Search for vulnerabilities
Vulnerability details: VCID-wzv7-gsfx-aaag
Vulnerability ID VCID-wzv7-gsfx-aaag
Aliases CVE-2021-38003
Summary Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-755 Improper Handling of Exceptional Conditions
CWE-787 Out-of-bounds Write
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-38003.html
epss 0.02825 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.02825 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.02825 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.02825 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.02825 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.02825 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.02825 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.02825 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.02825 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.02825 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.09601 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.09601 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.09601 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.09601 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.65207 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.6943 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.764 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.764 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.78101 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.78101 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.78101 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.78101 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
epss 0.78101 https://api.first.org/data/v1/epss?cve=CVE-2021-38003
cvssv3.1 8.8 https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html
cvssv3.1 8.8 https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html
ssvc Attend https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html
cvssv3.1 8.8 https://crbug.com/1263462
ssvc Attend https://crbug.com/1263462
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37956
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37957
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37958
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37959
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37961
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37962
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37963
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37964
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37965
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37966
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37967
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37968
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37969
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37970
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37971
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37972
generic_textual High https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37973
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37974
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37975
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37976
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37981
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37982
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37983
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37984
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37985
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37986
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37987
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37988
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37989
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37990
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37991
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37992
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37993
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37994
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37995
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37996
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37997
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37998
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37999
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38000
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38001
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38002
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38003
cvssv3.1 8.8 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W46HRT2UVHWSLZB6JZHQF6JNQWKV744/
ssvc Attend https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W46HRT2UVHWSLZB6JZHQF6JNQWKV744/
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2021-38003
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-38003
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2021-38003
archlinux High https://security.archlinux.org/AVG-2475
archlinux High https://security.archlinux.org/AVG-2504
archlinux High https://security.archlinux.org/AVG-2525
cvssv3.1 8.8 https://www.debian.org/security/2022/dsa-5046
ssvc Attend https://www.debian.org/security/2022/dsa-5046
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-38003.html
https://api.first.org/data/v1/epss?cve=CVE-2021-38003
https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html
https://crbug.com/1263462
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30558
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37961
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37962
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37963
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37964
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37965
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37966
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37967
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37968
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37969
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37970
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37972
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37973
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37974
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37976
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37977
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37978
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37979
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37980
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37981
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37982
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37983
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37984
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37985
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37986
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37987
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37988
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37989
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37990
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37991
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37992
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37994
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37997
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37998
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37999
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38000
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38002
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38003
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38004
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38005
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38006
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38007
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38008
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38009
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38010
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38012
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38013
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38014
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38018
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4052
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4053
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4054
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4055
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4056
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4057
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4058
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4059
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4061
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4062
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4064
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4066
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4067
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4068
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4079
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4098
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4099
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4100
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4102
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4316
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4317
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4318
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4319
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4320
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4321
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4322
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0096
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0097
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0098
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0099
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0100
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0102
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0103
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0104
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0105
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0106
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0107
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0108
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0109
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0110
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0111
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0113
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0114
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0115
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0117
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0118
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0120
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4924
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4925
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W46HRT2UVHWSLZB6JZHQF6JNQWKV744/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W46HRT2UVHWSLZB6JZHQF6JNQWKV744/
https://www.debian.org/security/2022/dsa-5046
ASA-202110-7 https://security.archlinux.org/ASA-202110-7
ASA-202111-8 https://security.archlinux.org/ASA-202111-8
ASA-202112-1 https://security.archlinux.org/ASA-202112-1
AVG-2475 https://security.archlinux.org/AVG-2475
AVG-2504 https://security.archlinux.org/AVG-2504
AVG-2525 https://security.archlinux.org/AVG-2525
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
CVE-2021-38003 https://nvd.nist.gov/vuln/detail/CVE-2021-38003
GLSA-202201-02 https://security.gentoo.org/glsa/202201-02
Data source KEV
Date added Nov. 3, 2021
Description Google Chromium V8 Engine has a bug in JSON.stringify, where the internal TheHole value can leak to script code, causing memory corruption. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required action Apply updates per vendor instructions.
Due date Nov. 17, 2021
Note 
https://nvd.nist.gov/vuln/detail/CVE-2021-38003
Ransomware campaign use Unknown
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:50:22Z/ Found at https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://crbug.com/1263462
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:50:22Z/ Found at https://crbug.com/1263462
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W46HRT2UVHWSLZB6JZHQF6JNQWKV744/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:50:22Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W46HRT2UVHWSLZB6JZHQF6JNQWKV744/
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2021-38003
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-38003
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2021-38003
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2022/dsa-5046
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-01-29T16:50:22Z/ Found at https://www.debian.org/security/2022/dsa-5046
Exploit Prediction Scoring System (EPSS)
Percentile 0.90936
EPSS Score 0.02825
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.