6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
0.021 Low
EPSS
Percentile
89.1%
Chrome Releases reports:
This release contains 8 security fixes, including:
[1259864] High CVE-2021-37997 : Use after free in Sign-In.
Reported by Wei Yuan of MoyunSec VLab on 2021-10-14
[1259587] High CVE-2021-37998 : Use after free in Garbage
Collection. Reported by Cassidy Kim of Amber Security Lab, OPPO
Mobile Telecommunications Corp. Ltd. on 2021-10-13
[1251541] High CVE-2021-37999 : Insufficient data validation in
New Tab Page. Reported by Ashish Arun Dhone on 2021-09-21
[1249962] High CVE-2021-38000 : Insufficient validation of
untrusted input in Intents. Reported by Clement Lecigne, Neel
Mehta, and Maddie Stone of Google Threat Analysis Group on
2021-09-15
[1260577] High CVE-2021-38001 : Type Confusion in V8. Reported
by @s0rrymybad of Kunlun Lab via Tianfu Cup on 2021-10-16
[1260940] High CVE-2021-38002 : Use after free in Web Transport.
Reported by @__R0ng of 360 Alpha Lab, ? via Tianfu Cup on
2021-10-16
[1263462] High CVE-2021-38003 : Inappropriate implementation in
V8. Reported by ClΓ©ment Lecigne from Google TAG and Samuel Gross
from Google Project Zero on 2021-10-26
Google is aware that exploits for CVE-2021-38000 and
CVE-2021-38003 exist in the wild.
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
0.021 Low
EPSS
Percentile
89.1%