Blender
CVE-2022-2832
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity.
AnalysisAI
A flaw was found in Blender 3.3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Technical ContextAI
This vulnerability is classified under CWE-395. A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity. Affected products include: Blender.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Endless Infinite loop in Blender-thumnailing due to logical bugs. Rated high severity (CVSS 7.5), this vulnerability is
A flaw was found in Blender 3.3.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authen
A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing a
An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds
Out-of-bounds read in Blender 3.0.0 through 5.1.2 allows an attacker to crash the application or disclose heap memory co
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today