CVE-2021-40716

🗓️ 29 Sep 2021 15:41:13Reported by adobeType

XMP Toolkit SDK 2021.07 and earlier versions are affected by out-of-bounds read vulnerability, leading to memory disclosure

Reporter	Title	Published	Views	Family All 54
AstraLinux	Astra Linux - уязвимость в exempi	20 May 202605:53	–	astralinux
BDU FSTEC	The vulnerability of the Adobe XMP-Toolkit-SDK software, related to reading beyond the buffer in memory, allows a perpetrator to gain unauthorized access to protected information.	13 Apr 202200:00	–	bdu_fstec
Circl	CVE-2021-40716	29 Sep 202120:37	–	circl
CNNVD	Adobe XMP Toolkit SDK 缓冲区错误漏洞	14 Sep 202100:00	–	cnnvd
CNVD	Adobe XMP Toolkit SDK Out-of-Bounds Read Vulnerability (CNVD-2021-79742)	15 Sep 202100:00	–	cnvd
Cvelist	CVE-2021-40716 XMP Toolkit SDK SVG_Adapter Out-of-bounds Read Information Disclosure	29 Sep 202115:41	–	cvelist
Debian	[SECURITY] [DLA 3585-1] exempi security update	25 Sep 202322:37	–	debian
Debian	[SECURITY] [DLA 4264-1] exempi security update	4 Aug 202508:31	–	debian
Debian CVE	CVE-2021-40716	29 Sep 202115:41	–	debiancve
Tenable Nessus	Debian dla-3585 : exempi - security update	26 Sep 202300:00	–	nessus

NVD

Vulners

Node

adobe xmp_toolkit_software_development_kitRange≤2021.07

Node

debian debian_linuxMatch10.0

[
  {
    "vendor": "Adobe",
    "product": "XMP Toolkit",
    "versions": [
      {
        "version": "unspecified",
        "lessThanOrEqual": "2021.07",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "unspecified",
        "lessThanOrEqual": "None",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
helpx	www.helpx.adobe.com/security/products/xmpcore/apsb21-85.html
lists	www.lists.debian.org/debian-lts-announce/2023/09/msg00032.html
lists	www.lists.debian.org/debian-lts-announce/2025/08/msg00003.html

03 Nov 2025 20:15Current

5.4Medium risk

Vulners AI Score5.4

CVSS 24.3

CVSS 3.15.5

CVSS 35.5

EPSS0.00253

CWE-125