MEDIUM 6.1 KEV Publié le 2021-11-23

CVE-2021-38000

Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA Known Exploited Vulnerability

Ajouté au KEV: 2021-11-03
Deadline remédiation: 2021-11-17
Action requise: Apply updates per vendor instructions.
Ransomware: Non

Apps mobiles affectées

com.google.chrome.ios

1 CVE 1 KEV

Configurations CPE vulnérables

Vendor	Produit	Plateforme	Versions	CPE 2.3 URI
google	chrome	Android	<95.0.4638.69	cpe:2.3:a:google:chrome::::::::
google	chrome	iOS	<95.0.4638.69	cpe:2.3:a:google:chrome::::::::

Voir sur NVD ↗ Catalogue CISA KEV ↗