Vulnerability-Lookup

CVE-2020-27844 (GCVE-0-2020-27844)

Vulnerability from cvelistv5 – Published: 2021-01-05 17:43 – Updated: 2024-08-04 16:25

Summary

A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Severity

No CVSS data available.

CWE

CWE-20 - >CWE-122->CWE-787

Assigner

redhat

References

5 references

URL	Tags
https://bugzilla.redhat.com/show_bug.cgi?id=1907521	x_refsource_MISC
https://security.gentoo.org/glsa/202101-29	vendor-advisoryx_refsource_GENTOO
https://lists.debian.org/debian-lts-announce/2021…	mailing-listx_refsource_MLIST
https://www.oracle.com/security-alerts/cpuApr2021.html	x_refsource_MISC
https://www.oracle.com//security-alerts/cpujul2021.html	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
n/a	openjpeg	Affected: openjpeg 2.4.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:25:43.677Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521"
          },
          {
            "name": "GLSA-202101-29",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202101-29"
          },
          {
            "name": "[debian-lts-announce] 20210208 [SECURITY] [DLA 2550-1] openjpeg2 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openjpeg",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "openjpeg 2.4.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in openjpeg\u0027s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20-\u003eCWE-122-\u003eCWE-787",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-20T22:54:53.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521"
        },
        {
          "name": "GLSA-202101-29",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202101-29"
        },
        {
          "name": "[debian-lts-announce] 20210208 [SECURITY] [DLA 2550-1] openjpeg2 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2020-27844",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "openjpeg",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "openjpeg 2.4.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A flaw was found in openjpeg\u0027s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20-\u003eCWE-122-\u003eCWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521"
            },
            {
              "name": "GLSA-202101-29",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202101-29"
            },
            {
              "name": "[debian-lts-announce] 20210208 [SECURITY] [DLA 2550-1] openjpeg2 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
            },
            {
              "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-27844",
    "datePublished": "2021-01-05T17:43:49.000Z",
    "dateReserved": "2020-10-27T00:00:00.000Z",
    "dateUpdated": "2024-08-04T16:25:43.677Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2020-27844",
      "date": "2026-05-31",
      "epss": "0.00801",
      "percentile": "0.74366"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-27844\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2021-01-05T18:15:14.147\",\"lastModified\":\"2024-11-21T05:21:55.233\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in openjpeg\u0027s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 un fallo en el archivo src/lib/openjp2/t2.c de openjpeg en versiones anteriores a 2.4.0.\u0026#xa0;Este fallo permite a un atacante proporcionar una entrada dise\u00f1ada para openjpeg durante la conversi\u00f3n y codificaci\u00f3n, causando una escritura fuera de l\u00edmites.\u0026#xa0;La mayor amenaza de esta vulnerabilidad es la confidencialidad, la integridad as\u00ed como la disponibilidad del sistema\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:C\",\"baseScore\":8.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":8.5,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:uclouvain:openjpeg:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.4.0\",\"matchCriteriaId\":\"99E5C355-1C00-4EE7-A68E-334B9D2EC1E4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:outside_in_technology:8.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3198F822-43F8-4CB3-97F7-C2982FDA5CBD\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1907521\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202101-29\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1907521\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202101-29\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
  }
}

BDU:2021-01236

Vulnerability from fstec - Published: 14.12.2020

Title

Уязвимость библиотеки для кодирования и декодирования изображений OpenJPEG, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Description

Уязвимость в функции src/lib/openjp2/t2.c библиотеки для кодирования и декодирования изображений OpenJPEG существует из-за недостаточной проверки входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Severity


                    
                      AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vendor

Сообщество свободного программного обеспечения, Novell Inc., Google Inc, АО «ИВК», АО "НППКТ", АО «Концерн ВНИИНС»

Software Name

Debian GNU/Linux, OpenSUSE Leap, OpenJPEG, Google Chrome, Альт 8 СП (запись в едином реестре российских программ №4305), ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)

Software Version

9 (Debian GNU/Linux), 15.2 (OpenSUSE Leap), до 2.4.0 (OpenJPEG), до 89.0.4389.72 (Google Chrome), - (Альт 8 СП), до 2.3 (ОСОН ОСнова Оnyx), до 16.01.2023 (ОС ОН «Стрелец»)

Possible Mitigations

Использование рекомендаций: Для Google Chrome: https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html Для OpenJPEG: Обновление библиотеки для кодирования и декодирования изображений OpenJPEG до актуальной версии Для Debian GNU/Linux: https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html Для программных продуктов Novell Inc.: https://www.suse.com/security/cve/CVE-2020-27844/ Для ОСОН Основа: Обновление программного обеспечения chromium до версии 94.0.4606.81+repack-1osnova1.1 Для ОС ОН «Стрелец»: Обновление программного обеспечения chromium до версии 105.0.5195.125+repack2-1~deb11u1.osnova1.strelets Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства

Reference

https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html https://nvd.nist.gov/vuln/detail/CVE-2020-27844 https://bugzilla.redhat.com/show_bug.cgi?id=1907521 https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html https://www.suse.com/security/cve/CVE-2020-27844/ https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.3/ https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023 https://altsp.su/obnovleniya-bezopasnosti/

CWE

CWE-20, CWE-122, CWE-787

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Novell Inc., Google Inc, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 15.2 (OpenSUSE Leap), \u0434\u043e 2.4.0 (OpenJPEG), \u0434\u043e 89.0.4389.72 (Google Chrome), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), \u0434\u043e 2.3 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Google Chrome:\nhttps://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html\n\n\u0414\u043b\u044f OpenJPEG:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0434\u043b\u044f \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 OpenJPEG \u0434\u043e \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://lists.debian.org/debian-lts-announce/2021/02/msg00011.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2020-27844/\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0441\u043d\u043e\u0432\u0430:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f chromium \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 94.0.4606.81+repack-1osnova1.1\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f chromium \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 105.0.5195.125+repack2-1~deb11u1.osnova1.strelets\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.12.2020",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "16.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "15.03.2021",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-01236",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2020-27844",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, OpenSUSE Leap, OpenJPEG, Google Chrome, \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , Novell Inc. OpenSUSE Leap 15.2 , \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f -  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0434\u043b\u044f \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 OpenJPEG, \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20), \u041f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-122), \u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 src/lib/openjp2/t2.c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0434\u043b\u044f \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 OpenJPEG \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-27844\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1907521\nhttps://lists.debian.org/debian-lts-announce/2021/02/msg00011.html\nhttps://www.suse.com/security/cve/CVE-2020-27844/\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.3/\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttps://altsp.su/obnovleniya-bezopasnosti/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20, CWE-122, CWE-787",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,3)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}

CERTFR-2021-AVI-162

Vulnerability from certfr_avis - Published: 2021-03-04 - Updated: 2021-03-04

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Google	Chrome	Chrome versions antérieures à 89.0.4389.72

