An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free. An attacker can send a malicious PDF to trigger this vulnerability.
Conclusion & alert: CVE-2019-5042 is rated High Exploit Risk (79.2/100): CVSS High severity, with medium exploitation likelihood (EPSS 2.06%).Core evidence: 1 public exploit reference(s) are indexed (Exploit-DB). EPSS rose +1.46% over the last day, indicating growing attacker interest.Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Public exploit references (Exploit-DB) for CVE-2019-5042
Exploit prediction scoring system (EPSS) score for CVE-2019-5042
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).