CVE-2021-42719

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-42719

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-42719.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-42719

Downstream

ALPINE-CVE-2021-42719

Published

2022-03-16T15:15:14Z

Modified

2025-05-30T18:01:23Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Adobe Bridge version 11.1.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted .jpe file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

References

https://helpx.adobe.com/security/products/bridge/apsb21-94.html

CVE-2021-42719

Affected packages