References

Title

Publication Time

Tags

Bulletin de sécurité Google du 02 mars 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Chrome versions ant\u00e9rieures \u00e0 89.0.4389.72",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-21177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21177"
    },
    {
      "name": "CVE-2021-21179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21179"
    },
    {
      "name": "CVE-2021-21169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21169"
    },
    {
      "name": "CVE-2021-21187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21187"
    },
    {
      "name": "CVE-2021-21171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21171"
    },
    {
      "name": "CVE-2021-21173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21173"
    },
    {
      "name": "CVE-2021-21189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21189"
    },
    {
      "name": "CVE-2021-21164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21164"
    },
    {
      "name": "CVE-2021-21175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21175"
    },
    {
      "name": "CVE-2021-21166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21166"
    },
    {
      "name": "CVE-2021-21167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21167"
    },
    {
      "name": "CVE-2020-27844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27844"
    },
    {
      "name": "CVE-2021-21159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21159"
    },
    {
      "name": "CVE-2021-21178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21178"
    },
    {
      "name": "CVE-2021-21183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21183"
    },
    {
      "name": "CVE-2021-21163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21163"
    },
    {
      "name": "CVE-2021-21170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21170"
    },
    {
      "name": "CVE-2021-21185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21185"
    },
    {
      "name": "CVE-2021-21182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21182"
    },
    {
      "name": "CVE-2021-21186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21186"
    },
    {
      "name": "CVE-2021-21172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21172"
    },
    {
      "name": "CVE-2021-21188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21188"
    },
    {
      "name": "CVE-2021-21176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21176"
    },
    {
      "name": "CVE-2021-21162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21162"
    },
    {
      "name": "CVE-2021-21165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21165"
    },
    {
      "name": "CVE-2021-21161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21161"
    },
    {
      "name": "CVE-2021-21180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21180"
    },
    {
      "name": "CVE-2021-21174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21174"
    },
    {
      "name": "CVE-2021-21184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21184"
    },
    {
      "name": "CVE-2021-21168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21168"
    },
    {
      "name": "CVE-2021-21181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21181"
    },
    {
      "name": "CVE-2021-21190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21190"
    },
    {
      "name": "CVE-2021-21160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21160"
    }
  ],
  "initial_release_date": "2021-03-04T00:00:00",
  "last_revision_date": "2021-03-04T00:00:00",
  "links": [],
  "reference": "CERTFR-2021-AVI-162",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-03-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Chrome.\nElles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n\n\u00a0\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Google du 02 mars 2021",
      "url": "https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html"
    }
  ]
}

CERTFR-2021-AVI-167

Vulnerability from certfr_avis - Published: 2021-03-05 - Updated: 2021-03-05

De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	Edge	Microsoft Edge (basé sur Chromium) versions antérieures à 89.0.774.45

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 04 mars 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Edge (bas\u00e9 sur Chromium) versions ant\u00e9rieures \u00e0 89.0.774.45",
      "product": {
        "name": "Edge",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-21177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21177"
    },
    {
      "name": "CVE-2021-21179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21179"
    },
    {
      "name": "CVE-2021-21169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21169"
    },
    {
      "name": "CVE-2021-21187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21187"
    },
    {
      "name": "CVE-2021-21171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21171"
    },
    {
      "name": "CVE-2021-21173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21173"
    },
    {
      "name": "CVE-2021-21189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21189"
    },
    {
      "name": "CVE-2021-21164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21164"
    },
    {
      "name": "CVE-2021-21175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21175"
    },
    {
      "name": "CVE-2021-21166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21166"
    },
    {
      "name": "CVE-2021-21167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21167"
    },
    {
      "name": "CVE-2020-27844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27844"
    },
    {
      "name": "CVE-2021-21159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21159"
    },
    {
      "name": "CVE-2021-21178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21178"
    },
    {
      "name": "CVE-2021-21183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21183"
    },
    {
      "name": "CVE-2021-21163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21163"
    },
    {
      "name": "CVE-2021-21170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21170"
    },
    {
      "name": "CVE-2021-21185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21185"
    },
    {
      "name": "CVE-2021-21182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21182"
    },
    {
      "name": "CVE-2021-21186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21186"
    },
    {
      "name": "CVE-2021-21172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21172"
    },
    {
      "name": "CVE-2021-21188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21188"
    },
    {
      "name": "CVE-2021-21176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21176"
    },
    {
      "name": "CVE-2021-21162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21162"
    },
    {
      "name": "CVE-2021-21165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21165"
    },
    {
      "name": "CVE-2021-21161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21161"
    },
    {
      "name": "CVE-2021-21180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21180"
    },
    {
      "name": "CVE-2021-21174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21174"
    },
    {
      "name": "CVE-2021-21184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21184"
    },
    {
      "name": "CVE-2021-21168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21168"
    },
    {
      "name": "CVE-2021-21181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21181"
    },
    {
      "name": "CVE-2021-21190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21190"
    },
    {
      "name": "CVE-2021-21160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21160"
    }
  ],
  "initial_release_date": "2021-03-05T00:00:00",
  "last_revision_date": "2021-03-05T00:00:00",
  "links": [],
  "reference": "CERTFR-2021-AVI-167",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-03-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Edge.\nElles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 04 mars 2021",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability"
    }
  ]
}

CERTFR-2021-AVI-556

Vulnerability from certfr_avis - Published: 2021-07-21 - Updated: 2021-07-21

De multiples vulnérabilités ont été découvertes dans Oracle Database Server. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Oracle	Database Server	Oracle Database Server 12.1.0.2, 12.2.0.1, 19c
	Oracle	Database Server	Oracle Database Server versions antérieures à 21.1.0.00.04

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cpujul2021 du 20 juillet 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle Database Server 12.1.0.2, 12.2.0.1, 19c",
      "product": {
        "name": "Database Server",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Database Server versions ant\u00e9rieures \u00e0 21.1.0.00.04",
      "product": {
        "name": "Database Server",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-13956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
    },
    {
      "name": "CVE-2021-23336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23336"
    },
    {
      "name": "CVE-2020-11988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11988"
    },
    {
      "name": "CVE-2021-2337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2337"
    },
    {
      "name": "CVE-2021-2438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2438"
    },
    {
      "name": "CVE-2020-27193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27193"
    },
    {
      "name": "CVE-2021-2326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2326"
    },
    {
      "name": "CVE-2021-2333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2333"
    },
    {
      "name": "CVE-2020-10878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
    },
    {
      "name": "CVE-2021-2351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2351"
    },
    {
      "name": "CVE-2020-7760",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7760"
    },
    {
      "name": "CVE-2021-2330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2330"
    },
    {
      "name": "CVE-2020-27844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27844"
    },
    {
      "name": "CVE-2020-26870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26870"
    },
    {
      "name": "CVE-2021-2460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2460"
    },
    {
      "name": "CVE-2021-2328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2328"
    },
    {
      "name": "CVE-2019-12415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12415"
    },
    {
      "name": "CVE-2020-28196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
    },
    {
      "name": "CVE-2020-8908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
    },
    {
      "name": "CVE-2021-2336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2336"
    },
    {
      "name": "CVE-2020-11987",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11987"
    },
    {
      "name": "CVE-2021-2335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2335"
    },
    {
      "name": "CVE-2021-2329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2329"
    },
    {
      "name": "CVE-2020-25649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
    },
    {
      "name": "CVE-2021-2334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-2334"
    },
    {
      "name": "CVE-2019-17545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17545"
    }
  ],
  "initial_release_date": "2021-07-21T00:00:00",
  "last_revision_date": "2021-07-21T00:00:00",
  "links": [],
  "reference": "CERTFR-2021-AVI-556",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-07-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Database\nServer. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service,\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Database Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujul2021 du 20 juillet 2021",
      "url": "https://www.oracle.com/security-alerts/cpujul2021verbose.html#DB"
    }
  ]
}

CNVD-2021-02037

Vulnerability from cnvd - Published: 2021-01-12

Title

OpenJPEG堆缓冲区溢出漏洞（CNVD-2021-02037）

Description

OpenJPEG是一款用C语言编写的开源JPEG 2000编解码器。 OpenJPEG 2.4.0之前版本中的openjp2/t2.c中的opj_t2_encode_packet函数存在堆缓冲区溢出漏洞。攻击者可通过特制输入利用该漏洞影响机密性、完整性及可用性。

Severity

高

Patch Name

OpenJPEG堆缓冲区溢出漏洞（CNVD-2021-02037）的补丁

Patch Description

OpenJPEG是一款用C语言编写的开源JPEG 2000编解码器。 OpenJPEG 2.4.0之前版本中的openjp2/t2.c中的opj_t2_encode_packet函数存在堆缓冲区溢出漏洞。攻击者可通过特制输入利用该漏洞影响机密性、完整性及可用性。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://github.com/uclouvain/openjpeg/commit/73fdf28342e4594019af26eb6a347a34eceb6296

