Vulnerability	Vulnerable Version
M Denial of Service (DoS) Affected versions of this package are vulnerable to Denial of Service (DoS). An attacker can cause the application to crash or become unresponsive by supplying a deeply nested chain of imported files, leading to stack exhaustion during parsing. Note: This is only exploitable if the attacker can control or supply a crafted file with a recursive import chain. How to fix Denial of Service (DoS)? Upgrade `MaterialX` to version 1.39.3 or higher.	[1.39.2,1.39.3)
M Stack-based Buffer Overflow Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the XML parsing process. An attacker can cause a crash by providing a specially crafted MTLX file with deeply nested `nodegraph` elements, leading to stack exhaustion during recursive parsing. How to fix Stack-based Buffer Overflow? Upgrade `MaterialX` to version 1.39.3 or higher.	[1.39.2,1.39.3)
M NULL Pointer Dereference Affected versions of this package are vulnerable to NULL Pointer Dereference in the `getShaderNodes` function when processing shader nodes from a crafted input file. An attacker can cause the application to crash by supplying a file that triggers a null pointer dereference during output node access. How to fix NULL Pointer Dereference? Upgrade `MaterialX` to version 1.39.3 or higher.	[1.39.2,1.39.3)
M NULL Pointer Dereference Affected versions of this package are vulnerable to NULL Pointer Dereference via the `getShaderNodes()` function. An attacker can cause a crash by providing a specially crafted MTLX file that triggers a null pointer dereference during shader node parsing. How to fix NULL Pointer Dereference? Upgrade `MaterialX` to version 1.39.3 or higher.	[,1.39.3)

Go back to all versions of this package