Vulnerability Details : CVE-2021-38566
An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows stack consumption during recursive processing of embedded XML nodes.
Products affected by CVE-2021-38566
- cpe:2.3:a:foxitsoftware:pdf_reader:*:*:*:*:*:*:*:*
- cpe:2.3:a:foxitsoftware:pdf_editor:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-38566
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 42 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-38566
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2021-38566
-
The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-38566
-
https://www.foxitsoftware.com/support/security-bulletins.php
Security Bulletins | Foxit SoftwareVendor Advisory
Jump to