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-27844

Impacted products

Name
OpenJPEG OpenJPEG <2.4.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-27844",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-27844"
    }
  },
  "description": "OpenJPEG\u662f\u4e00\u6b3e\u7528C\u8bed\u8a00\u7f16\u5199\u7684\u5f00\u6e90JPEG 2000\u7f16\u89e3\u7801\u5668\u3002\n\nOpenJPEG 2.4.0\u4e4b\u524d\u7248\u672c\u4e2d\u7684openjp2/t2.c\u4e2d\u7684opj_t2_encode_packet\u51fd\u6570\u5b58\u5728\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u7279\u5236\u8f93\u5165\u5229\u7528\u8be5\u6f0f\u6d1e\u5f71\u54cd\u673a\u5bc6\u6027\u3001\u5b8c\u6574\u6027\u53ca\u53ef\u7528\u6027\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/uclouvain/openjpeg/commit/73fdf28342e4594019af26eb6a347a34eceb6296",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-02037",
  "openTime": "2021-01-12",
  "patchDescription": "OpenJPEG\u662f\u4e00\u6b3e\u7528C\u8bed\u8a00\u7f16\u5199\u7684\u5f00\u6e90JPEG 2000\u7f16\u89e3\u7801\u5668\u3002\r\n\r\nOpenJPEG 2.4.0\u4e4b\u524d\u7248\u672c\u4e2d\u7684openjp2/t2.c\u4e2d\u7684opj_t2_encode_packet\u51fd\u6570\u5b58\u5728\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u7279\u5236\u8f93\u5165\u5229\u7528\u8be5\u6f0f\u6d1e\u5f71\u54cd\u673a\u5bc6\u6027\u3001\u5b8c\u6574\u6027\u53ca\u53ef\u7528\u6027\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "OpenJPEG\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2021-02037\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "OpenJPEG OpenJPEG \u003c2.4.0"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-27844",
  "serverity": "\u9ad8",
  "submitTime": "2021-01-06",
  "title": "OpenJPEG\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2021-02037\uff09"
}

FKIE_CVE-2020-27844

Vulnerability from fkie_nvd - Published: 2021-01-05 18:15 - Updated: 2024-11-21 05:21

Severity

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1907521	Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com	https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html	Mailing List, Third Party Advisory
secalert@redhat.com	https://security.gentoo.org/glsa/202101-29	Third Party Advisory
secalert@redhat.com	https://www.oracle.com//security-alerts/cpujul2021.html	Patch, Third Party Advisory
secalert@redhat.com	https://www.oracle.com/security-alerts/cpuApr2021.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1907521	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202101-29	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com//security-alerts/cpujul2021.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuApr2021.html	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
uclouvain	openjpeg	*
debian	debian_linux	9.0
oracle	outside_in_technology	8.5.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:uclouvain:openjpeg:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E5C355-1C00-4EE7-A68E-334B9D2EC1E4",
              "versionEndExcluding": "2.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:outside_in_technology:8.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3198F822-43F8-4CB3-97F7-C2982FDA5CBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in openjpeg\u0027s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 un fallo en el archivo src/lib/openjp2/t2.c de openjpeg en versiones anteriores a 2.4.0.\u0026#xa0;Este fallo permite a un atacante proporcionar una entrada dise\u00f1ada para openjpeg durante la conversi\u00f3n y codificaci\u00f3n, causando una escritura fuera de l\u00edmites.\u0026#xa0;La mayor amenaza de esta vulnerabilidad es la confidencialidad, la integridad as\u00ed como la disponibilidad del sistema"
    }
  ],
  "id": "CVE-2020-27844",
  "lastModified": "2024-11-21T05:21:55.233",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 8.5,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-01-05T18:15:14.147",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202101-29"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202101-29"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}

GHSA-P652-VJ2W-8MCW

Vulnerability from github – Published: 2022-05-24 17:38 – Updated: 2022-10-07 18:16

Details

Severity

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-27844"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-01-05T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in openjpeg\u0027s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
  "id": "GHSA-p652-vj2w-8mcw",
  "modified": "2022-10-07T18:16:22Z",
  "published": "2022-05-24T17:38:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27844"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202101-29"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2020-27844

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2020-27844

Aliases

CVE-2020-27844

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-27844",
    "description": "A flaw was found in openjpeg\u0027s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
    "id": "GSD-2020-27844",
    "references": [
      "https://www.suse.com/security/cve/CVE-2020-27844.html",
      "https://advisories.mageia.org/CVE-2020-27844.html",
      "https://security.archlinux.org/CVE-2020-27844"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-27844"
      ],
      "details": "A flaw was found in openjpeg\u0027s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
      "id": "GSD-2020-27844",
      "modified": "2023-12-13T01:22:11.197710Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2020-27844",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "openjpeg",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "openjpeg 2.4.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A flaw was found in openjpeg\u0027s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-20-\u003eCWE-122-\u003eCWE-787"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521"
          },
          {
            "name": "GLSA-202101-29",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/202101-29"
          },
          {
            "name": "[debian-lts-announce] 20210208 [SECURITY] [DLA 2550-1] openjpeg2 security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c2.4.0",
          "affected_versions": "All versions before 2.4.0",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
          "cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-122",
            "CWE-20",
            "CWE-787",
            "CWE-937"
          ],
          "date": "2021-07-20",
          "description": "A flaw was found in openjpeg\u0027s `src/lib/openjp2/t2.c` This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
          "fixed_versions": [
            "2.4.0"
          ],
          "identifier": "CVE-2020-27844",
          "identifiers": [
            "CVE-2020-27844"
          ],
          "not_impacted": "All versions starting from 2.4.0",
          "package_slug": "conan/openjpeg",
          "pubdate": "2021-01-05",
          "solution": "Upgrade to version 2.4.0 or above.",
          "title": "Out-of-bounds Write",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-27844",
            "https://bugzilla.redhat.com/show_bug.cgi?id=1907521"
          ],
          "uuid": "525aa2f2-e7d1-4b3a-adf1-83f8a6eb5994"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:uclouvain:openjpeg:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.4.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:outside_in_technology:8.5.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2020-27844"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A flaw was found in openjpeg\u0027s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                },
                {
                  "lang": "en",
                  "value": "CWE-787"
                },
                {
                  "lang": "en",
                  "value": "CWE-122"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521",
              "refsource": "MISC",
              "tags": [
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521"
            },
            {
              "name": "GLSA-202101-29",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202101-29"
            },
            {
              "name": "[debian-lts-announce] 20210208 [SECURITY] [DLA 2550-1] openjpeg2 security update",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
            },
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 8.5,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-10-07T00:25Z",
      "publishedDate": "2021-01-05T18:15Z"
    }
  }
}

OPENSUSE-SU-2021:0392-1

Vulnerability from csaf_opensuse - Published: 2021-03-08 07:13 - Updated: 2021-03-08 07:13

