CVE-2023-38210

2023-08-1014:15:12

CWE-400

[email protected]

web.nvd.nist.gov

adobe

xmp toolkit

2022

uncontrolled resource consumption

vulnerability

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

23.6%

JSON

Adobe XMP Toolkit versions 2022.06 is affected by a Uncontrolled Resource Consumption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected configurations

Vulners

NVD

Node

adobexmp_toolkitRange≤2022.06

VendorProductVersionCPE
adobexmp_toolkit*cpe:2.3:a:adobe:xmp_toolkit:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	xmp_toolkit	*	cpe:2.3:a:adobe:xmp_toolkit::::::::

CNA Affected

[
  {
    "defaultStatus": "affected",
    "product": "XMP Toolkit",
    "vendor": "Adobe",
    "versions": [
      {
        "lessThanOrEqual": "2022.06",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]