CVE-2021-37973

Google Chromium Portals contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge. Vendor/Product: Google Chromium Portals. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.