Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.48%
Published
2021-11-23
Updated
2022-02-28
Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.48%
Published
2021-11-23
Updated
2022-02-28
Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.
Max CVSS
6.1
EPSS Score
0.18%
Published
2021-11-23
Updated
2022-02-28

CVE-2021-38000

Known exploited
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.
Max CVSS
6.1
EPSS Score
0.40%
Published
2021-11-23
Updated
2024-02-15
CISA KEV Added
2021-11-03
Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.52%
Published
2021-11-23
Updated
2022-02-28
Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
Max CVSS
9.6
EPSS Score
0.22%
Published
2021-11-23
Updated
2022-02-28

CVE-2021-38003

Known exploited
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
1.75%
Published
2021-11-23
Updated
2022-02-18
CISA KEV Added
2021-11-03
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Max CVSS
4.3
EPSS Score
0.18%
Published
2021-11-23
Updated
2022-02-18
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!