CVE-2021-38000 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-38000 PUBLISHED CVSS 6.1 MEDIUM

Reported by Chrome · Published November 23, 2021

Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.

Risk Scores

CVSS v3.1

6.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
Google	Chrome	unspecified
Google	Chrome	unspecified
google	android	-
google	chrome	0

Timeline

Oct 28, 2021 PoC Published
Nov 3, 2021 CISA KEV Added
Nov 8, 2021 CVE Published
Nov 24, 2021 EPSS Score
Jan 7, 2022 EPSS Score
Jan 17, 2022 EPSS Score
Mar 13, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Jun 30, 2022 EPSS Score
Aug 24, 2022 EPSS Score
Dec 11, 2022 EPSS Score
Feb 4, 2023 EPSS Score

References

x_refsource_MISC
x_refsource_MISC
FEDORA-2021-6a292e2cf4 vendor-advisoryx_refsource_FEDORA
DSA-5046 vendor-advisoryx_refsource_DEBIAN
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-38000 url

Open in Interactive Console →