Summary

Security update for chromium

Severity

Important

Notes

Title of the patch: Security update for chromium

Description of the patch: This update for chromium fixes the following issues: Update to 89.0.4389.72 (boo#1182358, boo#1182960): - CVE-2021-21159: Heap buffer overflow in TabStrip. - CVE-2021-21160: Heap buffer overflow in WebAudio. - CVE-2021-21161: Heap buffer overflow in TabStrip. - CVE-2021-21162: Use after free in WebRTC. - CVE-2021-21163: Insufficient data validation in Reader Mode. - CVE-2021-21164: Insufficient data validation in Chrome for iOS. - CVE-2021-21165: Object lifecycle issue in audio. - CVE-2021-21166: Object lifecycle issue in audio. - CVE-2021-21167: Use after free in bookmarks. - CVE-2021-21168: Insufficient policy enforcement in appcache. - CVE-2021-21169: Out of bounds memory access in V8. - CVE-2021-21170: Incorrect security UI in Loader. - CVE-2021-21171: Incorrect security UI in TabStrip and Navigation. - CVE-2021-21172: Insufficient policy enforcement in File System API. - CVE-2021-21173: Side-channel information leakage in Network Internals. - CVE-2021-21174: Inappropriate implementation in Referrer. - CVE-2021-21175: Inappropriate implementation in Site isolation. - CVE-2021-21176: Inappropriate implementation in full screen mode. - CVE-2021-21177: Insufficient policy enforcement in Autofill. - CVE-2021-21178: Inappropriate implementation in Compositing. - CVE-2021-21179: Use after free in Network Internals. - CVE-2021-21180: Use after free in tab search. - CVE-2020-27844: Heap buffer overflow in OpenJPEG. - CVE-2021-21181: Side-channel information leakage in autofill. - CVE-2021-21182: Insufficient policy enforcement in navigations. - CVE-2021-21183: Inappropriate implementation in performance APIs. - CVE-2021-21184: Inappropriate implementation in performance APIs. - CVE-2021-21185: Insufficient policy enforcement in extensions. - CVE-2021-21186: Insufficient policy enforcement in QR scanning. - CVE-2021-21187: Insufficient data validation in URL formatting. - CVE-2021-21188: Use after free in Blink. - CVE-2021-21189: Insufficient policy enforcement in payments. - CVE-2021-21190: Uninitialized Use in PDFium. - CVE-2021-21149: Stack overflow in Data Transfer. - CVE-2021-21150: Use after free in Downloads. - CVE-2021-21151: Use after free in Payments. - CVE-2021-21152: Heap buffer overflow in Media. - CVE-2021-21153: Stack overflow in GPU Process. - CVE-2021-21154: Heap buffer overflow in Tab Strip. - CVE-2021-21155: Heap buffer overflow in Tab Strip. - CVE-2021-21156: Heap buffer overflow in V8. - CVE-2021-21157: Use after free in Web Sockets. - Fixed Sandbox with glibc 2.33 (boo#1182233) - Fixed an issue where chromium hangs on opening (boo#1182775).

Patchnames: openSUSE-2021-392

CVE-2020-27844

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21149

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21150

9.6 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21151

9.6 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21152

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21153

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21154

9.6 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21155

9.6 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21156

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21157

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21159

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21160

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21161

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21162

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21163

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21164

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact moderate

CVE-2021-21165

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21166

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21167

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21168

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21169

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21170

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21171

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21172

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21173

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21174

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21175

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21176

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21177

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21178

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21179

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21180

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21181

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21182

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21183

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21184

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21185

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21186

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21187

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21188

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21189

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

CVE-2021-21190

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 2 products

Product	Identifier	Version	Remediation
Unresolved product id: openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix
Unresolved product id: openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64		—	Vendor Fix

