Home
HIGH: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NDefault status
affected
Any version
affected
c2pa-v0.85.2 (custom)
unaffected
Default status
affected
Any version
affected
c2patool-v0.26.65 (custom)
unaffected
Default status
affected
Any version
affected
@contentauth/c2pa-web@0.9.0 (custom)
unaffected
Description
CAI Content Credentials is affected by an Insufficiently Protected Credentials vulnerability that could result in disclosure of sensitive information. An attacker could leverage this vulnerability to gain unauthorized read access. Exploitation of this issue does not require user interaction.
Problem types
Insufficiently Protected Credentials (CWE-522)
Product status
Any version
c2pa-v0.85.2 (custom)
Any version
c2patool-v0.26.65 (custom)
Any version
@contentauth/c2pa-web@0.9.0 (custom)
References
helpx.adobe.com/...s/content-authenticity-sdk/apsb26-80.html