An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1.
[
{
"product": "Blender",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Blender versions prior to 2.83.19, 2.93.8 and 3.1"
}
]
}
]