CVE-2021-40716

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-40716

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-40716.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-40716

Related

Published

2021-09-29T16:15:11Z

Modified

2024-09-18T03:16:11.255225Z

Summary

[none]

Details

XMP Toolkit SDK versions 2021.07 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

References

Affected packages

Debian:11 / exempi

Package

Name: exempi
Purl: pkg:deb/debian/exempi?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.5.2-1

2.6.0-1

2.6.1-1

2.6.1-2

2.6.2-1

2.6.2-2

2.6.3-1

2.6.4-1

2.6.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / exempi

Package

Name: exempi
Purl: pkg:deb/debian/exempi?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / exempi

Package

Name: exempi
Purl: pkg:deb/debian/exempi?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}