Use of Uninitialized Resource
CVE-2021-21190
Summary
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- HIGH
CWE-908 - Use of Uninitialized Resource
The software uses or accesses a resource that has not been initialized.
References
Advisory Timeline
- Published