Threats

Impact important

References

167 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://lists.opensuse.org/archives/list/security…	self
https://lists.opensuse.org/archives/list/security…	self
https://bugzilla.suse.com/1182233	self
https://bugzilla.suse.com/1182358	self
https://bugzilla.suse.com/1182775	self
https://www.suse.com/security/cve/CVE-2020-27844/	self
https://www.suse.com/security/cve/CVE-2021-21149/	self
https://www.suse.com/security/cve/CVE-2021-21150/	self
https://www.suse.com/security/cve/CVE-2021-21151/	self
https://www.suse.com/security/cve/CVE-2021-21152/	self
https://www.suse.com/security/cve/CVE-2021-21153/	self
https://www.suse.com/security/cve/CVE-2021-21154/	self
https://www.suse.com/security/cve/CVE-2021-21155/	self
https://www.suse.com/security/cve/CVE-2021-21156/	self
https://www.suse.com/security/cve/CVE-2021-21157/	self
https://www.suse.com/security/cve/CVE-2021-21159/	self
https://www.suse.com/security/cve/CVE-2021-21160/	self
https://www.suse.com/security/cve/CVE-2021-21161/	self
https://www.suse.com/security/cve/CVE-2021-21162/	self
https://www.suse.com/security/cve/CVE-2021-21163/	self
https://www.suse.com/security/cve/CVE-2021-21164/	self
https://www.suse.com/security/cve/CVE-2021-21165/	self
https://www.suse.com/security/cve/CVE-2021-21166/	self
https://www.suse.com/security/cve/CVE-2021-21167/	self
https://www.suse.com/security/cve/CVE-2021-21168/	self
https://www.suse.com/security/cve/CVE-2021-21169/	self
https://www.suse.com/security/cve/CVE-2021-21170/	self
https://www.suse.com/security/cve/CVE-2021-21171/	self
https://www.suse.com/security/cve/CVE-2021-21172/	self
https://www.suse.com/security/cve/CVE-2021-21173/	self
https://www.suse.com/security/cve/CVE-2021-21174/	self
https://www.suse.com/security/cve/CVE-2021-21175/	self
https://www.suse.com/security/cve/CVE-2021-21176/	self
https://www.suse.com/security/cve/CVE-2021-21177/	self
https://www.suse.com/security/cve/CVE-2021-21178/	self
https://www.suse.com/security/cve/CVE-2021-21179/	self
https://www.suse.com/security/cve/CVE-2021-21180/	self
https://www.suse.com/security/cve/CVE-2021-21181/	self
https://www.suse.com/security/cve/CVE-2021-21182/	self
https://www.suse.com/security/cve/CVE-2021-21183/	self
https://www.suse.com/security/cve/CVE-2021-21184/	self
https://www.suse.com/security/cve/CVE-2021-21185/	self
https://www.suse.com/security/cve/CVE-2021-21186/	self
https://www.suse.com/security/cve/CVE-2021-21187/	self
https://www.suse.com/security/cve/CVE-2021-21188/	self
https://www.suse.com/security/cve/CVE-2021-21189/	self
https://www.suse.com/security/cve/CVE-2021-21190/	self
https://www.suse.com/security/cve/CVE-2020-27844	external
https://bugzilla.suse.com/1180045	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21149	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21150	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21151	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21152	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21153	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21154	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21155	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21156	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21157	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21159	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21160	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21161	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21162	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21163	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21164	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21165	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21166	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21167	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21168	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21169	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21170	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21171	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21172	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21173	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21174	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21175	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21176	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21177	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21178	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21179	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21180	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21181	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21182	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21183	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21184	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21185	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21186	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21187	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21188	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21189	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21190	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for chromium",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for chromium fixes the following issues:\n\nUpdate to 89.0.4389.72 (boo#1182358, boo#1182960):\n\n- CVE-2021-21159: Heap buffer overflow in TabStrip.\n- CVE-2021-21160: Heap buffer overflow in WebAudio.\n- CVE-2021-21161: Heap buffer overflow in TabStrip.\n- CVE-2021-21162: Use after free in WebRTC.\n- CVE-2021-21163: Insufficient data validation in Reader Mode.\n- CVE-2021-21164: Insufficient data validation in Chrome for iOS.\n- CVE-2021-21165: Object lifecycle issue in audio.\n- CVE-2021-21166: Object lifecycle issue in audio.\n- CVE-2021-21167: Use after free in bookmarks.\n- CVE-2021-21168: Insufficient policy enforcement in appcache.\n- CVE-2021-21169: Out of bounds memory access in V8.\n- CVE-2021-21170: Incorrect security UI in Loader.\n- CVE-2021-21171: Incorrect security UI in TabStrip and Navigation.\n- CVE-2021-21172: Insufficient policy enforcement in File System API.\n- CVE-2021-21173: Side-channel information leakage in Network Internals.\n- CVE-2021-21174: Inappropriate implementation in Referrer.\n- CVE-2021-21175: Inappropriate implementation in Site isolation.\n- CVE-2021-21176: Inappropriate implementation in full screen mode.\n- CVE-2021-21177: Insufficient policy enforcement in Autofill.\n- CVE-2021-21178: Inappropriate implementation in Compositing.\n- CVE-2021-21179: Use after free in Network Internals.\n- CVE-2021-21180: Use after free in tab search.\n- CVE-2020-27844: Heap buffer overflow in OpenJPEG.\n- CVE-2021-21181: Side-channel information leakage in autofill.\n- CVE-2021-21182: Insufficient policy enforcement in navigations.\n- CVE-2021-21183: Inappropriate implementation in performance APIs.\n- CVE-2021-21184: Inappropriate implementation in performance APIs.\n- CVE-2021-21185: Insufficient policy enforcement in extensions.\n- CVE-2021-21186: Insufficient policy enforcement in QR scanning.\n- CVE-2021-21187: Insufficient data validation in URL formatting.\n- CVE-2021-21188: Use after free in Blink.\n- CVE-2021-21189: Insufficient policy enforcement in payments.\n- CVE-2021-21190: Uninitialized Use in PDFium.\n- CVE-2021-21149: Stack overflow in Data Transfer.\n- CVE-2021-21150: Use after free in Downloads.\n- CVE-2021-21151: Use after free in Payments.\n- CVE-2021-21152: Heap buffer overflow in Media.\n- CVE-2021-21153: Stack overflow in GPU Process. \n- CVE-2021-21154: Heap buffer overflow in Tab Strip.\n- CVE-2021-21155: Heap buffer overflow in Tab Strip.\n- CVE-2021-21156: Heap buffer overflow in V8.\n- CVE-2021-21157: Use after free in Web Sockets.  \n- Fixed Sandbox with glibc 2.33 (boo#1182233)\n- Fixed an issue where chromium hangs on opening (boo#1182775).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-2021-392",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0392-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2021:0392-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S66YPMC4VLRMKQGSTL3XFAVYDCVH7ADY/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2021:0392-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S66YPMC4VLRMKQGSTL3XFAVYDCVH7ADY/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1182233",
        "url": "https://bugzilla.suse.com/1182233"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1182358",
        "url": "https://bugzilla.suse.com/1182358"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1182775",
        "url": "https://bugzilla.suse.com/1182775"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-27844 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-27844/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21149 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21149/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21150 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21150/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21151 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21151/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21152 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21152/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21153 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21153/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21154 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21154/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21155 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21155/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21156 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21156/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21157 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21157/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21159 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21159/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21160 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21160/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21161 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21161/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21162 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21162/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21163 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21163/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21164 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21164/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21165 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21165/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21166 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21166/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21167 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21167/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21168 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21168/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21169 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21169/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21170 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21170/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21171 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21171/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21172 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21172/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21173 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21173/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21174 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21174/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21175 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21175/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21176 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21176/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21177 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21177/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21178 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21178/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21179 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21179/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21180 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21180/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21181 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21181/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21182 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21182/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21183 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21183/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21184 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21184/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21185 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21185/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21186 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21186/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21187 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21187/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21188 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21188/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21189 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21189/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21190 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21190/"
      }
    ],
    "title": "Security update for chromium",
    "tracking": {
      "current_release_date": "2021-03-08T07:13:12Z",
      "generator": {
        "date": "2021-03-08T07:13:12Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2021:0392-1",
      "initial_release_date": "2021-03-08T07:13:12Z",
      "revision_history": [
        {
          "date": "2021-03-08T07:13:12Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
                "product": {
                  "name": "chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
                  "product_id": "chromedriver-89.0.4389.72-lp152.2.77.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "chromium-89.0.4389.72-lp152.2.77.1.x86_64",
                "product": {
                  "name": "chromium-89.0.4389.72-lp152.2.77.1.x86_64",
                  "product_id": "chromium-89.0.4389.72-lp152.2.77.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.2",
                "product": {
                  "name": "openSUSE Leap 15.2",
                  "product_id": "openSUSE Leap 15.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-89.0.4389.72-lp152.2.77.1.x86_64 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64"
        },
        "product_reference": "chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-89.0.4389.72-lp152.2.77.1.x86_64 as component of openSUSE Leap 15.2",
          "product_id": "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        },
        "product_reference": "chromium-89.0.4389.72-lp152.2.77.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-27844",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-27844"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in openjpeg\u0027s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-27844",
          "url": "https://www.suse.com/security/cve/CVE-2020-27844"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180045 for CVE-2020-27844",
          "url": "https://bugzilla.suse.com/1180045"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2020-27844",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2020-27844",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-27844"
    },
    {
      "cve": "CVE-2021-21149",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21149"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21149",
          "url": "https://www.suse.com/security/cve/CVE-2021-21149"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21149",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21149"
    },
    {
      "cve": "CVE-2021-21150",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21150"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21150",
          "url": "https://www.suse.com/security/cve/CVE-2021-21150"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21150",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21150"
    },
