Debian Chromium vulnerabilities

CVE-2021-38001 [HIGH] CVE-2021-38001: chromium - Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote att... Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: resolved (fixed in 97.0.4692.71-0.1) trixie: resolved

CVE-2021-30577 [HIGH] CVE-2021-30577: chromium - Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515... Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resol

CVE-2021-4098 [HIGH] CVE-2021-4098: chromium - Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 all... Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) s

CVE-2021-21193 [HIGH] CVE-2021-21193: chromium - Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote ... Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 89.0.4389.90-1) bullseye: resolved (fixed in 89.0.4389.90-1) forky: resolved (fixed in 89.0.4389.90-1) sid: resolved (fixed in 89.0.4389.90-1) trixie: resolved (fixed in 89

CVE-2021-21153 [HIGH] CVE-2021-21153: chromium - Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.432... Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Scope: local bookworm: resolved (fixed in 88.0.4324.182-1) bullseye: resolved (fixed in 88.0.4324.182-1) forky: resolved (fixed in 88.0.4324.182-1) sid: resolved (fixed in 88.0.43

CVE-2021-30508 [HIGH] CVE-2021-30508: chromium - Heap buffer overflow in Media Feeds in Google Chrome prior to 90.0.4430.212 allo... Heap buffer overflow in Media Feeds in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to enable certain features in Chrome to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 90.0.4430.212-1) bullseye: resolved (fixed in 90.0.4430.212-1) forky: resolved (fixed in 90.0.4430.212-1) s

CVE-2021-21190 [HIGH] CVE-2021-21190: chromium - Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a re... Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. Scope: local bookworm: resolved (fixed in 89.0.4389.82-1) bullseye: resolved (fixed in 89.0.4389.82-1) forky: resolved (fixed in 89.0.4389.82-1) sid: resolved (fixed in 89.0.4389.82-1)

CVE-2021-30612 [HIGH] CVE-2021-30612: chromium - Chromium: CVE-2021-30612 Use after free in WebRTC Chromium: CVE-2021-30612 Use after free in WebRTC Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fixed in 93.0.4577.82-1)

CVE-2021-30512 [HIGH] CVE-2021-30512: chromium - Use after free in Notifications in Google Chrome prior to 90.0.4430.212 allowed ... Use after free in Notifications in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 90.0.4430.212-1) bullseye: resolved (fixed in 90.0.4430.212-1) forky: resolved (fixed in 90.0.4430.212-1) sid: resolved (f

CVE-2021-37977 [HIGH] CVE-2021-37977: chromium - Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allo... Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: resolved (fixed in 97.0.4692.71-0.1)

CVE-2021-30525 [HIGH] CVE-2021-30525: chromium - Use after free in TabGroups in Google Chrome prior to 91.0.4472.77 allowed an at... Use after free in TabGroups in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fi

CVE-2021-21204 [HIGH] CVE-2021-21204: chromium - Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a... Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 90.0.4430.72-1) bullseye: resolved (fixed in 90.0.4430.72-1) forky: resolved (fixed in 90.0.4430.72-1) sid: resolved (fixed in 90.0.4430.72-1) trixie: resolved (fix

CVE-2021-21145 [HIGH] CVE-2021-21145: chromium - Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote... Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 88.0.4324.146-1) bullseye: resolved (fixed in 88.0.4324.146-1) forky: resolved (fixed in 88.0.4324.146-1) sid: resolved (fixed in 88.0.4324.146-1) trixie: resolved (fixed

CVE-2021-21159 [HIGH] CVE-2021-21159: chromium - Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed ... Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 89.0.4389.82-1) bullseye: resolved (fixed in 89.0.4389.82-1) forky: resolved (fixed in 89.0.4389.82-1) sid: resolved (fixed in 89.0.4389.82-1) trixie: resolved (fi

CVE-2021-30593 [HIGH] CVE-2021-30593: chromium - Out of bounds read in Tab Strip in Google Chrome prior to 92.0.4515.131 allowed ... Out of bounds read in Tab Strip in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page. Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolv

CVE-2021-37992 [HIGH] CVE-2021-37992: chromium - Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a ... Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.71-0.1) bullseye: resolved (fixed in 97.0.4692.71-0.1~deb11u1) forky: resolved (fixed in 97.0.4692.71-0.1) sid: resolved (fixed in 97.0.4692.71-0.1) trixie

CVE-2021-21198 [HIGH] CVE-2021-21198: chromium - Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remo... Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Scope: local bookworm: resolved (fixed in 89.0.4389.114-1) bullseye: resolved (fixed in 89.0.4389.114-1) forky: resolved (fixed in 89.0.4389.114-1) sid: resolved (fixed

CVE-2021-21169 [HIGH] CVE-2021-21169: chromium - Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed... Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Scope: local bookworm: resolved (fixed in 89.0.4389.82-1) bullseye: resolved (fixed in 89.0.4389.82-1) forky: resolved (fixed in 89.0.4389.82-1) sid: resolved (fixed in 89.0.4389.82-1) trixie:

CVE-2021-21220 [HIGH] CVE-2021-21220: chromium - Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.... Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 90.0.4430.72-1) bullseye: resolved (fixed in 90.0.4430.72-1) forky: resolved (fixed in 90.0.4430.72-1) sid: resolved (fixed in 90.0.4430.72-1) tri

CVE-2021-30611 [HIGH] CVE-2021-30611: chromium - Chromium: CVE-2021-30611 Use after free in WebRTC Chromium: CVE-2021-30611 Use after free in WebRTC Scope: local bookworm: resolved (fixed in 93.0.4577.82-1) bullseye: resolved (fixed in 93.0.4577.82-1) forky: resolved (fixed in 93.0.4577.82-1) sid: resolved (fixed in 93.0.4577.82-1) trixie: resolved (fixed in 93.0.4577.82-1)