Описание
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| exempi | fixed | 2.6.0-1 | package |
Примечания
https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
https://gitlab.freedesktop.org/libopenraw/exempi/-/releases
EPSS
Связанные уязвимости
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Уязвимость программного обеспечения создания метаданных, обработки и обмена набором стандартов Adobe XMP-Toolkit-SDK, связанная с ошибками переполнения буфера в динамической памяти, позволяющая нарушителю вызвать отказ в обслуживании
EPSS