    {
      "cve": "CVE-2021-21151",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21151"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21151",
          "url": "https://www.suse.com/security/cve/CVE-2021-21151"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21151",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21151"
    },
    {
      "cve": "CVE-2021-21152",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21152"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21152",
          "url": "https://www.suse.com/security/cve/CVE-2021-21152"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21152",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21152"
    },
    {
      "cve": "CVE-2021-21153",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21153"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21153",
          "url": "https://www.suse.com/security/cve/CVE-2021-21153"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21153",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21153"
    },
    {
      "cve": "CVE-2021-21154",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21154"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21154",
          "url": "https://www.suse.com/security/cve/CVE-2021-21154"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21154",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21154"
    },
    {
      "cve": "CVE-2021-21155",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21155"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21155",
          "url": "https://www.suse.com/security/cve/CVE-2021-21155"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21155",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21155"
    },
    {
      "cve": "CVE-2021-21156",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21156"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21156",
          "url": "https://www.suse.com/security/cve/CVE-2021-21156"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21156",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21156"
    },
    {
      "cve": "CVE-2021-21157",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21157"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21157",
          "url": "https://www.suse.com/security/cve/CVE-2021-21157"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21157",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21157"
    },
    {
      "cve": "CVE-2021-21159",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21159"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21159",
          "url": "https://www.suse.com/security/cve/CVE-2021-21159"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21159",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21159",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21159"
    },
    {
      "cve": "CVE-2021-21160",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21160"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21160",
          "url": "https://www.suse.com/security/cve/CVE-2021-21160"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21160",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21160",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21160"
    },
    {
      "cve": "CVE-2021-21161",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21161"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21161",
          "url": "https://www.suse.com/security/cve/CVE-2021-21161"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21161",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21161",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21161"
    },
    {
      "cve": "CVE-2021-21162",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21162"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21162",
          "url": "https://www.suse.com/security/cve/CVE-2021-21162"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21162",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21162",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21162"
    },
    {
      "cve": "CVE-2021-21163",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21163"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21163",
          "url": "https://www.suse.com/security/cve/CVE-2021-21163"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21163",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21163",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21163"
    },
    {
      "cve": "CVE-2021-21164",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21164"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21164",
          "url": "https://www.suse.com/security/cve/CVE-2021-21164"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21164",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21164",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-21164"
    },
    {
      "cve": "CVE-2021-21165",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21165"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21165",
          "url": "https://www.suse.com/security/cve/CVE-2021-21165"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21165",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21165",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21165"
    },
    {
      "cve": "CVE-2021-21166",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21166"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21166",
          "url": "https://www.suse.com/security/cve/CVE-2021-21166"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21166",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21166",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21166"
    },
    {
      "cve": "CVE-2021-21167",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21167"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21167",
          "url": "https://www.suse.com/security/cve/CVE-2021-21167"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21167",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21167",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21167"
    },
    {
      "cve": "CVE-2021-21168",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21168"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21168",
          "url": "https://www.suse.com/security/cve/CVE-2021-21168"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21168",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21168",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21168"
    },
    {
      "cve": "CVE-2021-21169",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21169"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21169",
          "url": "https://www.suse.com/security/cve/CVE-2021-21169"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21169",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21169",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21169"
    },
    {
      "cve": "CVE-2021-21170",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21170"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect security UI in Loader in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21170",
          "url": "https://www.suse.com/security/cve/CVE-2021-21170"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21170",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21170",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21170"
    },
    {
      "cve": "CVE-2021-21171",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21171"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21171",
          "url": "https://www.suse.com/security/cve/CVE-2021-21171"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21171",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21171",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21171"
    },
    {
      "cve": "CVE-2021-21172",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21172"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 89.0.4389.72 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21172",
          "url": "https://www.suse.com/security/cve/CVE-2021-21172"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21172",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21172",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21172"
    },
    {
      "cve": "CVE-2021-21173",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21173"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21173",
          "url": "https://www.suse.com/security/cve/CVE-2021-21173"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21173",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21173",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21173"
    },
    {
      "cve": "CVE-2021-21174",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21174"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21174",
          "url": "https://www.suse.com/security/cve/CVE-2021-21174"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21174",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21174",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21174"
    },
    {
      "cve": "CVE-2021-21175",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21175"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21175",
          "url": "https://www.suse.com/security/cve/CVE-2021-21175"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21175",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21175",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21175"
    },
    {
      "cve": "CVE-2021-21176",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21176"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in full screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21176",
          "url": "https://www.suse.com/security/cve/CVE-2021-21176"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21176",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21176",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21176"
    },
    {
      "cve": "CVE-2021-21177",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21177"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21177",
          "url": "https://www.suse.com/security/cve/CVE-2021-21177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21177",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21177",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21177"
    },
    {
      "cve": "CVE-2021-21178",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21178"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in Compositing in Google Chrome on Linux and Windows prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21178",
          "url": "https://www.suse.com/security/cve/CVE-2021-21178"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21178",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21178",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21178"
    },
    {
      "cve": "CVE-2021-21179",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21179"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21179",
          "url": "https://www.suse.com/security/cve/CVE-2021-21179"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21179",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21179",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21179"
    },
    {
      "cve": "CVE-2021-21180",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21180"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21180",
          "url": "https://www.suse.com/security/cve/CVE-2021-21180"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21180",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21180",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21180"
    },
    {
      "cve": "CVE-2021-21181",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21181"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21181",
          "url": "https://www.suse.com/security/cve/CVE-2021-21181"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21181",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21181",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21181"
    },
    {
      "cve": "CVE-2021-21182",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21182"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in navigations in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21182",
          "url": "https://www.suse.com/security/cve/CVE-2021-21182"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21182",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21182",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21182"
    },
    {
      "cve": "CVE-2021-21183",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21183"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21183",
          "url": "https://www.suse.com/security/cve/CVE-2021-21183"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21183",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21183",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21183"
    },
    {
      "cve": "CVE-2021-21184",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21184"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21184",
          "url": "https://www.suse.com/security/cve/CVE-2021-21184"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21184",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21184",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21184"
    },
    {
      "cve": "CVE-2021-21185",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21185"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in extensions in Google Chrome prior to 89.0.4389.72 allowed an attacker who convinced a user to install a malicious extension to obtain sensitive information via a crafted Chrome Extension.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21185",
          "url": "https://www.suse.com/security/cve/CVE-2021-21185"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21185",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21185",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21185"
    },
    {
      "cve": "CVE-2021-21186",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21186"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21186",
          "url": "https://www.suse.com/security/cve/CVE-2021-21186"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21186",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21186",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21186"
    },
    {
      "cve": "CVE-2021-21187",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21187"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21187",
          "url": "https://www.suse.com/security/cve/CVE-2021-21187"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21187",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21187",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21187"
    },
    {
      "cve": "CVE-2021-21188",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21188"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21188",
          "url": "https://www.suse.com/security/cve/CVE-2021-21188"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21188",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21188",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21188"
    },
    {
      "cve": "CVE-2021-21189",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21189"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21189",
          "url": "https://www.suse.com/security/cve/CVE-2021-21189"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21189",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21189",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21189"
    },
    {
      "cve": "CVE-2021-21190",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21190"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
          "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21190",
          "url": "https://www.suse.com/security/cve/CVE-2021-21190"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21190",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21190",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Leap 15.2:chromedriver-89.0.4389.72-lp152.2.77.1.x86_64",
            "openSUSE Leap 15.2:chromium-89.0.4389.72-lp152.2.77.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-08T07:13:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21190"
    }
  ]
}

