Vulnerabilities > CVE-2022-2831 - Out-of-bounds Write vulnerability in Blender 3.3.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

blender

CWE-787

NVD

Published: 2022-08-16

Updated: 2022-09-01

Summary

A flaw was found in Blender 3.3.0. An interger overflow in source/blender/blendthumb/src/blendthumb_extract.cc may lead to program crash or memory corruption.

Vulnerable Configurations

Part	Description	Count
Application	Blender Blender Blender 3.3.0	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://developer.blender.org/rBb1329d7eaa52a11c73b75d19d20bd8f6d11ac535
https://developer.blender.org/T99705
https://developer.blender.org/rB32df09b2416a6961704eca0fe73534c8c4e715b2