render"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qml6-module-qtquick-scene2d"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qml6-module-qtquick-scene3d"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qt6-3d-assimpsceneimport-plugin"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qt6-3d-defaultgeometryloader-plugin"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qt6-3d-doc-html"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qt6-3d-examples"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qt6-3d-gltfsceneio-plugin"},{"binary_version":"6.4.2+dfsg-6build3","binary_name":"qt6-3d-scene2d-plugin"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"qt6-quick3d","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/qt6-quick3d?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.4.2-3","6.4.2-3build1","6.4.2-3build2","6.4.2-3build3"],"ecosystem_specific":{"binaries":[{"binary_version":"6.4.2-3build3","binary_name":"libqt6quick3d6"},{"binary_version":"6.4.2-3build3","binary_name":"libqt6quick3dassetimport6"},{"binary_version":"6.4.2-3build3","binary_name":"libqt6quick3dassetutils6"},{"binary_version":"6.4.2-3build3","binary_name":"libqt6quick3deffects6"},{"binary_version":"6.4.2-3build3","binary_name":"libqt6quick3dglslparser6"},{"binary_version":"6.4.2-3build3","binary_name":"libqt6quick3dhelpers6"},{"binary_version":"6.4.2-3build3","binary_name":"libqt6quick3diblbaker6"},{"binary_version":"6.4.2-3build3","binary_name":"libqt6quick3dparticleeffects6"},{"binary_version":"6.4.2-3build3","binary_name":"libqt6quick3dparticles6"},{"binary_version":"6.4.2-3build3","binary_name":"libqt6quick3druntimerender6"},{"binary_version":"6.4.2-3build3","binary_name":"libqt6quick3dutils6"},{"binary_version":"6.4.2-3build3","binary_name":"qml6-module-quick3d"},{"binary_version":"6.4.2-3build3","binary_name":"qml6-module-quick3d-assetutils"},{"binary_version":"6.4.2-3build3","binary_name":"qml6-module-quick3d-effects"},{"binary_version":"6.4.2-3build3","binary_name":"qml6-module-quick3d-helpers"},{"binary_version":"6.4.2-3build3","binary_name":"qml6-module-quick3d-particleeffects"},{"binary_version":"6.4.2-3build3","binary_name":"qml6-module-quick3d-particles3d"},{"binary_version":"6.4.2-3build3","binary_name":"qt6-qmltooling-quick3dprofiler-plugin"},{"binary_version":"6.4.2-3build3","binary_name":"qt6-quick3d-assetimporters-plugin"},{"binary_version":"6.4.2-3build3","binary_name":"qt6-quick3d-dev-tools"},{"binary_version":"6.4.2-3build3","binary_name":"qt6-quick3d-doc-html"},{"binary_version":"6.4.2-3build3","binary_name":"qt6-quick3d-examples"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"spring","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/spring?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["106.0+dfsg-2","106.0+dfsg-3","106.0+dfsg-3build2","106.0+dfsg-3build3"],"ecosystem_specific":{"binaries":[{"binary_version":"106.0+dfsg-3build3","binary_name":"spring"},{"binary_version":"106.0+dfsg-3build3","binary_name":"spring-common"},{"binary_version":"106.0+dfsg-3build3","binary_name":"spring-javaai"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"assimp","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/assimp?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.4.3+ds-2"],"ecosystem_specific":{"binaries":[{"binary_version":"5.4.3+ds-2","binary_name":"assimp-testmodels"},{"binary_version":"5.4.3+ds-2","binary_name":"assimp-utils"},{"binary_version":"5.4.3+ds-2","binary_name":"libassimp5"},{"binary_version":"5.4.3+ds-2","binary_name":"python3-pyassimp"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"qt6-3d","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/qt6-3d?