CVE-2021-38000
Google Chromium Intents Improper Input Validation Vulnerability
CVSS
—
Sin CVSS
EPSS
4.5%
p90
KEV
SÍ
3 nov 2021
Exploit Today
77
0-100
Publicado: — · Última mod.: —
Producto
Google / Chromium Intents
Vulnerabilidad
Google Chromium Intents Improper Input Validation Vulnerability
Añadido a KEV
3 nov 2021
Remediar antes de
17 nov 2021
Uso conocido en ransomware
No
Descripción resumida
Google Chromium Intents contains an improper input validation vulnerability that allows a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Acción requerida
Apply updates per vendor instructions.
Notas
https://nvd.nist.gov/vuln/detail/CVE-2021-38000