Integer Overflow Vulnerability in Blender Graphics Software
CVE-2022-2831

7.5HIGH

Key Information:

Vendor

Blender

Status
Vendor
CVE Published:
16 August 2022

What is CVE-2022-2831?

An integer overflow vulnerability has been identified in Blender version 3.3.0, specifically within the blendthumb_extract.cc component. Exploitation of this flaw could result in program crashes or introduce the risk of memory corruption, potentially impacting the integrity and reliability of the application. Users are advised to review their Blender installations and ensure they are using patched versions to mitigate the risk.

Affected Version(s)

Blender Blender 3.3.0

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.