cvedb.io
CVE-2024-47438
MEDIUM · CVSS 5.5
EPSS exploitation probability: 0%
Published 2024-11-12T20:15:10.720 · Last modified 2026-06-17T07:57:06.190

Summary

Substance3D - Painter versions 10.1.0 and earlier are affected by a Write-what-where Condition vulnerability that could lead to a memory leak. This vulnerability allows an attacker to write a controlled value at a controlled memory location, which could result in the disclosure of sensitive memory content. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected products

adobe — substance_3d_painter

Does this affect you?

Add your gear to cvedb and we'll alert you only when adobe ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.