Debian Chromium vulnerabilities

CVE-2021-4318 [HIGH] CVE-2021-4318: chromium - Object corruption in Blink in Google Chrome prior to 94.0.4606.54 allowed a remo... Object corruption in Blink in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: resolved (fi

CVE-2021-30586 [HIGH] CVE-2021-30586: chromium - Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.... Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.8

CVE-2021-21191 [HIGH] CVE-2021-21191: chromium - Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote... Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 89.0.4389.90-1) bullseye: resolved (fixed in 89.0.4389.90-1) forky: resolved (fixed in 89.0.4389.90-1) sid: resolved (fixed in 89.0.4389.90-1) trixie: resolved (fixed in 8

CVE-2021-21199 [HIGH] CVE-2021-21199: chromium - Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed ... Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 89.0.4389.114-1) bullseye: resolved (fixed in 89.0.4389.114-1) forky: resolved (fixed in 89.0.4389.114-1) sid: resolved (f

CVE-2021-30560 [HIGH] CVE-2021-30560: chromium - Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a r... Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fixed

CVE-2021-21156 [HIGH] CVE-2021-21156: chromium - Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a rem... Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script. Scope: local bookworm: resolved (fixed in 88.0.4324.182-1) bullseye: resolved (fixed in 88.0.4324.182-1) forky: resolved (fixed in 88.0.4324.182-1) sid: resolved (fixed in 88.0.4324.182-1) trixie: resolved (fixed

CVE-2021-30511 [HIGH] CVE-2021-30511: chromium - Out of bounds read in Tab Groups in Google Chrome prior to 90.0.4430.212 allowed... Out of bounds read in Tab Groups in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page. Scope: local bookworm: resolved (fixed in 90.0.4430.212-1) bullseye: resolved (fixed in 90.0.4430.212-1) forky: resolved (fixed in 90.0.4430.212-1) sid: re

CVE-2021-30598 [HIGH] CVE-2021-30598: chromium - Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote at... Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fixed in

CVE-2021-4058 [HIGH] CVE-2021-4058: chromium - Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a r... Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: resolved (fixed in 97.0.4692.71-0.1) trixie: r

CVE-2021-37982 [HIGH] CVE-2021-37982: chromium - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a rem... Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: resolved (fixed in 97.0.4692.71-0.1) trixie: r

CVE-2021-30561 [HIGH] CVE-2021-30561: chromium - Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote at... Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fixed in 93.0

CVE-2021-30564 [HIGH] CVE-2021-30564: chromium - Heap buffer overflow in WebXR in Google Chrome prior to 91.0.4472.164 allowed a ... Heap buffer overflow in WebXR in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fixe

CVE-2021-21165 [HIGH] CVE-2021-21165: chromium - Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attac... Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 89.0.4389.82-1) bullseye: resolved (fixed in 89.0.4389.82-1) forky: resolved (fixed in 89.0.4389.82-1) sid: resolved (fixed in 89.0.4389.82-1) trixie: resolved (fixed in 89.0.43

CVE-2021-30620 [HIGH] CVE-2021-30620: chromium - Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fixed in 93.0.4577.82-1)

CVE-2021-30557 [HIGH] CVE-2021-30557: chromium - Use after free in TabGroups in Google Chrome prior to 91.0.4472.114 allowed an a... Use after free in TabGroups in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (f

CVE-2021-30509 [HIGH] CVE-2021-30509: chromium - Out of bounds write in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed... Out of bounds write in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page and a crafted Chrome extension. Scope: local bookworm: resolved (fixed in 90.0.4430.212-1) bullseye: resolved (fixed in 90.0.4430.212-1) forky: resolved (f

CVE-2021-21174 [HIGH] CVE-2021-21174: chromium - Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 ... Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Scope: local bookworm: resolved (fixed in 89.0.4389.82-1) bullseye: resolved (fixed in 89.0.4389.82-1) forky: resolved (fixed in 89.0.4389.82-1) sid: resolved (fixed in 89.0.4389.82-1) trixie: resolved

CVE-2021-30562 [HIGH] CVE-2021-30562: chromium - Use after free in WebSerial in Google Chrome prior to 91.0.4472.164 allowed a re... Use after free in WebSerial in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fixed

CVE-2021-37974 [HIGH] CVE-2021-37974: chromium - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a ... Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: re

CVE-2021-38011 [HIGH] CVE-2021-38011: chromium - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allo... Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: resolved (fixed in 97.0.4692.71-0.1)