Candidate: CVE-2021-42529
PublicDate: 2022-05-02 23:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42529
 https://helpx.adobe.com/security/products/xmpcore/apsb21-108.html
 https://cgit.freedesktop.org/exempi/commit/?h=2.6.0&id=77a3fe7096f8ebf301e2bfe1e6dc023b4ff6dc48
 https://github.com/adobe/XMP-Toolkit-SDK/compare/v2021.07...v2021.08
Description:
 XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based
 buffer overflow vulnerability potentially resulting in arbitrary code
 execution in the context of the current user. Exploitation requires user
 interaction in that a victim must open a crafted file.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [7.8 HIGH]


Patches_exempi:
upstream_exempi: released (2.6.0-1)
esm-infra/xenial_exempi: needs-triage
bionic_exempi: needs-triage
focal_exempi: needs-triage
impish_exempi: needs-triage
jammy_exempi: needs-triage
devel_exempi: needs-triage

Patches_xmp:
upstream_xmp: needs-triage
bionic_xmp: needs-triage
focal_xmp: needs-triage
impish_xmp: needs-triage
jammy_xmp: needs-triage
devel_xmp: needs-triage