Medium severity5.5NVD Advisory· Published May 2, 2022· Updated Jun 17, 2026
CVE-2021-42528
CVE-2021-42528
Description
XMP Toolkit 2021.07 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Affected products
2- Range: <=2021.07
- Adobe/XMP Toolkitv5Range: unspecified
Patches
Vulnerability mechanics
References
3- helpx.adobe.com/security/products/xmpcore/apsb21-108.htmlnvdVendor Advisory
- lists.debian.org/debian-lts-announce/2023/09/msg00032.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2025/08/msg00003.htmlnvd
News mentions
0No linked articles in our index yet.