CVE-2021-31971
published 2021-06-08CVE-2021-31971: Windows HTML Platforms Security Feature Bypass Vulnerability
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
Windows HTML Platforms Security Feature Bypass Vulnerability
Affected
48 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10_version_1507 | >= 10.0.0 < 10.0.10240.18967 | 10.0.10240.18967 |
| microsoft | windows_10_version_1607 | >= 10.0.0 < 10.0.14393.4467 | 10.0.14393.4467 |
| microsoft | windows_10_version_1809 | >= 10.0.0 < 10.0.17763.1999 | 10.0.17763.1999 |
| microsoft | windows_10_version_1909 | >= 10.0.0 < 10.0.18363.1621 | 10.0.18363.1621 |
| microsoft | windows_10_version_2004 | >= 10.0.0 < 10.0.19041.1052 | 10.0.19041.1052 |
| microsoft | windows_10_version_20h2 | >= 10.0.0 < 10.0.19042.1052 | 10.0.19042.1052 |
| microsoft | windows_10_version_21h1 | >= 10.0.0 < 10.0.19043.1052 | 10.0.19043.1052 |
| microsoft | windows_7 | >= 6.1.0 < 6.1.7601.25632 | 6.1.7601.25632 |
| microsoft | windows_7 | >= 6.1.0 < publication | publication |
| microsoft | windows_7_service_pack_1 | >= 6.1.0 < 6.1.7601.25632 | 6.1.7601.25632 |
| microsoft | windows_7_service_pack_1 | >= 6.1.0 < publication | publication |
| microsoft | windows_8.1 | >= 6.3.0 < 6.3.9600.20045 | 6.3.9600.20045 |
| microsoft | windows_8.1 | >= 6.3.0 < 1.0.0.0 | 1.0.0.0 |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.0 < 6.1.7601.25632 | 6.1.7601.25632 |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.0 < publication | publication |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.0 < 6.0.6003.21137 | 6.0.6003.21137 |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.0 < publication | publication |
Microsoft
Windows HTML Platforms Security Feature Bypass Vulnerability
vendor_msrc·2021-06-08·CVSS 6.8
CVE-2021-31971 [MEDIUM] Windows HTML Platforms Security Feature Bypass Vulnerability
Windows HTML Platforms Security Feature Bypass Vulnerability
FAQ: The Security Updates table indicates that this vulnerability affects all supported versions of Microsoft Windows. Why are IE Cumulative updates listed for Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2?
While Microsoft has announced retirement of the Internet Explorer 11 application on certain platforms and the Microsoft Edge Legacy application is deprecated, the underlying MSHTML, EdgeHTML, and scripting platforms are still supported. The MSHTML platform is used by Internet Explorer mode in Microsoft Edge as well as other applications through WebBrowser control. The EdgeHTML platform is used by WebView and some UWP applications. The scripting platforms a
GHSA
GHSA-hwwg-pxv4-j5f6: Windows HTML Platform Security Feature Bypass Vulnerability
ghsa_unreviewed·2022-05-24
CVE-2021-31971 [HIGH] GHSA-hwwg-pxv4-j5f6: Windows HTML Platform Security Feature Bypass Vulnerability
Windows HTML Platform Security Feature Bypass Vulnerability
No detection rules found.
No public exploits indexed.
2021-06-08
Published