First published: Sun Mar 21 2021(Updated: )
Use after free in DevTools in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)
Credit: chrome-cve-admin@google.com chrome-cve-admin@google.com David Erceg
Affected Software | Affected Version | How to fix |
---|---|---|
Google Chrome | <91.0.4472.77 | |
Google Chrome | <91.0.4472.77 | 91.0.4472.77 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2021-4322 is a vulnerability that allows an attacker to execute arbitrary code in Google Chrome prior to version 91.0.4472.77.
The severity of CVE-2021-4322 is rated as high with a severity value of 8.8.
CVE-2021-4322 is a use-after-free vulnerability in DevTools in Google Chrome that allows an attacker to execute arbitrary code by convincing a user to install a malicious extension.
Google Chrome versions prior to 91.0.4472.77 are affected by CVE-2021-4322.
To fix CVE-2021-4322, users should update their Google Chrome to version 91.0.4472.77 or later.