OPENSUSE-SU-2021:0401-1

Vulnerability from csaf_opensuse - Published: 2021-03-09 19:05 - Updated: 2021-03-09 19:05

Summary

Security update for chromium

Severity

Important

Notes

Title of the patch: Security update for chromium

Patchnames: openSUSE-2021-401

CVE-2020-27844

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21149

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21150

9.6 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21151

9.6 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21152

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21153

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21154

9.6 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21155

9.6 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21156

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21157

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21159

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21160

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21161

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21162

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21163

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21164

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2021-21165

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21166

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21167

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21168

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21169

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21170

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21171

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21172

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21173

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21174

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21175

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21176

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21177

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21178

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21179

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21180

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21181

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21182

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21183

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21184

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21185

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21186

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21187

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21188

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21189

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2021-21190

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64	—	Vendor Fix

Threats

Impact important

References

167 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://lists.opensuse.org/archives/list/security…	self
https://lists.opensuse.org/archives/list/security…	self
https://bugzilla.suse.com/1182233	self
https://bugzilla.suse.com/1182358	self
https://bugzilla.suse.com/1182775	self
https://www.suse.com/security/cve/CVE-2020-27844/	self
https://www.suse.com/security/cve/CVE-2021-21149/	self
https://www.suse.com/security/cve/CVE-2021-21150/	self
https://www.suse.com/security/cve/CVE-2021-21151/	self
https://www.suse.com/security/cve/CVE-2021-21152/	self
https://www.suse.com/security/cve/CVE-2021-21153/	self
https://www.suse.com/security/cve/CVE-2021-21154/	self
https://www.suse.com/security/cve/CVE-2021-21155/	self
https://www.suse.com/security/cve/CVE-2021-21156/	self
https://www.suse.com/security/cve/CVE-2021-21157/	self
https://www.suse.com/security/cve/CVE-2021-21159/	self
https://www.suse.com/security/cve/CVE-2021-21160/	self
https://www.suse.com/security/cve/CVE-2021-21161/	self
https://www.suse.com/security/cve/CVE-2021-21162/	self
https://www.suse.com/security/cve/CVE-2021-21163/	self
https://www.suse.com/security/cve/CVE-2021-21164/	self
https://www.suse.com/security/cve/CVE-2021-21165/	self
https://www.suse.com/security/cve/CVE-2021-21166/	self
https://www.suse.com/security/cve/CVE-2021-21167/	self
https://www.suse.com/security/cve/CVE-2021-21168/	self
https://www.suse.com/security/cve/CVE-2021-21169/	self
https://www.suse.com/security/cve/CVE-2021-21170/	self
https://www.suse.com/security/cve/CVE-2021-21171/	self
https://www.suse.com/security/cve/CVE-2021-21172/	self
https://www.suse.com/security/cve/CVE-2021-21173/	self
https://www.suse.com/security/cve/CVE-2021-21174/	self
https://www.suse.com/security/cve/CVE-2021-21175/	self
https://www.suse.com/security/cve/CVE-2021-21176/	self
https://www.suse.com/security/cve/CVE-2021-21177/	self
https://www.suse.com/security/cve/CVE-2021-21178/	self
https://www.suse.com/security/cve/CVE-2021-21179/	self
https://www.suse.com/security/cve/CVE-2021-21180/	self
https://www.suse.com/security/cve/CVE-2021-21181/	self
https://www.suse.com/security/cve/CVE-2021-21182/	self
https://www.suse.com/security/cve/CVE-2021-21183/	self
https://www.suse.com/security/cve/CVE-2021-21184/	self
https://www.suse.com/security/cve/CVE-2021-21185/	self
https://www.suse.com/security/cve/CVE-2021-21186/	self
https://www.suse.com/security/cve/CVE-2021-21187/	self
https://www.suse.com/security/cve/CVE-2021-21188/	self
https://www.suse.com/security/cve/CVE-2021-21189/	self
https://www.suse.com/security/cve/CVE-2021-21190/	self
https://www.suse.com/security/cve/CVE-2020-27844	external
https://bugzilla.suse.com/1180045	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21149	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21150	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21151	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21152	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21153	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21154	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21155	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21156	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21157	external
https://bugzilla.suse.com/1182358	external
https://www.suse.com/security/cve/CVE-2021-21159	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21160	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21161	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21162	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21163	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21164	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21165	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21166	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21167	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21168	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21169	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21170	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21171	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21172	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21173	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21174	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21175	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21176	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21177	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21178	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21179	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21180	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21181	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21182	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21183	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21184	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21185	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21186	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21187	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21188	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21189	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external
https://www.suse.com/security/cve/CVE-2021-21190	external
https://bugzilla.suse.com/1182960	external
https://bugzilla.suse.com/1183514	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for chromium",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for chromium fixes the following issues:\n\nUpdate to 89.0.4389.72 (boo#1182358, boo#1182960):\n\n- CVE-2021-21159: Heap buffer overflow in TabStrip.\n- CVE-2021-21160: Heap buffer overflow in WebAudio.\n- CVE-2021-21161: Heap buffer overflow in TabStrip.\n- CVE-2021-21162: Use after free in WebRTC.\n- CVE-2021-21163: Insufficient data validation in Reader Mode.\n- CVE-2021-21164: Insufficient data validation in Chrome for iOS.\n- CVE-2021-21165: Object lifecycle issue in audio.\n- CVE-2021-21166: Object lifecycle issue in audio.\n- CVE-2021-21167: Use after free in bookmarks.\n- CVE-2021-21168: Insufficient policy enforcement in appcache.\n- CVE-2021-21169: Out of bounds memory access in V8.\n- CVE-2021-21170: Incorrect security UI in Loader.\n- CVE-2021-21171: Incorrect security UI in TabStrip and Navigation.\n- CVE-2021-21172: Insufficient policy enforcement in File System API.\n- CVE-2021-21173: Side-channel information leakage in Network Internals.\n- CVE-2021-21174: Inappropriate implementation in Referrer.\n- CVE-2021-21175: Inappropriate implementation in Site isolation.\n- CVE-2021-21176: Inappropriate implementation in full screen mode.\n- CVE-2021-21177: Insufficient policy enforcement in Autofill.\n- CVE-2021-21178: Inappropriate implementation in Compositing.\n- CVE-2021-21179: Use after free in Network Internals.\n- CVE-2021-21180: Use after free in tab search.\n- CVE-2020-27844: Heap buffer overflow in OpenJPEG.\n- CVE-2021-21181: Side-channel information leakage in autofill.\n- CVE-2021-21182: Insufficient policy enforcement in navigations.\n- CVE-2021-21183: Inappropriate implementation in performance APIs.\n- CVE-2021-21184: Inappropriate implementation in performance APIs.\n- CVE-2021-21185: Insufficient policy enforcement in extensions.\n- CVE-2021-21186: Insufficient policy enforcement in QR scanning.\n- CVE-2021-21187: Insufficient data validation in URL formatting.\n- CVE-2021-21188: Use after free in Blink.\n- CVE-2021-21189: Insufficient policy enforcement in payments.\n- CVE-2021-21190: Uninitialized Use in PDFium.\n- CVE-2021-21149: Stack overflow in Data Transfer.\n- CVE-2021-21150: Use after free in Downloads.\n- CVE-2021-21151: Use after free in Payments.\n- CVE-2021-21152: Heap buffer overflow in Media.\n- CVE-2021-21153: Stack overflow in GPU Process. \n- CVE-2021-21154: Heap buffer overflow in Tab Strip.\n- CVE-2021-21155: Heap buffer overflow in Tab Strip.\n- CVE-2021-21156: Heap buffer overflow in V8.\n- CVE-2021-21157: Use after free in Web Sockets.  \n- Fixed Sandbox with glibc 2.33 (boo#1182233)\n- Fixed an issue where chromium hangs on opening (boo#1182775).\n\nThis update was imported from the openSUSE:Leap:15.2:Update update project.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-2021-401",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0401-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2021:0401-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/F5HQTB6OX4JN5OFGWK6KZIS4UD7TGBXF/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2021:0401-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/F5HQTB6OX4JN5OFGWK6KZIS4UD7TGBXF/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1182233",
        "url": "https://bugzilla.suse.com/1182233"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1182358",
        "url": "https://bugzilla.suse.com/1182358"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1182775",
        "url": "https://bugzilla.suse.com/1182775"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-27844 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-27844/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21149 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21149/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21150 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21150/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21151 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21151/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21152 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21152/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21153 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21153/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21154 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21154/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21155 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21155/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21156 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21156/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21157 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21157/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21159 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21159/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21160 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21160/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21161 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21161/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21162 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21162/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21163 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21163/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21164 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21164/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21165 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21165/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21166 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21166/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21167 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21167/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21168 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21168/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21169 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21169/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21170 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21170/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21171 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21171/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21172 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21172/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21173 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21173/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21174 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21174/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21175 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21175/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21176 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21176/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21177 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21177/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21178 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21178/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21179 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21179/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21180 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21180/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21181 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21181/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21182 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21182/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21183 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21183/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21184 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21184/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21185 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21185/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21186 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21186/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21187 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21187/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21188 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21188/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21189 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21189/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-21190 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-21190/"
      }
    ],
    "title": "Security update for chromium",
    "tracking": {
      "current_release_date": "2021-03-09T19:05:08Z",
      "generator": {
        "date": "2021-03-09T19:05:08Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2021:0401-1",
      "initial_release_date": "2021-03-09T19:05:08Z",
      "revision_history": [
        {
          "date": "2021-03-09T19:05:08Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
                "product": {
                  "name": "chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
                  "product_id": "chromedriver-89.0.4389.72-bp152.2.62.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "chromium-89.0.4389.72-bp152.2.62.1.aarch64",
                "product": {
                  "name": "chromium-89.0.4389.72-bp152.2.62.1.aarch64",
                  "product_id": "chromium-89.0.4389.72-bp152.2.62.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
                "product": {
                  "name": "chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
                  "product_id": "chromedriver-89.0.4389.72-bp152.2.62.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "chromium-89.0.4389.72-bp152.2.62.1.x86_64",
                "product": {
                  "name": "chromium-89.0.4389.72-bp152.2.62.1.x86_64",
                  "product_id": "chromium-89.0.4389.72-bp152.2.62.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Package Hub 15 SP2",
                "product": {
                  "name": "SUSE Package Hub 15 SP2",
                  "product_id": "SUSE Package Hub 15 SP2"
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-89.0.4389.72-bp152.2.62.1.aarch64 as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64"
        },
        "product_reference": "chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-89.0.4389.72-bp152.2.62.1.x86_64 as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64"
