CVE-2021-38569
First published: Wed Aug 11 2021(Updated: )
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows stack consumption via recursive function calls during the handling of XFA forms or link objects.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Foxitsoftware Foxit Reader | <10.1.4 | |
| Foxitsoftware Phantompdf | <10.1.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-38569?
CVE-2021-38569 is a vulnerability discovered in Foxit Reader and PhantomPDF before version 10.1.4 that allows stack consumption via recursive function calls during the handling of XFA forms or link objects.
What software versions are affected by CVE-2021-38569?
Foxit Reader and PhantomPDF versions up to and excluding 10.1.4 are affected by CVE-2021-38569.
How severe is CVE-2021-38569?
CVE-2021-38569 has a severity rating of 7.5 (high).
How can I fix CVE-2021-38569?
To fix CVE-2021-38569, you should update Foxit Reader and PhantomPDF to version 10.1.4 or later.
Where can I find more information about CVE-2021-38569?
You can find more information about CVE-2021-38569 in the security bulletins section of the Foxit Software support website.
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/foxitsoftware
- canonical/foxitsoftware foxit reader
- canonical/foxitsoftware phantompdf