Vulnerability Details CVE-2022-0545
An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.5%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 5.1
References
Products affected by CVE-2022-0545
-
cpe:2.3:a:blender:blender:2.25
-
cpe:2.3:a:blender:blender:2.26
-
cpe:2.3:a:blender:blender:2.27
-
cpe:2.3:a:blender:blender:2.28
-
cpe:2.3:a:blender:blender:2.30
-
cpe:2.3:a:blender:blender:2.31
-
cpe:2.3:a:blender:blender:2.32
-
cpe:2.3:a:blender:blender:2.33
-
cpe:2.3:a:blender:blender:2.34
-
cpe:2.3:a:blender:blender:2.35
-
cpe:2.3:a:blender:blender:2.36
-
cpe:2.3:a:blender:blender:2.37
-
cpe:2.3:a:blender:blender:2.40
-
cpe:2.3:a:blender:blender:2.41
-
cpe:2.3:a:blender:blender:2.42
-
cpe:2.3:a:blender:blender:2.43
-
cpe:2.3:a:blender:blender:2.44
-
cpe:2.3:a:blender:blender:2.45
-
cpe:2.3:a:blender:blender:2.46
-
cpe:2.3:a:blender:blender:2.47
-
cpe:2.3:a:blender:blender:2.48
-
cpe:2.3:a:blender:blender:2.49
-
cpe:2.3:a:blender:blender:2.50
-
cpe:2.3:a:blender:blender:2.51
-
cpe:2.3:a:blender:blender:2.52
-
cpe:2.3:a:blender:blender:2.53
-
cpe:2.3:a:blender:blender:2.54
-
cpe:2.3:a:blender:blender:2.55
-
cpe:2.3:a:blender:blender:2.56
-
cpe:2.3:a:blender:blender:2.57
-
cpe:2.3:a:blender:blender:2.58
-
cpe:2.3:a:blender:blender:2.59
-
cpe:2.3:a:blender:blender:2.60
-
cpe:2.3:a:blender:blender:2.61
-
cpe:2.3:a:blender:blender:2.63
-
cpe:2.3:a:blender:blender:2.64
-
cpe:2.3:a:blender:blender:2.65
-
cpe:2.3:a:blender:blender:2.66
-
cpe:2.3:a:blender:blender:2.67
-
cpe:2.3:a:blender:blender:2.68
-
cpe:2.3:a:blender:blender:2.69
-
cpe:2.3:a:blender:blender:2.70
-
cpe:2.3:a:blender:blender:2.71
-
cpe:2.3:a:blender:blender:2.72
-
cpe:2.3:a:blender:blender:2.73
-
cpe:2.3:a:blender:blender:2.74
-
cpe:2.3:a:blender:blender:2.75
-
cpe:2.3:a:blender:blender:2.76
-
cpe:2.3:a:blender:blender:2.77
-
cpe:2.3:a:blender:blender:2.78
-
cpe:2.3:a:blender:blender:2.78c
-
cpe:2.3:a:blender:blender:2.79
-
cpe:2.3:a:blender:blender:2.80
-
cpe:2.3:a:blender:blender:2.81
-
cpe:2.3:a:blender:blender:2.82
-
cpe:2.3:a:blender:blender:2.83
-
cpe:2.3:a:blender:blender:2.83.1
-
cpe:2.3:a:blender:blender:2.83.10
-
cpe:2.3:a:blender:blender:2.83.12
-
cpe:2.3:a:blender:blender:2.83.13
-
cpe:2.3:a:blender:blender:2.83.14
-
cpe:2.3:a:blender:blender:2.83.15
-
cpe:2.3:a:blender:blender:2.83.16
-
cpe:2.3:a:blender:blender:2.83.17
-
cpe:2.3:a:blender:blender:2.83.18
-
cpe:2.3:a:blender:blender:2.83.2
-
cpe:2.3:a:blender:blender:2.83.3
-
cpe:2.3:a:blender:blender:2.83.4
-
cpe:2.3:a:blender:blender:2.83.5
-
cpe:2.3:a:blender:blender:2.83.6
-
cpe:2.3:a:blender:blender:2.83.6.1
-
cpe:2.3:a:blender:blender:2.83.7
-
cpe:2.3:a:blender:blender:2.83.8
-
cpe:2.3:a:blender:blender:2.83.9
-
cpe:2.3:a:blender:blender:2.90.0
-
cpe:2.3:a:blender:blender:2.90.1
-
cpe:2.3:a:blender:blender:2.91.0
-
cpe:2.3:a:blender:blender:2.91.2
-
cpe:2.3:a:blender:blender:2.92.0
-
cpe:2.3:a:blender:blender:2.93.0
-
cpe:2.3:a:blender:blender:2.93.1
-
cpe:2.3:a:blender:blender:2.93.2
-
cpe:2.3:a:blender:blender:2.93.3
-
cpe:2.3:a:blender:blender:2.93.4
-
cpe:2.3:a:blender:blender:2.93.5
-
cpe:2.3:a:blender:blender:2.93.6
-
cpe:2.3:a:blender:blender:2.93.7
-
cpe:2.3:a:blender:blender:3.0.0
-
cpe:2.3:a:blender:blender:3.0.1
-
cpe:2.3:o:debian:debian_linux:10.0
-
cpe:2.3:o:debian:debian_linux:11.0