CVE-2021-37973 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-37973 PUBLISHED CVSS 9.6 CRITICAL

Reported by Chrome · Published October 8, 2021

Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Risk Scores

CVSS v3.1

9.6

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Google	Chrome	unspecified
Google	Chrome	unspecified

Timeline

Sep 24, 2021 PoC Published
Oct 8, 2021 CVE Published
Oct 9, 2021 EPSS Score
Nov 3, 2021 CISA KEV Added
Dec 4, 2021 EPSS Score
Jan 29, 2022 EPSS Score
Mar 26, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Jul 17, 2022 EPSS Score
Nov 6, 2022 EPSS Score
Feb 27, 2023 EPSS Score
Apr 24, 2023 EPSS Score

References

x_refsource_MISC
x_refsource_MISC
FEDORA-2021-ab09a05562 vendor-advisoryx_refsource_FEDORA
FEDORA-2021-591b3a2af0 vendor-advisoryx_refsource_FEDORA
DSA-5046 vendor-advisoryx_refsource_DEBIAN
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-37973 url

Open in Interactive Console →