CVE-2021-28575: 
NixOS vulnerability analysis and mitigation

Adobe Animate version 21.0.5 and earlier versions are affected by an Out-of-bounds Read vulnerability (CVE-2021-28575). The vulnerability was discovered and reported on March 16, 2021, and Adobe released security updates on June 23, 2021. This security flaw affects Adobe Animate software running on Microsoft Windows systems (NVD, CVE).

The vulnerability is classified as an Out-of-bounds Read (CWE-125) that occurs when parsing specially crafted files. The vulnerability has received a CVSS v3.1 Base Score of 4.3 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N. Under CVSS v2.0, it also received a Base Score of 4.3 with the vector string (AV:N/AC:M/Au:N/C:P/I:N/A:N) (NVD).

If successfully exploited, this vulnerability could lead to the disclosure of sensitive information in the context of the current user. The impact is limited to information disclosure, with no direct impact on system integrity or availability (NVD).

Adobe has released security updates to address this vulnerability. Users are advised to update to the latest version of Adobe Animate. The vulnerability affects versions up to and including 21.0.5, and users should ensure they are running a patched version of the software (Adobe Advisory).