CRITICAL 9.6 KEV Publié le 2021-10-08

CVE-2021-37973

Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CISA Known Exploited Vulnerability

Ajouté au KEV: 2021-11-03
Deadline remédiation: 2021-11-17
Action requise: Apply updates per vendor instructions.
Ransomware: Non

Apps mobiles affectées

com.google.chrome.ios

1 CVE 1 KEV

Configurations CPE vulnérables

Vendor	Produit	Plateforme	Versions	CPE 2.3 URI
google	chrome	Android	<94.0.4606.61	cpe:2.3:a:google:chrome::::::::
google	chrome	iOS	<94.0.4606.61	cpe:2.3:a:google:chrome::::::::

Voir sur NVD ↗ Catalogue CISA KEV ↗