Search for packages
| purl | pkg:pypi/vtk@9.5.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-c5b6-p1ee-6fgz | Kitware VTK (Visualization Toolkit) up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data. |
CVE-2025-57106
PYSEC-2025-224 |
| VCID-dayh-vxpr-n7h7 | Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap use-after-free vulnerability in vtkGLTFDocumentLoader. The vulnerability manifests during mesh object copy operations where vector members are accessed after the underlying memory has been freed, specifically when handling GLTF files with corrupted or invalid mesh reference structures. |
CVE-2025-57108
PYSEC-2025-226 |
| VCID-tnex-thhe-bfba | Kitware VTK (Visualization Toolkit) through 9.5.0 contains a heap buffer overflow vulnerability in vtkGLTFDocumentLoader. When processing specially crafted GLTF files, the copy constructor of Accessor objects fails to properly validate buffer boundaries before performing memory read operations. |
CVE-2025-57107
PYSEC-2025-225 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-02T04:23:23.928914+00:00 | Pypa Importer | Fixing | VCID-dayh-vxpr-n7h7 | https://github.com/pypa/advisory-database/blob/main/vulns/vtk/PYSEC-2025-226.yaml | 38.6.0 |
| 2026-06-02T04:23:23.831753+00:00 | Pypa Importer | Fixing | VCID-tnex-thhe-bfba | https://github.com/pypa/advisory-database/blob/main/vulns/vtk/PYSEC-2025-225.yaml | 38.6.0 |
| 2026-06-02T04:23:23.731692+00:00 | Pypa Importer | Fixing | VCID-c5b6-p1ee-6fgz | https://github.com/pypa/advisory-database/blob/main/vulns/vtk/PYSEC-2025-224.yaml | 38.6.0 |