CVE-2021-36057

CVE Database · CVE-2021-36057

CVE-2021-36057

· LOWModified

CVSS v3.1

3.3

EPSS

0.60%

Published

Sep 1, 2021

Modified

Nov 3, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-what-where condition vulnerability caused during the application's memory allocation process. This may cause the memory management functions to become mismatched resulting in local application denial of service in the context of the current user.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Weaknesses (CWE)

CWE-123

Affected Products (2)

adobe · xmp_toolkit_software_development_kitvulnerable

debian · debian_linuxvulnerable

References (5)

https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html

PatchVendor Advisory

https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html

Mailing List

https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html

PatchVendor Advisory

https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html

Mailing List

https://lists.debian.org/debian-lts-announce/2025/08/msg00003.html

KEV Catalog EPSS Scores Vendors All CVEs