Vulnerabilities > Blender > Blender > 2.36
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-24 | CVE-2022-0544 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. | 5.5 |
| 2022-02-24 | CVE-2022-0545 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. | 7.8 |
| 2007-03-03 | CVE-2007-1253 | Code Injection vulnerability in Blender 2.25/2.36/2.37A Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender 0.1.9h, as used in (b) Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted (1) KML or (2) KMZ file. | 9.3 |