CVE-2021-36058

Опубликовано: 01 сент. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer Overflow vulnerability potentially resulting in application-level denial of service in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.

Ссылки

https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html
Mailing List
https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html
Mailing List
https://lists.debian.org/debian-lts-announce/2025/08/msg00003.html

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:adobe:xmp_toolkit_software_development_kit:*:*:*:*:*:*:*:*

Версия до 2020.1 (включая)

Конфигурация 2

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00307

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

CVE-2021-36058

CVSS3: 5.5

ubuntu

больше 4 лет назад

CVE-2021-36058

CVSS3: 5.5

debian

больше 4 лет назад

XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer ...

GHSA-2w63-8xxm-4qvq

CVSS3: 5.5

github

больше 3 лет назад

EPSS

Процентиль: 53%

0.00307

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-190