Search for vulnerabilities
Vulnerability details: VCID-87tx-rhxd-w7eq
Vulnerability ID VCID-87tx-rhxd-w7eq
Aliases CVE-2021-4102
Summary Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
epss 0.03101 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03101 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03101 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03101 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03101 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03101 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03101 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03101 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03101 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
epss 0.03857 https://api.first.org/data/v1/epss?cve=CVE-2021-4102
cvssv3.1 8.8 https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html
ssvc Attend https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html
cvssv3.1 8.8 https://crbug.com/1278387
ssvc Attend https://crbug.com/1278387
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2021-4102
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-4102
archlinux Critical https://security.archlinux.org/AVG-2633
archlinux Critical https://security.archlinux.org/AVG-2634
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2021-4102
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30558
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37961
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37962
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37963
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37964
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37965
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37966
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37967
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37968
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37969
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37970
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37972
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37973
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37974
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37976
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37977
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37978
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37979
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37980
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37981
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37982
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37983
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37984
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37985
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37986
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37987
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37988
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37989
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37990
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37991
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37992
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37994
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37997
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37998
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37999
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38000
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38002
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38003
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38004
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38005
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38006
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38007
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38008
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38009
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38010
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38012
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38013
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38014
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38018
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4052
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4053
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4054
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4055
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4056
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4057
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4058
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4059
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4061
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4062
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4064
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4066
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4067
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4068
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4079
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4098
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4099
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4100
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4102
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4316
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4317
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4318
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4319
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4320
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4321
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4322
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0096
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0097
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0098
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0099
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0100
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0102
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0103
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0104
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0105
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0106
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0107
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0108
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0109
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0110
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0111
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0113
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0114
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0115
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0117
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0118
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0120
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4924
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4925
1278387 https://crbug.com/1278387
AVG-2633 https://security.archlinux.org/AVG-2633
AVG-2634 https://security.archlinux.org/AVG-2634
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
CVE-2021-4102 https://nvd.nist.gov/vuln/detail/CVE-2021-4102
stable-channel-update-for-desktop_13.html https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html
Data source KEV
Date added Dec. 15, 2021
Description Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required action Apply updates per vendor instructions.
Due date Dec. 29, 2021
Note 
https://nvd.nist.gov/vuln/detail/CVE-2021-4102
Ransomware campaign use Unknown
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:49:59Z/ Found at https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://crbug.com/1278387
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:49:59Z/ Found at https://crbug.com/1278387
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2021-4102
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-4102
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.86303
EPSS Score 0.03101
Published At Sept. 11, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T09:46:43.790914+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2021/4xxx/CVE-2021-4102.json 37.0.0