PT-2021-7874 · Google+1 · Google Chrome+1
David Erceg
·
Published
2021-05-25
·
Updated
2024-10-03
·
CVE-2021-4322
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 91.0.4472.77
Description
The issue is related to a use after free in DevTools, which allowed an attacker to execute arbitrary code via a crafted Chrome Extension if a user was convinced to install a malicious extension.
Recommendations
For Google Chrome versions prior to 91.0.4472.77, update to version 91.0.4472.77 or later to resolve the issue.
Exploit
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Google Chrome