Vulnerabilities > CVE-2022-0544 - Integer Underflow (Wrap or Wraparound) vulnerability in multiple products

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
blender
debian
CWE-191

Summary

An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1.

Vulnerable Configurations

Part Description Count
Application
Blender
150
OS
Debian
2

Common Weakness Enumeration (CWE)