CVE-2021-38003 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-38003 PUBLISHED CVSS 8.8 HIGH

Reported by Chrome · Published November 23, 2021

Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Risk Scores

CVSS v3.1

8.8

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Google	Chrome	unspecified
Google	Chrome	unspecified

Timeline

Oct 28, 2021 PoC Published
Nov 3, 2021 CISA KEV Added
Nov 23, 2021 CVE Published
Nov 24, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Mar 7, 2023 EPSS Score
May 7, 2024 EPSS Score
Sep 3, 2024 EPSS Score
Mar 17, 2025 EPSS Score
Mar 19, 2025 EPSS Score
Mar 27, 2025 EPSS Score

References

x_refsource_MISC
x_refsource_MISC
FEDORA-2021-6a292e2cf4 vendor-advisoryx_refsource_FEDORA
DSA-5046 vendor-advisoryx_refsource_DEBIAN
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-38003 url

Open in Interactive Console →