CVE-2021-21190

High

Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information…

Chrome·CWE-908·Published 2021-03-09

CVSS

8.8

EPSS

0.01

KEV

Exploits

cve.orgen

181 chars

Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.

NVDen

181 chars

Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.

NVDes

230 chars

Datos no inicializados en PDFium en Google Chrome versiones anteriores a 89.0.4389.72, permitió a un atacante remoto obtener información potencialmente confidencial desde la memoria del proceso por medio de un archivo PDF diseñado

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H