Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-30547 (GCVE-0-2021-30547)
Vulnerability from cvelistv5 – Published: 2021-06-15 21:40 – Updated: 2024-08-03 22:32
VLAI
EPSS
Summary
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
Severity
8.8 (High)
CWE
- Out of bounds write
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://chromereleases.googleblog.com/2021/06/sta… | x_refsource_MISC |
| https://crbug.com/1210414 | x_refsource_MISC |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://www.debian.org/security/2021/dsa-4939 | vendor-advisoryx_refsource_DEBIAN |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://www.debian.org/security/2021/dsa-4940 | vendor-advisoryx_refsource_DEBIAN |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://security.gentoo.org/glsa/202202-03 | vendor-advisoryx_refsource_GENTOO |
| https://security.gentoo.org/glsa/202208-14 | vendor-advisoryx_refsource_GENTOO |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:32:41.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://crbug.com/1210414"
},
{
"name": "FEDORA-2021-f94dadff78",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/"
},
{
"name": "DSA-4939",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4939"
},
{
"name": "[debian-lts-announce] 20210715 [SECURITY] [DLA 2709-1] firefox-esr security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00009.html"
},
{
"name": "FEDORA-2021-ca58c57bdf",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/"
},
{
"name": "DSA-4940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4940"
},
{
"name": "[debian-lts-announce] 20210719 [SECURITY] [DLA 2711-1] thunderbird security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00010.html"
},
{
"name": "GLSA-202202-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202202-03"
},
{
"name": "GLSA-202208-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-14"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "91.0.4472.101",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of bounds write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-10T06:08:18.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://crbug.com/1210414"
},
{
"name": "FEDORA-2021-f94dadff78",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/"
},
{
"name": "DSA-4939",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4939"
},
{
"name": "[debian-lts-announce] 20210715 [SECURITY] [DLA 2709-1] firefox-esr security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00009.html"
},
{
"name": "FEDORA-2021-ca58c57bdf",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/"
},
{
"name": "DSA-4940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4940"
},
{
"name": "[debian-lts-announce] 20210719 [SECURITY] [DLA 2711-1] thunderbird security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00010.html"
},
{
"name": "GLSA-202202-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202202-03"
},
{
"name": "GLSA-202208-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202208-14"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "chrome-cve-admin@google.com",
"ID": "CVE-2021-30547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "91.0.4472.101"
}
]
}
}
]
},
"vendor_name": "Google"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html"
},
{
"name": "https://crbug.com/1210414",
"refsource": "MISC",
"url": "https://crbug.com/1210414"
},
{
"name": "FEDORA-2021-f94dadff78",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/"
},
{
"name": "DSA-4939",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4939"
},
{
"name": "[debian-lts-announce] 20210715 [SECURITY] [DLA 2709-1] firefox-esr security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00009.html"
},
{
"name": "FEDORA-2021-ca58c57bdf",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/"
},
{
"name": "DSA-4940",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4940"
},
{
"name": "[debian-lts-announce] 20210719 [SECURITY] [DLA 2711-1] thunderbird security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00010.html"
},
{
"name": "GLSA-202202-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202202-03"
},
{
"name": "GLSA-202208-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-14"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2021-30547",
"datePublished": "2021-06-15T21:40:28.000Z",
"dateReserved": "2021-04-13T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:32:41.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-30547",
"date": "2026-06-03",
"epss": "0.02512",
"percentile": "0.85659"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-30547\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2021-06-15T22:15:08.930\",\"lastModified\":\"2024-11-21T06:04:09.400\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.\"},{\"lang\":\"es\",\"value\":\"Una escritura fuera de l\u00edmites en ANGLE en Google Chrome versiones anteriores a 91.0.4472.101 permit\u00eda a un atacante remoto potencialmente llevar a cabo un acceso a la memoria fuera de l\u00edmites por medio de una p\u00e1gina HTML dise\u00f1ada\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"91.0.4472.101\",\"matchCriteriaId\":\"6632C3A3-B619-4774-9822-3B4E8A26599E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"97.0\",\"matchCriteriaId\":\"56478BD7-9D9D-4513-9DDF-47AAC10550BF\"}]}]}],\"references\":[{\"url\":\"https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1210414\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/07/msg00009.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/07/msg00010.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://security.gentoo.org/glsa/202202-03\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202208-14\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4939\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4940\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1210414\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/07/msg00009.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/07/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202202-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202208-14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4939\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4940\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
Title
Уязвимость почтового клиента Mozilla Thunderbird, связанная с записью за границами буфера в памяти, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость почтового клиента Mozilla Thunderbird, связана с записью за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код путем создания специальной веб-страницы
Severity
Vendor
Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра», ООО «Ред Софт», Mozilla Corp., Google Inc, АО «ИВК», АО "НППКТ", АО «Концерн ВНИИНС»
Software Name
Debian GNU/Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369), РЕД ОС (запись в едином реестре российских программ №3751), Thunderbird, Firefox, Google Chrome, Firefox ESR, Альт 8 СП (запись в едином реестре российских программ №4305), ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)
Software Version
9 (Debian GNU/Linux), 1.6 «Смоленск» (Astra Linux Special Edition), 10 (Debian GNU/Linux), 7.2 Муром (РЕД ОС), от 60.0 до 78.11 (Thunderbird), до 90 (Firefox), 11 (Debian GNU/Linux), до 91.0.4472.101 (Google Chrome), до 78.12 (Firefox ESR), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), - (Альт 8 СП), до 2.1 (ОСОН ОСнова Оnyx), до 2.3 (ОСОН ОСнова Оnyx), до 16.01.2023 (ОС ОН «Стрелец»)
