CVE-2025-11014
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-11014
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-11014.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-11014
- Downstream
- Published
- 2025-09-26T13:15:41.317Z
- Modified
- 2025-11-16T12:26:00.955681Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A security flaw has been discovered in OGRECave Ogre up to 14.4.1. This issue affects the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp of the component Image Handler. The manipulation results in heap-based buffer overflow. The attack is only possible with local access. The exploit has been released to the public and may be exploited.
- References
Affected packages
Git / github.com/ogrecave/ogre
Affected ranges
- Type
- GIT
- Repo
- https://github.com/ogrecave/ogre
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
Other
v1-6-0
v1-8-1
v1-9-0
v1.*
v1.10.10
v1.10.11
v1.10.2
v1.10.3
v1.10.4
v1.10.5
v1.10.6
v1.10.7
v1.10.8
v1.10.9
v1.11.0
v1.11.1
v1.11.2
v1.11.3
v1.11.4
v1.11.5
v1.12.0
v1.12.1
v1.12.10
v1.12.11
v1.12.12
v1.12.2
v1.12.3
v1.12.4
v1.12.5
v1.12.6
v1.12.7
v1.12.8
v1.12.9
v13.*
v13.0.0
v13.0.1
v13.1.0
v13.1.1
v13.2.0
v13.2.1
v13.2.2
v13.3.0
v13.3.1
v13.3.2
v13.3.3
v13.4.0
v13.4.1
v13.4.2
v13.4.3
v13.4.4
v13.5.0
v13.5.1
v13.5.2
v13.5.3
v13.6.0
v13.6.1
v14.*
v14.0.0
v14.0.1
v14.1.0
v14.1.1
v14.1.2
v14.2.0
v14.2.1
v14.2.2
v14.2.3
v14.2.4
v14.2.5
v14.2.6
v14.3.0
v14.3.1
v14.3.2
v14.3.3
v14.3.4
v14.4.0
v14.4.1