CVE-2021-43012: 
NixOS vulnerability analysis and mitigation

Adobe Prelude version 10.1 and earlier versions are affected by a memory corruption vulnerability identified as CVE-2021-43012. The vulnerability was disclosed on October 28, 2021, and affects Adobe's Prelude software running on Microsoft Windows systems (NVD).

The vulnerability is classified as a memory corruption issue, specifically related to improper restriction of operations within memory buffer bounds (CWE-119) and access of memory location after end of buffer (CWE-788). It has received a CVSS v3.1 base score of 7.8 (High) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, and a CVSS v2.0 score of 9.3 (NVD).

If successfully exploited, this vulnerability could allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. The vulnerability affects the confidentiality, integrity, and availability of the system with high severity ratings across all three aspects (NVD).

Adobe has released patches to address this vulnerability through security bulletin APSB21-96. Users are advised to update to the latest version of Adobe Prelude to mitigate this security risk (Adobe Security).