Vulnerabilities > CVE-2021-38020

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
google
fedoraproject
debian
NVD
Published: 2021-12-23
Updated: 2023-11-07

Summary

Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

Vulnerable Configurations

Part Description Count
Application
Google
6749
OS
Google
1
OS
Fedoraproject
1
OS
Debian
2

References