CVE-2021-37973 - Google Chromium Portals Use-After-Free Vulnerability

CVE-2021-37973: Google | Chromium Portals

Date Added:
2021-11-03

Due Date:
2021-11-17

Vulnerability Name: Google Chromium Portals Use-After-Free Vulnerability

Description: Google Chromium Portals contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply updates per vendor instructions.

Additional Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-37973