Search for vulnerabilities
Vulnerability details: VCID-gq37-x3yf-aaap
Vulnerability ID VCID-gq37-x3yf-aaap
Aliases CVE-2021-30625
Summary Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-30625.html
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.01340 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.01340 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.01340 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.01340 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.03445 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.03445 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.06116 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.14946 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.16894 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.16894 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.16894 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.16894 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.16894 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
epss 0.20145 https://api.first.org/data/v1/epss?cve=CVE-2021-30625
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30625
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2021-30625
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-30625
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-30625
archlinux High https://security.archlinux.org/AVG-2337
archlinux High https://security.archlinux.org/AVG-2379
archlinux High https://security.archlinux.org/AVG-2383
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-30625.html
https://api.first.org/data/v1/epss?cve=CVE-2021-30625
https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop.html
https://crbug.com/1237533
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30625
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DDW7HAHTS3SDVXBQUY4SURELO5D4X7R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PM7MOYYHJSWLIFZ4TPJTD7MSA3HSSLV2/
https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1352
ASA-202109-6 https://security.archlinux.org/ASA-202109-6
AVG-2337 https://security.archlinux.org/AVG-2337
AVG-2379 https://security.archlinux.org/AVG-2379
AVG-2383 https://security.archlinux.org/AVG-2383
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
CVE-2021-30625 https://nvd.nist.gov/vuln/detail/CVE-2021-30625
GLSA-202201-02 https://security.gentoo.org/glsa/202201-02
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2021-30625
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-30625
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-30625
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.83339
EPSS Score 0.00919
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.