NVD disclosure day

Published threat advisories for November 23, 2021

CVE advisoryKnown Exploit

CVE-2021-38003

Google Chrome V8 Heap Corruption Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Google Chrome's V8 engine allows remote attackers to potentially exploit heap corruption via a crafted HTML page, posing a risk to system integrity and data. Organizations should identify affected systems and apply vendor security updates.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2021-38000

Google Chrome Browser Vulnerability Allows Malicious URL Navigation.

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in Google Chrome on Android allows attackers to redirect users to malicious URLs via crafted HTML pages, affecting user browsing and potentially leading to data compromise. The risk to organizations is from user interaction with malicious content. Applying Chrome updates is recommended.

NVD published: • CISA KEV