CVE-2022-38432: Buffer Overflow
First published: Fri Sep 16 2022(Updated: )
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Photoshop | >=22.0<=22.5.8 | |
| Adobe Photoshop | >=23.0<=23.4.2 | |
| Apple macOS | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this Adobe Photoshop vulnerability?
The vulnerability ID for this Adobe Photoshop vulnerability is CVE-2022-38432.
What is the severity of CVE-2022-38432?
CVE-2022-38432 has a severity rating of 7.8 (high).
Which versions of Adobe Photoshop are affected by CVE-2022-38432?
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by CVE-2022-38432.
How does CVE-2022-38432 potentially impact users?
CVE-2022-38432 could result in arbitrary code execution in the context of the current user if exploited.
How can CVE-2022-38432 be mitigated?
To mitigate CVE-2022-38432, users should update to the latest version of Adobe Photoshop.
- collector/nvd-index
- vendor/adobe
- canonical/adobe photoshop
- version/adobe photoshop/22.0
- version/adobe photoshop/22.5.8
- version/adobe photoshop/23.0
- version/adobe photoshop/23.4.2
- vendor/apple
- canonical/apple macos
- vendor/microsoft
- canonical/microsoft windows