CVE-2025-47108
published 2025-06-10CVE-2025-47108: Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | substance3d_painter | <= 11.0.1 | — |
| adobe | substance_3d_painter | < 11.0.2 | 11.0.2 |
| msrc | azl3_cert-manager_1.12.15-3 | — | — |
| msrc | azl3_cloud-provider-kubevirt_0.5.1-1 | — | — |
| msrc | azl3_containerd_1.7.13-3 | — | — |
| msrc | azl3_containerd_1.7.13-8 | — | — |
| msrc | azl3_cri-tools_1.30.1-1 | — | — |
| msrc | azl3_docker-buildx_0.12.1-1 | — | — |
| msrc | azl3_docker-buildx_0.14.0-1 | — | — |
| msrc | azl3_docker-compose_2.24.6-2 | — | — |
| msrc | azl3_docker-compose_2.27.0-1 | — | — |
| msrc | azl3_etcd_3.5.21-1 | — | — |
| msrc | azl3_ig_0.29.0-1 | — | — |
| msrc | azl3_ig_0.30.0-1 | — | — |
| msrc | azl3_kube-vip-cloud-provider_0.0.10-1 | — | — |
| msrc | azl3_kube-vip-cloud-provider_0.0.10-4 | — | — |
| msrc | azl3_kubernetes_1.30.10-7 | — | — |
| msrc | azl3_moby-containerd-cc_1.7.7-3 | — | — |
| msrc | azl3_moby-containerd-cc_1.7.7-9 | — | — |
| msrc | azl3_moby-engine_25.0.3-13 | — | — |
| msrc | azl3_prometheus-adapter_0.11.2-1 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_moby-containerd-cc_1.7.2-3 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |