CVE-2021-42720
7.8
HIGH
CVSS 3.1
EPSS 11.2%
Description
Adobe Bridge version 11.1.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
How to fix CVE-2021-42720
To remediate CVE-2021-42720, upgrade the affected package to a fixed version below.
- —upgrade to 0 or later
Is CVE-2021-42720 being exploited?
Moderate — EPSS is 11.2%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |