CVE-2023-25010

2023-04-1721:15:07

Google

osv.dev

malicious file

uninitialized variable

code execution

software vulnerability

0.001 Low

EPSS

Percentile

27.2%

JSON

A malicious actor may convince a victim to open a malicious USD file that may trigger an uninitialized variable which may result in code execution.

CPENameOperatorVersion
maya-usdeqAL_0.23.4
maya-usdeq0.20.0
maya-usdeqPXR_v0.8.1
maya-usdeqPXR_v19.07-rc1
maya-usdeq0.2.0
maya-usdeqAL_0.22.0
maya-usdeq0.10.0-pr125
maya-usdeqPXR_v0.8.0
maya-usdeqPXR_v0.7.4
maya-usdeqPXR_v18.09

Name	Operator	Version
maya-usd	eq	AL_0.23.4
maya-usd	eq	0.20.0
maya-usd	eq	PXR_v0.8.1
maya-usd	eq	PXR_v19.07-rc1
maya-usd	eq	0.2.0
maya-usd	eq	AL_0.22.0
maya-usd	eq	0.10.0-pr125
maya-usd	eq	PXR_v0.8.0
maya-usd	eq	PXR_v0.7.4
maya-usd	eq	PXR_v18.09

Rows per page:

1-10 of 811

References

www.autodesk.com/trust/security-advisories/adsk-sa-2023-0003

0.001 Low

EPSS

Percentile

27.2%

JSON

Related for OSV:CVE-2023-25010