U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:blender:blender:2.83.6.1:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 3 matching records.
Displaying matches 1 through 3.
Vuln ID Summary CVSS Severity
CVE-2022-0545

An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1.

Published: February 24, 2022; 2:15:09 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 5.1 MEDIUM
CVE-2022-0544

An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1.

Published: February 24, 2022; 2:15:09 PM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0: 2.6 LOW
CVE-2008-1103

Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues."

Published: April 28, 2008; 4:05:00 PM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 6.9 MEDIUM