GCVE - cpe:2.3:a:n/a:blender:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:blender:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Blender (`d3c9f9fc-faca-5062-9931-e57537a9670d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-2833`	vulnerable	2026-06-08 05:43:36.585370	Details available Endless Infinite loop in Blender-thumnailing due to logical bugs. Published: 2022-08-16T19:24:35.000Z Updated: 2024-08-03T00:52:59.306Z Open on db.gcve.eu Reference links https://developer.blender.org/rB24a2b5cb1292f769dd86e314471443976d5e9512 https://developer.blender.org/T99711	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-2832`	vulnerable	2026-06-08 05:43:36.584958	Details available A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity. Published: 2022-08-16T19:26:05.000Z Updated: 2024-08-03T00:52:59.535Z Open on db.gcve.eu Reference links https://developer.blender.org/T99706 https://developer.blender.org/D15463 https://developer.blender.org/rB00dc7477022acdd969e4d709a235c0be819efa6c	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-2831`	vulnerable	2026-06-08 05:43:36.583780	Details available A flaw was found in Blender 3.3.0. An interger overflow in source/blender/blendthumb/src/blendthumb_extract.cc may lead to program crash or memory corruption. Published: 2022-08-16T19:21:14.000Z Updated: 2024-08-03T00:52:58.915Z Open on db.gcve.eu Reference links https://developer.blender.org/T99705 https://developer.blender.org/rBb1329d7eaa52a11c73b75d19d20bd8f6d11ac535 https://developer.blender.org/rB32df09b2416a6961704eca0fe73534c8c4e715b2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-0546`	vulnerable	2026-06-08 05:39:10.267034	Details available A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution. Published: 2022-02-24T18:27:17.000Z Updated: 2024-08-02T23:32:45.994Z Open on db.gcve.eu Reference links https://developer.blender.org/T94572 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GIZADV3AHTWZ2YKEFTVLNK3K4F4KTYLM/ https://lists.debian.org/debian-lts-announce/2022/06/msg00021.html https://www.debian.org/security/2022/dsa-5176	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-0545`	vulnerable	2026-06-08 05:39:10.266281	Details available An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1. Published: 2022-02-24T18:27:16.000Z Updated: 2024-08-02T23:32:46.403Z Open on db.gcve.eu Reference links https://developer.blender.org/T94629 https://lists.debian.org/debian-lts-announce/2022/06/msg00021.html https://www.debian.org/security/2022/dsa-5176	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-0544`	vulnerable	2026-06-08 05:39:10.264490	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.