CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2832 – blender: Null pointer reference in blender thumbnail extractor
https://notcve.org/view.php?id=CVE-2022-2832
16 Aug 2022 — A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity. Se ha encontrado un fallo en Blender 3.3.0. Existe una desviación de puntero nulo en source/blender/gpu/opengl/gl_backend.cc que puede conducir a la pérdida de confidencialidad e integridad OpenShift sandboxed containers support for OpenShift Container Platform provides users with built-in support for running Kata containers as an additional,... • https://developer.blender.org/D15463 • CWE-395: Use of NullPointerException Catch to Detect NULL Pointer Dereference CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2833
https://notcve.org/view.php?id=CVE-2022-2833
16 Aug 2022 — Endless Infinite loop in Blender-thumnailing due to logical bugs. Un Bucle Infinito en Blender-thumnailing debido a bugs lógicos. • https://developer.blender.org/T99711 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2831
https://notcve.org/view.php?id=CVE-2022-2831
16 Aug 2022 — A flaw was found in Blender 3.3.0. An interger overflow in source/blender/blendthumb/src/blendthumb_extract.cc may lead to program crash or memory corruption. Se ha encontrado un fallo en Blender 3.3.0. Un desbordamiento de interger en source/blender/blendthumb/src/blendthumb_extract.cc puede llevar a la caída del programa o a la corrupción de la memoria • https://developer.blender.org/T99705 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 72EXPL: 3CVE-2013-6342 – Tweet Blender <= 4.0.1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2013-6342
18 Nov 2013 — Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-admin/options-general.php. Vulnerabilidad de XSS en el plugin Tweet Blender anterior a la versión 4.0.2 para WordPress permite a atacantes remotos inyectar script web o HTML arbitrario a través del parámetro tb_tab_index a wp-admin/options-general.php. WordPress Tweet Blender plugin version 4.0.1 suffers from a cro... • https://packetstorm.news/files/id/124047 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •