CVE-2021-21173

Medium

Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin…

Chrome·CWE-203·Published 2021-03-09

CVSS

6.5

EPSS

0.02

KEV

Exploits

Vendor statements (5)

cve.orgen

169 chars

Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

NVDes

218 chars

Un filtrado de información de canal lateral en Network Internals en Google Chrome versiones anteriores a 89.0.4389.72, permitió a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N