VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-qc18-z4pg-5ufh

Vulnerability ID	VCID-qc18-z4pg-5ufh
Aliases	CVE-2021-4324
Summary	Insufficient policy enforcement in Google Update in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to read arbitrary files via a malicious file. (Chromium security severity: Medium)
Status	Published
Exploitability	None
Weighted Severity	None
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
epss	0.00141	https://api.first.org/data/v1/epss?cve=CVE-2021-4324
epss	0.00141	https://api.first.org/data/v1/epss?cve=CVE-2021-4324
epss	0.00141	https://api.first.org/data/v1/epss?cve=CVE-2021-4324
epss	0.00141	https://api.first.org/data/v1/epss?cve=CVE-2021-4324
epss	0.00141	https://api.first.org/data/v1/epss?cve=CVE-2021-4324
epss	0.00141	https://api.first.org/data/v1/epss?cve=CVE-2021-4324
epss	0.00141	https://api.first.org/data/v1/epss?cve=CVE-2021-4324
epss	0.00141	https://api.first.org/data/v1/epss?cve=CVE-2021-4324
epss	0.00141	https://api.first.org/data/v1/epss?cve=CVE-2021-4324
epss	0.00141	https://api.first.org/data/v1/epss?cve=CVE-2021-4324
ssvc	Track	https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html
ssvc	Track	https://crbug.com/1193233
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ/

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2021-4324
1193233		https://crbug.com/1193233
PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ/
stable-channel-update-for-desktop_26.html		https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html

No exploits are available.

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T13:48:32Z/ Found at https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T13:48:32Z/ Found at https://crbug.com/1193233

Exploit Prediction Scoring System (EPSS)

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T18:13:17.480196+00:00	EPSS Importer	Import	https://epss.cyentia.com/epss_scores-current.csv.gz	38.0.0