Vulnerability Details : CVE-2021-21193
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Vulnerability category: Memory Corruption
CVE-2021-21193 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Google Chromium Blink Use-After-Free Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Google Chromium Blink contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and O
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2021-21193
Added on
2021-11-03
Action due date
2021-11-17
Exploit prediction scoring system (EPSS) score for CVE-2021-21193
1.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less