QwikSec

Security Database

CVE

CWE

Training

CVE-2021-30528

Published: Jun 7, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page.

Vendor	Product	Versions
Google	Chrome	affected `unspecified - < 91.0.4472.77`

References

https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html

https://crbug.com/1206329

vendor-advisory

FEDORA-2021-f94dadff78

vendor-advisory

FEDORA-2021-ca58c57bdf

vendor-advisory

http://packetstormsecurity.com/files/172844/Chrome-Sandbox-Escape.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.