rpm package
suse/chromium&distro=SUSE Package Hub 15 SP3
pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP3
Vulnerabilities (505)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-37957 | Hig | 8.8 | < 94.0.4606.71-bp153.2.31.1 | 94.0.4606.71-bp153.2.31.1 | Oct 8, 2021 | Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-37956 | Hig | 8.8 | < 94.0.4606.71-bp153.2.31.1 | 94.0.4606.71-bp153.2.31.1 | Oct 8, 2021 | Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-30633 | Cri | 9.6 | KEV | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Oct 8, 2021 | Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
| CVE-2021-30632 | Hig | 8.8 | KEV | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Oct 8, 2021 | Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| CVE-2021-30630 | Med | 4.3 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Oct 8, 2021 | Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. | |
| CVE-2021-30629 | Hig | 8.8 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Oct 8, 2021 | Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-30628 | Hig | 8.8 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Oct 8, 2021 | Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. | |
| CVE-2021-30627 | Hig | 8.8 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Oct 8, 2021 | Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-30626 | Hig | 8.8 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Oct 8, 2021 | Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-30625 | Hig | 8.8 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Oct 8, 2021 | Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-30624 | Hig | 8.8 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Sep 3, 2021 | Chromium: CVE-2021-30624 Use after free in Autofill | |
| CVE-2021-30623 | Hig | 8.8 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Sep 3, 2021 | Chromium: CVE-2021-30623 Use after free in Bookmarks | |
| CVE-2021-30622 | Hig | 8.8 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Sep 3, 2021 | Chromium: CVE-2021-30622 Use after free in WebApp Installs | |
| CVE-2021-30621 | Med | 6.5 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Sep 3, 2021 | Chromium: CVE-2021-30621 UI Spoofing in Autofill | |
| CVE-2021-30620 | Hig | 8.8 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Sep 3, 2021 | Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink | |
| CVE-2021-30619 | Med | 6.5 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Sep 3, 2021 | Chromium: CVE-2021-30619 UI Spoofing in Autofill | |
| CVE-2021-30618 | Hig | 8.8 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Sep 3, 2021 | Chromium: CVE-2021-30618 Inappropriate implementation in DevTools | |
| CVE-2021-30617 | Med | 6.5 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Sep 3, 2021 | Chromium: CVE-2021-30617 Policy bypass in Blink | |
| CVE-2021-30616 | Hig | 8.8 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Sep 3, 2021 | Chromium: CVE-2021-30616 Use after free in Media | |
| CVE-2021-30615 | Med | 6.5 | < 93.0.4577.82-bp153.2.28.1 | 93.0.4577.82-bp153.2.28.1 | Sep 3, 2021 | Chromium: CVE-2021-30615 Cross-origin data leak in Navigation |
- affected < 94.0.4606.71-bp153.2.31.1fixed 94.0.4606.71-bp153.2.31.1
Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 94.0.4606.71-bp153.2.31.1fixed 94.0.4606.71-bp153.2.31.1
Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page.
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page.
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Chromium: CVE-2021-30624 Use after free in Autofill
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Chromium: CVE-2021-30623 Use after free in Bookmarks
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Chromium: CVE-2021-30622 Use after free in WebApp Installs
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Chromium: CVE-2021-30621 UI Spoofing in Autofill
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Chromium: CVE-2021-30619 UI Spoofing in Autofill
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Chromium: CVE-2021-30618 Inappropriate implementation in DevTools
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Chromium: CVE-2021-30617 Policy bypass in Blink
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Chromium: CVE-2021-30616 Use after free in Media
- affected < 93.0.4577.82-bp153.2.28.1fixed 93.0.4577.82-bp153.2.28.1
Chromium: CVE-2021-30615 Cross-origin data leak in Navigation
Page 21 of 26