0.004 Low
EPSS
Percentile
73.1%
Google Chrome is vulnerable to authorization bypass. This is because the insufficient policy enforcement in background fetch in prior to 96.0.4664.45 allows a remote attacker to bypass same origin policy via a crafted HTML page.
git://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2021-38016
chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html
crbug.com/1244289
lists.fedoraproject.org/archives/list/[email protected]/message/3W46HRT2UVHWSLZB6JZHQF6JNQWKV744/
www.debian.org/security/2022/dsa-5046