Primary

Context

Adobe Content Authenticity SDK Uncontrolled Resource Consumption Vulnerability Leading to Denial-of-Service

Vulnerability

A denial-of-service vulnerability due to uncontrolled resource consumption has been identified in Adobe Content Credentials versions 0.78.2, 0.7.0 and earlier. This vulnerability allows an attacker to exhaust system resources, causing an application denial-of-service condition. Exploitation does not require user interaction.

Impact

Exploitation of this vulnerability leads to application denial-of-service, causing the application to become unresponsive or unavailable.

Remediation

Users are advised to update to the latest versions of the Adobe Content Authenticity JS SDK or Rust SDK. The updated version for the JS SDK is @contentauth/c2pa-web@0.7.1, and for the Rust SDK, it is c2pa-v0.80.1.

Added: May 12, 2026, 8:58 PM

Updated: May 12, 2026, 8:58 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

8.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

8.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Adobe Content Authenticity SDK Uncontrolled Resource Consumption Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

Adobe Content Authenticity JS SDK

Adobe Content Authenticity Rust SDK

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating