The following vulnerability was published for assimp.
CVE-2025-2591[0]:
| A vulnerability classified as problematic was found in Open Asset
| Import Library Assimp 5.4.3. This vulnerability affects the function
| MDLImporter::InternReadFile_Quake1 of the file
| code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument
| skinwidth/skinheight leads to divide by zero. The attack can be
| initiated remotely. The exploit has been disclosed to the public and
| may be used. The patch is identified as
| ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd. It is recommended to apply
| a patch to fix this issue.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.