Vulnerability · NVD

CVE-2021-21205

HIGH 8.1 Published on 2021-04-26

Insufficient policy enforcement in navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

Attack vector : Network No privileges required

Show raw CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

EPSS 0.71% above median percentile 72.6%

Tracked apps referencing this CVE

For each app: the affected range, the fixing version, and where the tracked app stands today.

Google Chrome iOS com.google.chrome.ios

Affected <90.0.4430.72 Fixed in 90.0.4430.72 Latest tracked 149.0.8727.45 patched

Vulnerable CPE configurations (1)

Vendor	Product	Platform	Versions	CPE 2.3 URI
google	chrome iOS	iOS	<90.0.4430.72	cpe:2.3:a:google:chrome::::::iphone_os::*

View on NVD ↗