VDB

CVE-2021-28548

CVE-2021-28548 PUBLISHED CVSS 7.800000190734863 HIGH

Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

EPSS 22.48% · 95.9th percentile

Risk Scores

CVSS v3.0
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
22.48%
95.9th percentile

Affected Products

VendorProductVersions
AdobePhotoshopunspecified, unspecified, *
adobephotoshop0, 22.0

Timeline

  • Apr 15, 2021 CVE Published
  • Apr 16, 2021 EPSS Score
  • Apr 27, 2021 EPSS Score
  • Aug 26, 2021 EPSS Score
  • Oct 27, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Nov 7, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›