Debian Chromium vulnerabilities

2,176 known vulnerabilities affecting debian/chromium.

Total CVEs
2,176
CISA KEV
65
actively exploited
Public exploits
14
Exploited in wild
56
Severity breakdown
CRITICAL102HIGH1256MEDIUM754LOW56UNKNOWN8

Vulnerabilities

Page 71 of 109
CVE-2021-30543HIGHCVSS 8.8fixed in chromium 93.0.4577.82-1 (bookworm)2021
CVE-2021-30543 [HIGH] CVE-2021-30543: chromium - Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an at... Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fi
debian
CVE-2021-30541HIGHCVSS 8.8fixed in chromium 93.0.4577.82-1 (bookworm)2021
CVE-2021-30541 [HIGH] CVE-2021-30541: chromium - Use after free in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote at... Use after free in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fixed in 93.0
debian
CVE-2021-30622HIGHCVSS 8.8fixed in chromium 93.0.4577.82-1 (bookworm)2021
CVE-2021-30622 [HIGH] CVE-2021-30622: chromium - Chromium: CVE-2021-30622 Use after free in WebApp Installs Chromium: CVE-2021-30622 Use after free in WebApp Installs Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fixed in 93.0.4577.82-1)
debian
CVE-2021-30579HIGHCVSS 8.8fixed in chromium 93.0.4577.82-1 (bookworm)2021
CVE-2021-30579 [HIGH] CVE-2021-30579: chromium - Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a... Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fix
debian
CVE-2021-21196HIGHCVSS 8.8fixed in chromium 89.0.4389.114-1 (bookworm)2021
CVE-2021-21196 [HIGH] CVE-2021-21196: chromium - Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.... Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 89.0.4389.114-1) bullseye: resolved (fixed in 89.0.4389.114-1) forky: resolved (fixed in 89.0.4389.114-1) sid: resolved (fixed in 89.0.4389.114-1) trix
debian
CVE-2021-30628HIGHCVSS 8.8fixed in chromium 93.0.4577.82-1 (bookworm)2021
CVE-2021-30628 [HIGH] CVE-2021-30628: chromium - Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a ... Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fix
debian
CVE-2021-30551HIGHCVSS 8.8KEVfixed in chromium 93.0.4577.82-1 (bookworm)2021
CVE-2021-30551 [HIGH] CVE-2021-30551: chromium - Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote at... Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fixed in 93.0
debian
CVE-2021-37975HIGHCVSS 8.8KEVfixed in chromium 97.0.4692.71-0.1 (bookworm)2021
CVE-2021-37975 [HIGH] CVE-2021-37975: chromium - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote att... Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: resolved (fixed in 97.0.4692.71-0.1) trixie: resolved
debian
CVE-2021-30573HIGHCVSS 8.8fixed in chromium 93.0.4577.82-1 (bookworm)2021
CVE-2021-30573 [HIGH] CVE-2021-30573: chromium - Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote a... Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fixed in 93.
debian
CVE-2021-30529HIGHCVSS 8.8fixed in chromium 93.0.4577.82-1 (bookworm)2021
CVE-2021-30529 [HIGH] CVE-2021-30529: chromium - Use after free in Bookmarks in Google Chrome prior to 91.0.4472.77 allowed an at... Use after free in Bookmarks in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fi
debian
CVE-2021-30544HIGHCVSS 8.8fixed in chromium 93.0.4577.82-1 (bookworm)2021
CVE-2021-30544 [HIGH] CVE-2021-30544: chromium - Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remo... Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fixed in
debian
CVE-2021-21112HIGHCVSS 8.8fixed in chromium 87.0.4280.141-0.1 (bookworm)2021
CVE-2021-21112 [HIGH] CVE-2021-21112: chromium - Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote... Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 87.0.4280.141-0.1) bullseye: resolved (fixed in 87.0.4280.141-0.1) forky: resolved (fixed in 87.0.4280.141-0.1) sid: resolved (fixed in 87.0.4280.141-0.1) trixie: resolved
debian
CVE-2021-30566HIGHCVSS 8.8fixed in chromium 93.0.4577.82-1 (bookworm)2021
CVE-2021-30566 [HIGH] CVE-2021-30566: chromium - Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowe... Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit stack corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (f
debian
CVE-2021-21152HIGHCVSS 8.8fixed in chromium 88.0.4324.182-1 (bookworm)2021
CVE-2021-21152 [HIGH] CVE-2021-21152: chromium - Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 a... Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 88.0.4324.182-1) bullseye: resolved (fixed in 88.0.4324.182-1) forky: resolved (fixed in 88.0.4324.182-1) sid: resolved (fixed in 88.0.4324.182-1) trixie: r
debian
CVE-2021-37972HIGHCVSS 8.8fixed in chromium 97.0.4692.71-0.1 (bookworm)2021
CVE-2021-37972 [HIGH] CVE-2021-37972: chromium - Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allow... Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: resolved (fixed in 97.0.4692.71-0.1) t
debian
CVE-2021-38017HIGHCVSS 8.8fixed in chromium 97.0.4692.71-0.1 (bookworm)2021
CVE-2021-38017 [HIGH] CVE-2021-38017: chromium - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0... Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: resolved (fixed in 97.0.4692.
debian
CVE-2021-38005HIGHCVSS 8.8fixed in chromium 97.0.4692.71-0.1 (bookworm)2021
CVE-2021-38005 [HIGH] CVE-2021-38005: chromium - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote... Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: resolved (fixed in 97.0.4692.71-0.1) trixie: reso
debian
CVE-2021-30542HIGHCVSS 8.8fixed in chromium 93.0.4577.82-1 (bookworm)2021
CVE-2021-30542 [HIGH] CVE-2021-30542: chromium - Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an at... Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fi
debian
CVE-2021-21230HIGHCVSS 8.8fixed in chromium 90.0.4430.93-1 (bookworm)2021
CVE-2021-21230 [HIGH] CVE-2021-21230: chromium - Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote att... Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 90.0.4430.93-1) bullseye: resolved (fixed in 90.0.4430.93-1) forky: resolved (fixed in 90.0.4430.93-1) sid: resolved (fixed in 90.0.4430.93-1) trixie: resolved (fixed in 90.0.
debian
CVE-2021-4067HIGHCVSS 8.8fixed in chromium 97.0.4692.71-0.1 (bookworm)2021
CVE-2021-4067 [HIGH] CVE-2021-4067: chromium - Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664... Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: resolved (fixed in 97.0.4692.71
debian
← Previous71 / 109Next →