CVE-2021-4321

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 91.0.4472.77

Description The issue exists due to insufficient input validation in the Blink rendering engine of Google Chrome, allowing a remote attacker to bypass existing security restrictions. This can be achieved via a crafted HTML page, enabling the attacker to bypass content security policy. The estimated number of potentially affected devices and details about real-world incidents are not specified.

Recommendations For versions prior to 91.0.4472.77, update to version 91.0.4472.77 or later to resolve the issue. As a temporary workaround, consider restricting access to crafted HTML pages that could exploit this issue until a patch is applied. Avoid using the vulnerable Blink rendering engine for sensitive operations until the update is installed.