        },
        "product_reference": "chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-89.0.4389.72-bp152.2.62.1.aarch64 as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64"
        },
        "product_reference": "chromium-89.0.4389.72-bp152.2.62.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-89.0.4389.72-bp152.2.62.1.x86_64 as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        },
        "product_reference": "chromium-89.0.4389.72-bp152.2.62.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-27844",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-27844"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in openjpeg\u0027s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-27844",
          "url": "https://www.suse.com/security/cve/CVE-2020-27844"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1180045 for CVE-2020-27844",
          "url": "https://bugzilla.suse.com/1180045"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2020-27844",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2020-27844",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-27844"
    },
    {
      "cve": "CVE-2021-21149",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21149"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21149",
          "url": "https://www.suse.com/security/cve/CVE-2021-21149"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21149",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21149"
    },
    {
      "cve": "CVE-2021-21150",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21150"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21150",
          "url": "https://www.suse.com/security/cve/CVE-2021-21150"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21150",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21150"
    },
    {
      "cve": "CVE-2021-21151",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21151"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21151",
          "url": "https://www.suse.com/security/cve/CVE-2021-21151"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21151",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21151"
    },
    {
      "cve": "CVE-2021-21152",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21152"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21152",
          "url": "https://www.suse.com/security/cve/CVE-2021-21152"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21152",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21152"
    },
    {
      "cve": "CVE-2021-21153",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21153"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21153",
          "url": "https://www.suse.com/security/cve/CVE-2021-21153"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21153",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21153"
    },
    {
      "cve": "CVE-2021-21154",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21154"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21154",
          "url": "https://www.suse.com/security/cve/CVE-2021-21154"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21154",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21154"
    },
    {
      "cve": "CVE-2021-21155",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21155"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21155",
          "url": "https://www.suse.com/security/cve/CVE-2021-21155"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21155",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21155"
    },
    {
      "cve": "CVE-2021-21156",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21156"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21156",
          "url": "https://www.suse.com/security/cve/CVE-2021-21156"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21156",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21156"
    },
    {
      "cve": "CVE-2021-21157",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21157"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21157",
          "url": "https://www.suse.com/security/cve/CVE-2021-21157"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182358 for CVE-2021-21157",
          "url": "https://bugzilla.suse.com/1182358"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21157"
    },
    {
      "cve": "CVE-2021-21159",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21159"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21159",
          "url": "https://www.suse.com/security/cve/CVE-2021-21159"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21159",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21159",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21159"
    },
    {
      "cve": "CVE-2021-21160",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21160"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21160",
          "url": "https://www.suse.com/security/cve/CVE-2021-21160"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21160",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21160",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21160"
    },
    {
      "cve": "CVE-2021-21161",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21161"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21161",
          "url": "https://www.suse.com/security/cve/CVE-2021-21161"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21161",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21161",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21161"
    },
    {
      "cve": "CVE-2021-21162",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21162"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21162",
          "url": "https://www.suse.com/security/cve/CVE-2021-21162"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21162",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21162",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21162"
    },
    {
      "cve": "CVE-2021-21163",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21163"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21163",
          "url": "https://www.suse.com/security/cve/CVE-2021-21163"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21163",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21163",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21163"
    },
    {
      "cve": "CVE-2021-21164",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21164"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21164",
          "url": "https://www.suse.com/security/cve/CVE-2021-21164"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21164",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21164",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-21164"
    },
    {
      "cve": "CVE-2021-21165",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21165"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21165",
          "url": "https://www.suse.com/security/cve/CVE-2021-21165"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21165",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21165",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21165"
    },
    {
      "cve": "CVE-2021-21166",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21166"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21166",
          "url": "https://www.suse.com/security/cve/CVE-2021-21166"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21166",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21166",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21166"
    },
    {
      "cve": "CVE-2021-21167",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21167"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21167",
          "url": "https://www.suse.com/security/cve/CVE-2021-21167"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21167",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21167",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21167"
    },
    {
      "cve": "CVE-2021-21168",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21168"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21168",
          "url": "https://www.suse.com/security/cve/CVE-2021-21168"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21168",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21168",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21168"
    },
    {
      "cve": "CVE-2021-21169",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21169"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21169",
          "url": "https://www.suse.com/security/cve/CVE-2021-21169"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21169",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21169",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21169"
    },
    {
      "cve": "CVE-2021-21170",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21170"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect security UI in Loader in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21170",
          "url": "https://www.suse.com/security/cve/CVE-2021-21170"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21170",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21170",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21170"
    },
    {
      "cve": "CVE-2021-21171",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21171"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21171",
          "url": "https://www.suse.com/security/cve/CVE-2021-21171"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21171",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21171",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21171"
    },
    {
      "cve": "CVE-2021-21172",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21172"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 89.0.4389.72 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21172",
          "url": "https://www.suse.com/security/cve/CVE-2021-21172"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21172",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21172",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21172"
    },
    {
      "cve": "CVE-2021-21173",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21173"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21173",
          "url": "https://www.suse.com/security/cve/CVE-2021-21173"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21173",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21173",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21173"
    },
    {
      "cve": "CVE-2021-21174",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21174"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21174",
          "url": "https://www.suse.com/security/cve/CVE-2021-21174"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21174",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21174",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21174"
    },
    {
      "cve": "CVE-2021-21175",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21175"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21175",
          "url": "https://www.suse.com/security/cve/CVE-2021-21175"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21175",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21175",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21175"
    },
    {
      "cve": "CVE-2021-21176",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21176"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in full screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21176",
          "url": "https://www.suse.com/security/cve/CVE-2021-21176"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21176",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21176",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21176"
    },
    {
      "cve": "CVE-2021-21177",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21177"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21177",
          "url": "https://www.suse.com/security/cve/CVE-2021-21177"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21177",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21177",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21177"
    },
    {
      "cve": "CVE-2021-21178",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21178"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in Compositing in Google Chrome on Linux and Windows prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21178",
          "url": "https://www.suse.com/security/cve/CVE-2021-21178"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21178",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21178",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21178"
    },
    {
      "cve": "CVE-2021-21179",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21179"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21179",
          "url": "https://www.suse.com/security/cve/CVE-2021-21179"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21179",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21179",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21179"
    },
    {
      "cve": "CVE-2021-21180",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21180"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21180",
          "url": "https://www.suse.com/security/cve/CVE-2021-21180"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21180",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21180",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21180"
    },
    {
      "cve": "CVE-2021-21181",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21181"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21181",
          "url": "https://www.suse.com/security/cve/CVE-2021-21181"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21181",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21181",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21181"
    },
    {
      "cve": "CVE-2021-21182",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21182"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in navigations in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21182",
          "url": "https://www.suse.com/security/cve/CVE-2021-21182"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21182",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21182",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21182"
    },
    {
      "cve": "CVE-2021-21183",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21183"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21183",
          "url": "https://www.suse.com/security/cve/CVE-2021-21183"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21183",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21183",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21183"
    },
    {
      "cve": "CVE-2021-21184",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21184"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21184",
          "url": "https://www.suse.com/security/cve/CVE-2021-21184"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21184",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21184",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21184"
    },
    {
      "cve": "CVE-2021-21185",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21185"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in extensions in Google Chrome prior to 89.0.4389.72 allowed an attacker who convinced a user to install a malicious extension to obtain sensitive information via a crafted Chrome Extension.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21185",
          "url": "https://www.suse.com/security/cve/CVE-2021-21185"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21185",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21185",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21185"
    },
    {
      "cve": "CVE-2021-21186",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21186"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21186",
          "url": "https://www.suse.com/security/cve/CVE-2021-21186"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21186",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21186",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21186"
    },
    {
      "cve": "CVE-2021-21187",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21187"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21187",
          "url": "https://www.suse.com/security/cve/CVE-2021-21187"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21187",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21187",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21187"
    },
    {
      "cve": "CVE-2021-21188",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21188"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21188",
          "url": "https://www.suse.com/security/cve/CVE-2021-21188"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21188",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21188",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21188"
    },
    {
      "cve": "CVE-2021-21189",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21189"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21189",
          "url": "https://www.suse.com/security/cve/CVE-2021-21189"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21189",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21189",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21189"
    },
    {
      "cve": "CVE-2021-21190",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-21190"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
          "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-21190",
          "url": "https://www.suse.com/security/cve/CVE-2021-21190"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182960 for CVE-2021-21190",
          "url": "https://bugzilla.suse.com/1182960"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1183514 for CVE-2021-21190",
          "url": "https://bugzilla.suse.com/1183514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64",
            "SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-09T19:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-21190"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-27844 (GCVE-0-2020-27844)

Solution

Solution

Solution

Tags

Sightings

Nomenclature