8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.8%
Chrome Releases reports:
This release contains 19 security fixes, including:
[1180126] High CVE-2021-30506: Incorrect security UI in Web App
Installs. Reported by @retsew0x01 on 2021-02-19
[1178202] High CVE-2021-30507: Inappropriate implementation in
Offline. Reported by Alison Huffman, Microsoft Browser
Vulnerability Research on 2021-02-14
[1195340] High CVE-2021-30508: Heap buffer overflow in Media
Feeds. Reported by Leecraso and Guang Gong of 360 Alpha Lab on
2021-04-02
[1196309] High CVE-2021-30509: Out of bounds write in Tab Strip.
Reported by David Erceg on 2021-04-06
[1197436] High CVE-2021-30510: Race in Aura. Reported by Weipeng
Jiang (@Krace) from Codesafe Team of Legendsec at Qi’anxin Group
on 2021-04-09
[1197875] High CVE-2021-30511: Out of bounds read in Tab Groups.
Reported by David Erceg on 2021-04-10
[1200019] High CVE-2021-30512: Use after free in Notifications.
Reported by ZhanJia Song on 2021-04-17
[1200490] High CVE-2021-30513: Type Confusion in V8. Reported by
Man Yue Mo of GitHub Security Lab on 2021-04-19
[1200766] High CVE-2021-30514: Use after free in Autofill.
Reported by koocola (@alo_cook) and Nan Wang (@eternalsakura13) of
360 Alpha Lab on 2021-04-20
[1201073] High CVE-2021-30515: Use after free in File API.
Reported by Rong Jian and Guang Gong of 360 Alpha Lab on
2021-04-21
[1201446] High CVE-2021-30516: Heap buffer overflow in History.
Reported by ZhanJia Song on 2021-04-22
[1203122] High CVE-2021-30517: Type Confusion in V8. Reported by
laural on 2021-04-27
[1203590] High CVE-2021-30518: Heap buffer overflow in Reader
Mode. Reported by Jun Kokatsu, Microsoft Browser Vulnerability
Research on 2021-04-28
[1194058] Medium CVE-2021-30519: Use after free in Payments.
Reported by asnine on 2021-03-30
[1193362] Medium CVE-2021-30520: Use after free in Tab Strip.
Reported by Khalil Zhani on 2021-04-03
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.8%