CVE-2022-2832

Опубликовано: 16 авг. 2022

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity.

Ссылки

https://developer.blender.org/D15463
Patch
Vendor Advisory
https://developer.blender.org/T99706
Exploit
Patch
Vendor Advisory
https://developer.blender.org/rB00dc7477022acdd969e4d709a235c0be819efa6c
Patch
Vendor Advisory
https://developer.blender.org/D15463
Patch
Vendor Advisory
https://developer.blender.org/T99706
Exploit
Patch
Vendor Advisory
https://developer.blender.org/rB00dc7477022acdd969e4d709a235c0be819efa6c
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:blender:blender:3.3.0:alpha:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00781

Низкий

7.5 High

CVSS3

Дефекты

CWE-395

CWE-476

Связанные уязвимости

CVE-2022-2832

CVSS3: 7.5

ubuntu

больше 3 лет назад

A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity.

CVE-2022-2832

CVSS3: 5.1

redhat

больше 3 лет назад

A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity.

CVE-2022-2832

CVSS3: 7.5

debian

больше 3 лет назад

A flaw was found in Blender 3.3.0. A null pointer dereference exists i ...

GHSA-jw85-mc7h-c36v

CVSS3: 7.5

github

больше 3 лет назад

When rendering with headless builds, show an error instead of crashing. Previously GPU_backend_init was called indirectly from DRW_opengl_context_create, a new function is now called from the window manager (GPU_backend_init_once), so it's possible to check if the GPU has a back-end. This also disables the bgl Python module when building WITH_HEADLESS.

EPSS

Процентиль: 73%

0.00781

Низкий

7.5 High

CVSS3

Дефекты

CWE-395

CWE-476