Published: 23/12/2021 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Insufficient policy enforcement in iframe sandbox in Google Chrome before 96.0.4664.45 allowed a remote malicious user to bypass navigation restrictions via a crafted HTML page.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome
fedoraproject fedora 34
debian debian linux 10.0
debian debian linux 11.0

Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure For the oldstable distribution (buster), security support for Chromium has been discontinued due to toolchain issues which no longer allow to build current Chromium releases on buster You can eit ...

An insufficient policy enforcement security issue has been found in the iframe sandbox component of the Chromium browser engine before version 960466445 ...

The Chrome team is delighted to announce the promotion of Chrome 96 to the stable channel for Windows, Mac and Linux Chrome 96 is also promoted to our new extended stable channel for Windows and Mac This will roll out over the coming days/weeks Chrome 960466445 contains a number of fixes and improvements -- a list of changes i ...

CWE-863 https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html https://crbug.com/1256822 https://www.debian.org/security/2022/dsa-5046 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W46HRT2UVHWSLZB6JZHQF6JNQWKV744/https://nvd.nist.gov https://www.debian.org/security/2022/dsa-5046

CVE-2021-38017

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect