exploitDog

CVE-2025-21155

Опубликовано: 11 фев. 2025

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

Substance3D - Stager versions 3.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Ссылки

https://helpx.adobe.com/security/products/substance3d_stager/apsb25-09.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:adobe:substance_3d_stager:*:*:*:*:*:*:*:*

Версия до 3.1.1 (исключая)

Одно из

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 11%

0.00037

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476

Связанные уязвимости

GHSA-hh9v-pv5p-4675

CVSS3: 5.5

github

12 месяцев назад

Substance3D - Stager versions 3.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

EPSS

Процентиль: 11%

0.00037

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476