Lucene search

K

ChromeCVELIST:CVE-2021-21157

HistoryFeb 22, 2021 - 9:20 p.m.

CVE-2021-21157

2021-02-2221:20:37

Chrome

www.cve.org

3

google chrome

web sockets

linux

heap corruption

remote attacker

crafted html page

AI Score

9.3

Confidence

High

EPSS

0.006

Percentile

78.3%

Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CNA Affected

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "88.0.4324.182",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html

crbug.com/1170657

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI6ZIJQYP5DFMYVX4J5OGOU2NQLEZ3SB/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FE5SIKEVYTMDCC5OSXGOM2KRPYLHYMQX/

security.gentoo.org/glsa/202104-08

AI Score

9.3

Confidence

High

EPSS

0.006

Percentile

78.3%

Related for CVELIST:CVE-2021-21157

prion1 alpinelinux1 mscve1 nvd1 ubuntucve1 debiancve1 veracode1 cve1 nessus10 freebsd1 kaspersky3 openvas10 archlinux1 chrome1 fedora2 debian1 suse5 osv1 mageia1 gentoo1