rpm package
opensuse/blender-5.0&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/blender-5.0&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-0546 | — | < 5.0.0-1.1 | 5.0.0-1.1 | Feb 24, 2022 | A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution. | ||
| CVE-2022-0545 | — | < 5.0.0-1.1 | 5.0.0-1.1 | Feb 24, 2022 | An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted | ||
| CVE-2022-0544 | — | < 5.0.0-1.1 | 5.0.0-1.1 | Feb 24, 2022 | An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1. |
- CVE-2022-0546Feb 24, 2022affected < 5.0.0-1.1fixed 5.0.0-1.1
A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution.
- CVE-2022-0545Feb 24, 2022affected < 5.0.0-1.1fixed 5.0.0-1.1
An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted
- CVE-2022-0544Feb 24, 2022affected < 5.0.0-1.1fixed 5.0.0-1.1
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1.