CVE-2020-10222 — Out-of-bounds Write in Nitro PRO

Severity

8.1HIGHNVD

EPSS

0.0%

top 94.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMar 8

Latest updateMay 24

Description

npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to Heap Corruption at npdf!nitro::get_property+2381 via a crafted PDF document.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:HExploitability: 2.8 | Impact: 5.2

▶NVDgonitro/nitro_pro< 13.13.2.242

GHSA

GHSA-5gh8-c6m6-qm88: npdf↗2022-05-24

▶

CVEList

CVE-2020-10222: npdf↗2020-03-08

▶