CVE-2022-2832 — Vulnetix

CVE-2022-2832 PUBLISHED

A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity.

EPSS 0.58% · 69.2th percentile

Risk Scores

EPSS Score

0.58%

69.2th percentile

Affected Products

Vendor	Product	Versions
blender	blender	3.3.0
n/a	Blender	Blender 3.3.0

Exploit Intelligence

https://developer.blender.org/T99706 (nist-nvd)
https://developer.blender.org/D15463 (circl)
https://developer.blender.org/rB00dc7477022acdd969e4d709a235c0be819efa6c (circl)

Timeline

Aug 16, 2022 CVE Published
Aug 17, 2022 EPSS Score
Oct 2, 2022 EPSS Score
Nov 17, 2022 EPSS Score
Jan 2, 2023 EPSS Score
Feb 17, 2023 EPSS Score
Apr 4, 2023 EPSS Score
May 20, 2023 EPSS Score
Jul 5, 2023 EPSS Score
Aug 19, 2023 EPSS Score
Oct 4, 2023 EPSS Score
Nov 19, 2023 EPSS Score

References

https://developer.blender.org/T99706 url
https://developer.blender.org/D15463 url
https://developer.blender.org/rB00dc7477022acdd969e4d709a235c0be819efa6c url
https://nvd.nist.gov/vuln/detail/CVE-2022-2832 advisory
https://access.redhat.com/errata/RHSA-2022:7058 url
https://access.redhat.com/security/cve/CVE-2022-2832 url
https://bugzilla.redhat.com/show_bug.cgi?id=2118556 url

Open in Interactive Console →