VDB
GCVE-110-MAGEIA-2018-332
GCVE-110-MAGEIA-2018-332
Advisory Published
Updated blender package fixes security vulnerabilities:
Multiple vulnerabilities have been discovered in various parsers of Blender.
Malformed .blend model files and malformed multimedia files (AVI, BMP, HDR,
CIN, IRIS, PNG, TIFF) may result in the execution of arbitrary code
(CVE-2017-2899, CVE-2017-2900, CVE-2017-2901, CVE-2017-2902, CVE-2017-2903,
CVE-2017-2904, CVE-2017-2905, CVE-2017-2906, CVE-2017-2907, CVE-2017-2908,
CVE-2017-2918, CVE-2017-12081, CVE-2017-12082, CVE-2017-12086,
CVE-2017-12099, CVE-2017-12100, CVE-2017-12101, CVE-2017-12102,
CVE-2017-12103, CVE-2017-12104, CVE-2017-12105).
These issues are fixed by updating to the latest upstream 2.79b release,
which brings many improvements, bug fixes and new features. See the
referenced changelog for details.
Also, the yafaray package has been updated to the latest version, 3.3.0, to
make it work with the new Blender addons path.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | yafaray | 0 (affected), 3.3.0-1.2.mga6 (unaffected) | — |
| Mageia | blender | 0 (affected), 2.79b-1.1.mga6 (unaffected) | — |
References
Browse GCVE Records
73,118 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.