CVE-2025-30328: 
NixOS vulnerability analysis and mitigation

Adobe Animate versions 24.0.8, 23.0.11 and earlier are affected by an out-of-bounds write vulnerability identified as CVE-2025-30328. The vulnerability was discovered and reported to Adobe Systems Incorporated, with the initial CVE record being created on March 20, 2025. The affected systems include both Windows and macOS operating systems running Adobe Animate software (NVD Database, CVE Mitre).

The vulnerability is classified as an out-of-bounds write issue (CWE-787). Adobe Systems Incorporated has assigned this vulnerability a CVSS v3.1 base score of 7.8 (HIGH), with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates that the vulnerability requires local access and user interaction, but no privileges, while potentially impacting confidentiality, integrity, and availability at high levels (NVD Database).

If successfully exploited, this vulnerability could result in arbitrary code execution in the context of the current user. The high CVSS score indicates significant potential impact on system security, affecting confidentiality, integrity, and availability of the system (NVD Database).

Adobe has released updates addressing this vulnerability in versions after 24.0.8 and 23.0.11. Users are advised to update to the latest version of Adobe Animate to mitigate this security risk (Adobe Advisory).