CVE-2021-42719: 
Adobe Bridge vulnerability analysis and mitigation

Adobe Bridge version 11.1.1 and earlier versions were found to contain an out-of-bounds read vulnerability when parsing crafted .jpe files. The vulnerability was assigned CVE-2021-42719 and was publicly disclosed in March 2022. This security flaw affects Adobe Bridge software installations and requires user interaction to be exploited (NVD).

The vulnerability is classified as an out-of-bounds read issue that occurs when parsing a crafted .jpe file, which could result in a read past the end of an allocated memory structure. The vulnerability has received a CVSS v3.1 base score of 7.8 (High) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H according to NVD's assessment (NVD).

If successfully exploited, this vulnerability could allow an attacker to execute code in the context of the current user. The exploitation requires user interaction, specifically requiring a victim to open a malicious file (NVD).

Adobe has released patches to address this vulnerability. The advisory for Bridge is listed as priority 2 for patching, which means that administrators are recommended to patch within 30 days due to the product's historically elevated risk for exploitation (Threatpost).

The vulnerability was discovered and reported as part of a larger security update from Adobe that addressed multiple vulnerabilities. The discovery was credited to researchers from the TopSec Alpha Team (Threatpost).