8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.109 Low
EPSS
Percentile
95.0%
Chrome Releases/Stable updates reports:
This release contains 4 security fixes, including:
[1245578] High CVE-2021-37974: Use after free in Safe Browsing.
Reported by Weipeng Jiang (@Krace) from Codesafe Team of
Legendsec at Qiβanxin Group on 2021-09-01
[1252918] High CVE-2021-37975: Use after free in V8. Reported by
Anonymous on 2021-09-24
[1251787] Medium CVE-2021-37976: Information leak in core.
Reported by Clement Lecigne from Google TAG, with technical
assistance from Sergei Glazunov and Mark Brand from Google
Project Zero on 2021-09-21
Google is aware the exploits for CVE-2021-37975 and CVE-2021-37976
exist in the wild.
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.109 Low
EPSS
Percentile
95.0%