Unrated severityNVD Advisory· Published Oct 18, 2021· Updated Aug 3, 2024

CVE-2021-21796

Description

An exploitable use-after-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause an object containing the path to a document to be destroyed and then later reused, resulting in a use-after-free vulnerability, which can lead to code execution under the context of the application. An attacker can convince a user to open a document to trigger this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Nitro Pro PDF/Nitro Pro PDFdescription
Nitro/Prollm-fuzzy

Patches

Vulnerability mechanics

References

talosintelligence.com/vulnerability_reports/TALOS-2021-1265mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.013
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000