What the vulnerability does

01Description

A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution.

Key dates

02Disclosure timeline

February 24, 2022 CVE published
August 2, 2024 Record updated