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.8.3+dfsg-0ubuntu1","6.9.2+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"6.9.2+dfsg-1","binary_name":"libqt63danimation6"},{"binary_version":"6.9.2+dfsg-1","binary_name":"libqt63dcore6"},{"binary_version":"6.9.2+dfsg-1","binary_name":"libqt63dextras6"},{"binary_version":"6.9.2+dfsg-1","binary_name":"libqt63dinput6"},{"binary_version":"6.9.2+dfsg-1","binary_name":"libqt63dlogic6"},{"binary_version":"6.9.2+dfsg-1","binary_name":"libqt63dquick6"},{"binary_version":"6.9.2+dfsg-1","binary_name":"libqt63dquickextras6"},{"binary_version":"6.9.2+dfsg-1","binary_name":"libqt63dquickscene2d6"},{"binary_version":"6.9.2+dfsg-1","binary_name":"libqt63dquickscene3d6"},{"binary_version":"6.9.2+dfsg-1","binary_name":"libqt63drender6"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qml6-module-qt3d-animation"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qml6-module-qt3d-core"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qml6-module-qt3d-extras"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qml6-module-qt3d-input"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qml6-module-qt3d-logic"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qml6-module-qt3d-render"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qml6-module-qtquick-scene2d"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qml6-module-qtquick-scene3d"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qt6-3d-assimpsceneimport-plugin"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qt6-3d-defaultgeometryloader-plugin"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qt6-3d-doc-html"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qt6-3d-examples"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qt6-3d-gltfsceneio-plugin"},{"binary_version":"6.9.2+dfsg-1","binary_name":"qt6-3d-scene2d-plugin"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"qt6-quick3d","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/qt6-quick3d?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.8.3-0ubuntu1","6.9.2-1"],"ecosystem_specific":{"binaries":[{"binary_version":"6.9.2-1","binary_name":"libqt6quick3d6"},{"binary_version":"6.9.2-1","binary_name":"libqt6quick3dassetimport6"},{"binary_version":"6.9.2-1","binary_name":"libqt6quick3dassetutils6"},{"binary_version":"6.9.2-1","binary_name":"libqt6quick3dglslparser6"},{"binary_version":"6.9.2-1","binary_name":"libqt6quick3diblbaker6"},{"binary_version":"6.9.2-1","binary_name":"libqt6quick3druntimerender6"},{"binary_version":"6.9.2-1","binary_name":"libqt6quick3dutils6"},{"binary_version":"6.9.2-1","binary_name":"libqt6quick3dxr6"},{"binary_version":"6.9.2-1","binary_name":"qml6-module-qtquick3d"},{"binary_version":"6.9.2-1","binary_name":"qml6-module-qtquick3d-assetutils"},{"binary_version":"6.9.2-1","binary_name":"qml6-module-qtquick3d-effects"},{"binary_version":"6.9.2-1","binary_name":"qml6-module-qtquick3d-helpers"},{"binary_version":"6.9.2-1","binary_name":"qml6-module-qtquick3d-materialeditor"},{"binary_version":"6.9.2-1","binary_name":"qml6-module-qtquick3d-particleeffects"},{"binary_version":"6.9.2-1","binary_name":"qml6-module-qtquick3d-particles3d"},{"binary_version":"6.9.2-1","binary_name":"qml6-module-qtquick3d-xr"},{"binary_version":"6.9.2-1","binary_name":"qt6-qmltooling-quick3dprofiler-plugin"},{"binary_version":"6.9.2-1","binary_name":"qt6-quick3d-assetimporters-plugin"},{"binary_version":"6.9.2-1","binary_name":"qt6-quick3d-dev-tools"},{"binary_version":"6.9.2-1","binary_name":"qt6-quick3d-doc-html"},{"binary_version":"6.9.2-1","binary_name":"qt6-quick3d-examples"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"spring","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/spring?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["106.0+dfsg-4"],"ecosystem_specific":{"binaries":[{"binary_version":"106.0+dfsg-4","binary_name":"spring"},{"binary_version":"106.0+dfsg-4","binary_name":"spring-common"},{"binary_version":"106.0+dfsg-4","binary_name":"spring-javaai"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"assimp","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/assimp?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["5.4.3+ds-2","6.0.2+ds-1","6.0.3+ds-1","6.0.4+ds-1","6.0.4+ds-1build1"],"ecosystem_specific":{"binaries":[{"binary_version":"6.0.4+ds-1build1","binary_name":"assimp-testmodels"},{"binary_version":"6.0.4+ds-1build1","binary_name":"assimp-utils"},{"binary_version":"6.0.4+ds-1build1","binary_name":"libassimp6"},{"binary_version":"6.0.4+ds-1build1","binary_name":"python3-pyassimp"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"qt6-3d","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/qt6-3d?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.9.2+dfsg-1","6.9.2+dfsg-1build1","6.10.2+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"6.10.2+dfsg-1","binary_name":"libqt63danimation6"},{"binary_version":"6.10.2+dfsg-1","binary_name":"libqt63dcore6"},{"binary_version":"6.10.2+dfsg-1","binary_name":"libqt63dextras6"},{"binary_version":"6.10.2+dfsg-1","binary_name":"libqt63dinput6"},{"binary_version":"6.10.2+dfsg-1","binary_name":"libqt63dlogic6"},{"binary_version":"6.10.2+dfsg-1","binary_name":"libqt63dquick6"},{"binary_version":"6.10.2+dfsg-1","binary_name":"libqt63dquickextras6"},{"binary_version":"6.10.2+dfsg-1","binary_name":"libqt63dquickscene2d6"},{"binary_version":"6.10.2+dfsg-1","binary_name":"libqt63dquickscene3d6"},{"binary_version":"6.10.2+dfsg-1","binary_name":"libqt63drender6"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qml6-module-qt3d-animation"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qml6-module-qt3d-core"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qml6-module-qt3d-extras"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qml6-module-qt3d-input"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qml6-module-qt3d-logic"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qml6-module-qt3d-render"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qml6-module-qtquick-scene2d"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qml6-module-qtquick-scene3d"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qt6-3d-assimpsceneimport-plugin"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qt6-3d-defaultgeometryloader-plugin"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qt6-3d-doc-html"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qt6-3d-examples"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qt6-3d-gltfsceneio-plugin"},{"binary_version":"6.10.2+dfsg-1","binary_name":"qt6-3d-scene2d-plugin"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"qt6-quick3d","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/qt6-quick3d?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["6.9.2-1","6.9.2-1build1","6.9.2-5","6.9.2-5build1","6.10.2-1"],"ecosystem_specific":{"binaries":[{"binary_version":"6.10.2-1","binary_name":"libqt6quick3d6"},{"binary_version":"6.10.2-1","binary_name":"libqt6quick3dassetimport6"},{"binary_version":"6.10.2-1","binary_name":"libqt6quick3dassetutils6"},{"binary_version":"6.10.2-1","binary_name":"libqt6quick3dglslparser6"},{"binary_version":"6.10.2-1","binary_name":"libqt6quick3diblbaker6"},{"binary_version":"6.10.2-1","binary_name":"libqt6quick3druntimerender6"},{"binary_version":"6.10.2-1","binary_name":"libqt6quick3dutils6"},{"binary_version":"6.10.2-1","binary_name":"libqt6quick3dxr6"},{"binary_version":"6.10.2-1","binary_name":"qml6-module-qtquick3d"},{"binary_version":"6.10.2-1","binary_name":"qml6-module-qtquick3d-assetutils"},{"binary_version":"6.10.2-1","binary_name":"qml6-module-qtquick3d-effects"},{"binary_version":"6.10.2-1","binary_name":"qml6-module-qtquick3d-helpers"},{"binary_version":"6.10.2-1","binary_name":"qml6-module-qtquick3d-lightmapviewer"},{"binary_version":"6.10.2-1","binary_name":"qml6-module-qtquick3d-materialeditor"},{"binary_version":"6.10.2-1","binary_name":"qml6-module-qtquick3d-particleeffects"},{"binary_version":"6.10.2-1","binary_name":"qml6-module-qtquick3d-particles3d"},{"binary_version":"6.10.2-1","binary_name":"qml6-module-qtquick3d-xr"},{"binary_version":"6.10.2-1","binary_name":"qt6-qmltooling-quick3dprofiler-plugin"},{"binary_version":"6.10.2-1","binary_name":"qt6-quick3d-assetimporters-plugin"},{"binary_version":"6.10.2-1","binary_name":"qt6-quick3d-dev-tools"},{"binary_version":"6.10.2-1","binary_name":"qt6-quick3d-doc-html"},{"binary_version":"6.10.2-1","binary_name":"qt6-quick3d-examples"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}},{"package":{"name":"spring","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/spring?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["106.0+dfsg-4"],"ecosystem_specific":{"binaries":[{"binary_version":"106.0+dfsg-4","binary_name":"spring"},{"binary_version":"106.0+dfsg-4","binary_name":"spring-common"},{"binary_version":"106.0+dfsg-4","binary_name":"spring-javaai"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-48425.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]}