Home
MEDIUM: 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:NDefault status
affected
Any version
affected
c2pa-v0.85.2 (custom)
unaffected
Default status
affected
Any version
affected
c2patool-v0.26.65 (custom)
unaffected
Default status
affected
Any version
affected
@contentauth/c2pa-web@0.9.0 (custom)
unaffected
Description
CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user interaction.
Problem types
Improper Input Validation (CWE-20)
Product status
Any version
c2pa-v0.85.2 (custom)
Any version
c2patool-v0.26.65 (custom)
Any version
@contentauth/c2pa-web@0.9.0 (custom)
References
helpx.adobe.com/...s/content-authenticity-sdk/apsb26-80.html