QID 376000

Date Published: 2021-10-29

QID 376000: Google Chrome Prior to 95.0.4638.69 Multiple Vulnerabilities

Chrome has released security updates for Windows, Mac, and Linux to fix multiple vulnerabilities.

Chrome is prone to:
CVE-2021-37997: Use after free bug in Sign-in.
CVE-2021-37998 : Use after free in Garbage Collection.
CVE-2021-37999 : Insufficient data validation in New Tab Page.
CVE-2021-38000 : Insufficient validation of untrusted input in Intents.
CVE-2021-38001 : Type Confusion in V8.
CVE-2021-38002 : Use after free in Web Transport.
CVE-2021-38003 : Inappropriate implementation in V8.
Affected Versions:
Google Chrome Prior to 95.0.4638.69

QID Detection Logic(Authenticated):
This QID checks for vulnerable versions of Google Chrome on Windows, MAC OS, and Linux OS.

Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.

  • CVSS V3 rated as High - 7.3 severity.
  • CVSS V2 rated as High - 7.5 severity.
  • Solution
    Refer to Chrome security advisory 95.0.4638.69 for updates and patch information.
    Software Advisories
    Advisory ID Software Component Link
    Google Chrome 95.0.4638.69 URL Logo chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html