First published: Tue Aug 18 2020(Updated: )
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.
Credit: chrome-cve-admin@google.com Philip Papurt
Affected Software | Affected Version | How to fix |
---|---|---|
Google Chrome | <91.0.4472.77 | |
Fedoraproject Fedora | =33 | |
Fedoraproject Fedora | =34 | |
Google Chrome | <91.0.4472.77 | 91.0.4472.77 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2021-30532 is a vulnerability in Google Chrome that allows a remote attacker to bypass content security policy.
CVE-2021-30532 has a severity rating of 4.3, which is considered medium.
Google Chrome versions prior to 91.0.4472.77 and Fedora versions 33 and 34 are affected by CVE-2021-30532.
The content security policy bypass in CVE-2021-30532 can be exploited by a remote attacker through a crafted HTML page.
To fix CVE-2021-30532, update Google Chrome to version 91.0.4472.77 or later, or update to a non-affected version of Fedora if using Fedora.