Adobe has released security updates for ColdFusion, After Effects and Digital Editions products.
The ColdFusion security updates (APSB20-18) address three Important vulnerabilities that could lead to information disclosure, privilege escalation or a denial-of-service. The vulnerabilities are listed as CVE-2020-3767, CVE-2020-3768 and CVE-2020-3796.
Adobe also added recommended users will need to update your ColdFusion JDK/JRE to the latest version of the LTS releases for 1.8 and JDK 11.
“Applying the ColdFusion update without a corresponding JDK update will NOT secure the server,” Adobe added.
Each of the updates address an Important vulnerability that could result in information disclosure.