CVE-2021-21217

Medium

Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information…

Chrome·CWE-252·Published 2021-04-26

CVSS

5.5

EPSS

0.02

KEV

Exploits

cve.orgen

181 chars

Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.

NVDen

181 chars

Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.

NVDes

232 chars

Los datos no inicializados en PDFium en Google Chrome versiones anteriores a 90.0.4430.72, permitían a un atacante remoto obtener información potencialmente confidencial de la memoria del proceso por medio de un archivo PDF diseñado

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N