PT-2021-3704 · Google+5 · Google Chrome+5

Nick Wellnhofer

·

Published

2021-06-12

·

Updated

2026-03-13

·

CVE-2021-30560

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 91.0.4472.164
Description The issue is related to a use after free in Blink XSLT, which can potentially allow a remote attacker to exploit heap corruption via a crafted HTML page. This could lead to a denial of service.
Recommendations For versions prior to 91.0.4472.164, update to version 91.0.4472.164 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially malicious HTML pages until the update is applied.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_16880
ALT-PU-2021-2265
ALT-PU-2021-2290
ALT-PU-2021-2409
ALT-PU-2021-2411
ALT-PU-2021-2574
ALT-PU-2021-2627
ALT-PU-2022-1472
ALT-PU-2024-15136
ALT-PU-2024-7058
AZL-9735
BDU:2021-03941
CVE-2021-30560
DLA-3101-1
DSA-5216-1
GHSA-59GP-QQM7-CW4J
MGASA-2022-0341
OESA-2022-2098
OPENSUSE-SU-2021:1073-1
OPENSUSE-SU-2021:1074-1
OPENSUSE-SU-2021:1095-1
OPENSUSE-SU-2021:1096-1
OPENSUSE-SU-2021_1073-1
OPENSUSE-SU-2021_1095-1
OPENSUSE-SU-2021_1096-1
OPENSUSE-SU-2022:0110-1
OPENSUSE-SU-2022_0110-1
OPENSUSE-SU-2024:10681-1
OPENSUSE-SU-2024:10977-1
OPENSUSE-SU-2024:11912-1
OPENSUSE-SU-2024:12423-1
OPENSUSE-SU-2024:12948-1
OPENSUSE-SU-2024:13165-1
OPENSUSE-SU-2024:14174-1
OPENSUSE-SU-2025:14697-1
OPENSUSE-SU-2026:10356-1
SUSE-SU-2023:0556-1
SUSE-SU-2023:0557-1
SUSE-SU-2023:0680-1
SUSE-SU-2023_0556-1
SUSE-SU-2023_0557-1
SUSE-SU-2023_0680-1
USN-5575-1
USN-5575-2

Affected Products

Alt Linux
Astra Linux
Google Chrome
Linuxmint
Suse
Ubuntu