CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-4098 – Chrome IPC::ChannelAssociatedGroupController Memory Corruption
https://notcve.org/view.php?id=CVE-2021-4098
Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Una comprobación insuficiente de datos en Mojo en Google Chrome versiones anteriores a 96.0.4664.110, permitía a un atacante remoto que hubiera comprometido el proceso de renderización llevar a cabo potencialmente un escape de sandbox por medio de una página HTML diseñada Chrome suffers from a memory corruption vulnerability in IPC::ChannelAssociatedGroupController due to interface ID reuse. • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html https://crbug.com/1263457 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2021-4140 – Mozilla: Iframe sandbox bypass with XSLT
https://notcve.org/view.php?id=CVE-2021-4140
It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. ... The Mozilla Foundation Security Advisory describes this flaw as: It was possible to construct specific XSLT markups that would enable someone to bypass an iframe sandbox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1746720 https://www.mozilla.org/security/advisories/mfsa2022-01 https://www.mozilla.org/security/advisories/mfsa2022-02 https://www.mozilla.org/security/advisories/mfsa2022-03 https://access.redhat.com/security/cve/CVE-2021-4140 https://bugzilla.redhat.com/show_bug.cgi?id=2039568 • CWE-91: XML Injection (aka Blind XPath Injection) CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-29454 – Sandbox Escape by math function in smarty
https://notcve.org/view.php?id=CVE-2021-29454
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.42 and 4.0.2, template authors could run arbitrary PHP code by crafting a malicious math string. If a math string was passed through as user provided data to the math function, external users could run arbitrary PHP code by crafting a malicious math string. Users should upgrade to version 3.1.42 or 4.0.2 to receive a patch. Smarty es un motor de plantillas para PHP que facilita la separación de la presentación (HTML/CSS) de la lógica de la aplicación. • https://github.com/smarty-php/smarty/commit/215d81a9fa3cd63d82fb3ab56ecaf97cf1e7db71 https://github.com/smarty-php/smarty/releases/tag/v3.1.42 https://github.com/smarty-php/smarty/releases/tag/v4.0.2 https://github.com/smarty-php/smarty/security/advisories/GHSA-29gp-2c3m-3j6m https://lists.debian.org/debian-lts-announce/2022/05/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ https://lists.fedoraproject.org/archives/l • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-23543 – Sandbox Bypass
https://notcve.org/view.php?id=CVE-2021-23543
All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector. Todas las versiones del paquete realms-shim son vulnerables a una Omisión del Sandbox por medio de un vector de ataque de Contaminación de Prototipos • https://snyk.io/vuln/SNYK-JS-REALMSSHIM-2309908 https://www.npmjs.com/package/realms-shim • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2021-23594 – Sandbox Bypass
https://notcve.org/view.php?id=CVE-2021-23594
All versions of package realms-shim are vulnerable to Sandbox Bypass via a Prototype Pollution attack vector. Todas las versiones del paquete realms-shim son vulnerables a la Omisión del Sandbox por medio de un vector de ataque de Contaminación de Prototipos • https://snyk.io/vuln/SNYK-JS-REALMSSHIM-2309907 https://www.npmjs.com/package/realms-shim • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •