CVE-2022-0546
High
Published: 24 February 2022
Published
24 February 2022
Modified
21 November 2024
KEV Added
—
Patch
—
CVSS Score v3.1
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.0047
64.9th percentile
Risk Priority
16
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2022-0546 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Debian Debian Linux. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 35.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-15668
Vulnerability details
A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
blender
blender
2.93.8, 3.0
fedoraproject
extra packages for enterprise linux
7.0
fedoraproject
fedora
34
debian
debian linux
10.0, 11.0, 9.0
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.