Skip to content

Commit 15b7a1e

Browse files
Merge pull request #7658 from github/three-star-potato-GHSA-wx6g-fm6f-w822
2 parents 94fda91 + 9e70897 commit 15b7a1e

1 file changed

Lines changed: 84 additions & 0 deletions

File tree

Lines changed: 84 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,84 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-wx6g-fm6f-w822",
4+
"modified": "2025-08-01T18:35:58Z",
5+
"published": "2025-07-31T19:37:48Z",
6+
"aliases": [
7+
"CVE-2025-53009"
8+
],
9+
"summary": "MaterialX Stack Overflow via Lack of MTLX XML Parsing Recursion Limit ",
10+
"details": "### Summary\n\nWhen parsing an MTLX file with multiple nested `nodegraph` implementations, the MaterialX XML parsing logic can potentially crash due to stack exhaustion.\n\n### Details\n\nBy specification, multiple kinds of elements in MTLX support nesting other elements, such as in the case of `nodegraph` elements. Parsing these subtrees is implemented via recursion, and since there is no max depth imposed on the XML document, this can lead to a stack overflow when the library parses an MTLX file with an excessively high number of nested elements.\n\n### PoC\n\nPlease download the `recursion_overflow.mtlx` file from the following link: \n\nhttps://github.com/ShielderSec/poc/tree/main/CVE-2025-53009\n\n`build/bin/MaterialXView --material recursion_overflow.mtlx`\n\n\n### Impact\nAn attacker could intentionally crash a target program that uses MaterialX by sending a malicious MTLX file.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "PyPI",
21+
"name": "MaterialX"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "1.39.2"
29+
},
30+
{
31+
"fixed": "1.39.3"
32+
}
33+
]
34+
}
35+
],
36+
"versions": [
37+
"1.39.2"
38+
]
39+
}
40+
],
41+
"references": [
42+
{
43+
"type": "WEB",
44+
"url": "https://github.com/AcademySoftwareFoundation/MaterialX/security/advisories/GHSA-wx6g-fm6f-w822"
45+
},
46+
{
47+
"type": "ADVISORY",
48+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53009"
49+
},
50+
{
51+
"type": "WEB",
52+
"url": "https://github.com/AcademySoftwareFoundation/MaterialX/issues/2504"
53+
},
54+
{
55+
"type": "WEB",
56+
"url": "https://github.com/AcademySoftwareFoundation/MaterialX/pull/2505"
57+
},
58+
{
59+
"type": "WEB",
60+
"url": "https://github.com/AcademySoftwareFoundation/MaterialX/commit/defc03b7aca865d7e71a9197da9351d3f5ea8786"
61+
},
62+
{
63+
"type": "PACKAGE",
64+
"url": "https://github.com/AcademySoftwareFoundation/MaterialX"
65+
},
66+
{
67+
"type": "WEB",
68+
"url": "https://github.com/AcademySoftwareFoundation/MaterialX/releases/tag/v1.39.3"
69+
},
70+
{
71+
"type": "WEB",
72+
"url": "https://github.com/ShielderSec/poc/tree/main/CVE-2025-53009"
73+
}
74+
],
75+
"database_specific": {
76+
"cwe_ids": [
77+
"CWE-121"
78+
],
79+
"severity": "LOW",
80+
"github_reviewed": true,
81+
"github_reviewed_at": "2025-07-31T19:37:48Z",
82+
"nvd_published_at": "2025-08-01T18:15:54Z"
83+
}
84+
}

0 commit comments

Comments
 (0)