First published: Wed Nov 04 2020(Updated: )
Google Chromium PopupBlocker contains an insufficient policy enforcement vulnerability that allows a remote attacker to bypass navigation restrictions via a crafted iframe. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Credit: chrome-cve-admin@google.com Eliya Stein chrome-cve-admin@google.com chrome-cve-admin@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Chrome | <91.0.4472.77 | |
Fedoraproject Fedora | =33 | |
Fedoraproject Fedora | =34 | |
Google Chrome | <91.0.4472.77 | 91.0.4472.77 |
Google Chromium PopupBlocker | ||
<91.0.4472.77 | ||
=33 | ||
=34 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2021-30533 is a security bypass vulnerability affecting Google Chromium.
CVE-2021-30533 has a severity level of 6.5 (Medium).
CVE-2021-30533 affects web browsers using Chromium, such as Google Chrome and Microsoft Edge.
CVE-2021-30533 allows an attacker to remotely bypass security mechanisms in the PopupBlocker for Chromium.
Yes, a patch for CVE-2021-30533 has been released. It is recommended to update your affected software to the latest version.