cbcvebase.
CVE-2021-21796
published 2021-10-18

CVE-2021-21796: An exploitable use-after-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause an object…

PriorityP346high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
15.78%
96.5th percentile
An exploitable use-after-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause an object containing the path to a document to be destroyed and then later reused, resulting in a use-after-free vulnerability, which can lead to code execution under the context of the application. An attacker can convince a user to open a document to trigger this vulnerability.

Affected

4 ranges
VendorProductVersion rangeFixed in
gonitronitro_pro
gonitronitro_pro
gonitronitro_pro
linuxlinux_kernel>= 0 < 4.4.0-273.3074.4.0-273.307

Detection & IOCsextracted from sources · hover to see the quote

snort
57303
snort
57304
snort
57294
snort
57295
  • Trigger point is the JavaScript engine in Nitro Pro PDF — monitor for PDF files opened in Nitro Pro that invoke JavaScript causing a use-after-free on the document path object.
  • Confirmed vulnerable versions are Nitro Pro 13.31.0.605 and 13.33.2.645 — use version detection to identify unpatched installations.

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.