CVE-2021-36053

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-36053

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-36053.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-36053

Downstream

DEBIAN-CVE-2021-36053

DLA-3585-1

DLA-4264-1

UBUNTU-CVE-2021-36053

USN-5483-1

Related

MGASA-2022-0236

Published

2021-09-01T15:15:10Z

Modified

2025-09-19T13:06:23.096049Z

Severity

3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

References

Affected packages

Git / github.com/adobe/xmp-toolkit-sdk

Affected ranges

Type: GIT
Repo: https://github.com/adobe/xmp-toolkit-sdk
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

42eb5267d1ffc1d22066438599a9e2dec020d9ca

Affected versions

v2020.*

v2020.1