Blender 2.28

CPE Details

Blender 2.28
blender
blender
2.28
2022-07-06
09h40 +00:00
2022-07-06
09h50 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:blender:blender:2.28:-:*:*:*:*:*:*

Informations

Vendor

blender

Product

blender

Version

2.28

Update

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-0545 2022-02-24 17h27 +00:00 An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1.
7.8
Haute
CVE-2022-0544 2022-02-24 17h27 +00:00 An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1.
5.5
Moyen
CVE-2010-5105 2014-04-27 18h00 +00:00 The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103.
3.3
CVE-2008-1103 2008-04-28 16h21 +00:00 Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues."
6.9
CVE-2007-1253 2007-03-03 19h00 +00:00 Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender 0.1.9h, as used in (b) Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted (1) KML or (2) KMZ file.
9.3