CVE-2021-30581

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 92.0.4515.107

Description The issue is related to a use after free in DevTools, which could allow an attacker to potentially exploit heap corruption via a crafted HTML page if a user is convinced to install a malicious extension. This could lead to unauthorized access to protected information. The attacker must convince the user to install a malicious extension and then open a specially crafted HTML page to exploit the issue.

Recommendations For Google Chrome versions prior to 92.0.4515.107, update to version 92.0.4515.107 or later to resolve the issue. As a temporary workaround, consider avoiding the installation of extensions from untrusted sources and being cautious when opening links from unknown senders. Restrict access to the DevTools component to minimize the risk of exploitation until the update is applied.