Possible Mitigations
Использование рекомендаций:
Для РедОС:
http://repo.red-soft.ru/redos/7.2c/x86_64/updates/
Для Google Chrome:
использование рекомендаций производителя: https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html
Для Firefox:
использование рекомендаций производителя: https://www.mozilla.org/en-US/security/advisories/mfsa2021-28/#CVE-2021-30547
Для Firefox ESR:
использование рекомендаций производителя: https://www.mozilla.org/en-US/security/advisories/mfsa2021-29/#CVE-2021-30547
Для Thunderbird:
использование рекомендаций производителя: https://www.mozilla.org/en-US/security/advisories/mfsa2021-30/#CVE-2021-30547
Для ОС Debian:
использование рекомендаций производителя: https://security-tracker.debian.org/tracker/CVE-2021-30547
Для ОС Astra Linux:
использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20211008SE16
использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17
использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47
Для ОСОН Основа:
Обновление программного обеспечения thunderbird до версии 1:78.13.0+repack-1~deb10u1.osnova1
Для ОСОН Основа:
Обновление программного обеспечения firefox-esr до версии 78.13.0esr+repack-1~deb10u1.osnova2
Для ОСОН Основа:
Обновление программного обеспечения chromium до версии 94.0.4606.81+repack-1osnova1.1
Для ОС ОН «Стрелец»:
Обновление программного обеспечения thunderbird до версии 1:91.13.0+repack-1~deb10u1.osnova1.strelets
Обновление программного обеспечения chromium до версии 105.0.5195.125+repack2-1~deb11u1.osnova1.strelets
Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства
Reference
https://redos.red-soft.ru/updatesec/
https://www.cybersecurity-help.cz/vdb/SB2021071380
https://www.securitylab.ru/vulnerability/522218.php
https://nvd.nist.gov/vuln/detail/CVE-2021-30547
https://security-tracker.debian.org/tracker/CVE-2021-30547
https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html
https://bugs.chromium.org/p/chromium/issues/detail?id=1210414
https://www.mozilla.org/en-US/security/advisories/mfsa2021-28/#CVE-2021-30547
https://www.mozilla.org/en-US/security/advisories/mfsa2021-29/#CVE-2021-30547
https://www.mozilla.org/en-US/security/advisories/mfsa2021-30/#CVE-2021-30547
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.1/
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.3/
https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023
https://altsp.su/obnovleniya-bezopasnosti/
CWE
CWE-787
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, Mozilla Corp., Google Inc, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 10 (Debian GNU/Linux), 7.2 \u041c\u0443\u0440\u043e\u043c (\u0420\u0415\u0414 \u041e\u0421), \u043e\u0442 60.0 \u0434\u043e 78.11 (Thunderbird), \u0434\u043e 90 (Firefox), 11 (Debian GNU/Linux), \u0434\u043e 91.0.4472.101 (Google Chrome), \u0434\u043e 78.12 (Firefox ESR), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), \u0434\u043e 2.1 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), \u0434\u043e 2.3 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421:\nhttp://repo.red-soft.ru/redos/7.2c/x86_64/updates/\n\n\u0414\u043b\u044f Google Chrome:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html\n\n\u0414\u043b\u044f Firefox:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://www.mozilla.org/en-US/security/advisories/mfsa2021-28/#CVE-2021-30547\n\n\u0414\u043b\u044f Firefox ESR:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://www.mozilla.org/en-US/security/advisories/mfsa2021-29/#CVE-2021-30547\n\n\u0414\u043b\u044f Thunderbird:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://www.mozilla.org/en-US/security/advisories/mfsa2021-30/#CVE-2021-30547\n\n\u0414\u043b\u044f \u041e\u0421 Debian:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://security-tracker.debian.org/tracker/CVE-2021-30547\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20211008SE16\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0441\u043d\u043e\u0432\u0430:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f thunderbird \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1:78.13.0+repack-1~deb10u1.osnova1\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0441\u043d\u043e\u0432\u0430:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f firefox-esr \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 78.13.0esr+repack-1~deb10u1.osnova2\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0441\u043d\u043e\u0432\u0430:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f chromium \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 94.0.4606.81+repack-1osnova1.1\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f thunderbird \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1:91.13.0+repack-1~deb10u1.osnova1.strelets\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f chromium \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 105.0.5195.125+repack2-1~deb11u1.osnova1.strelets\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "13.07.2021",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "16.09.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "20.07.2021",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-03660",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-30547",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Thunderbird, Firefox, Google Chrome, Firefox ESR, \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.2 \u041c\u0443\u0440\u043e\u043c (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f - (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430 Mozilla Thunderbird, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0433\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430 Mozilla Thunderbird, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043f\u0443\u0442\u0435\u043c \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://redos.red-soft.ru/updatesec/\nhttps://www.cybersecurity-help.cz/vdb/SB2021071380\nhttps://www.securitylab.ru/vulnerability/522218.php\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-30547\nhttps://security-tracker.debian.org/tracker/CVE-2021-30547\nhttps://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html\nhttps://bugs.chromium.org/p/chromium/issues/detail?id=1210414\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2021-28/#CVE-2021-30547\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2021-29/#CVE-2021-30547\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2021-30/#CVE-2021-30547\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.1/\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.3/\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttps://altsp.su/obnovleniya-bezopasnosti/",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-787",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}
CERTFR-2021-AVI-455
Vulnerability from certfr_avis - Published: 2021-06-10 - Updated: 2021-06-10
De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Google Chrome versions ant\u00e9rieures \u00e0 91.0.4472.101",
"product": {
"name": "Chrome",
"vendor": {
"name": "Google",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-30551",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30551"
},
{
"name": "CVE-2021-30548",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30548"
},
{
"name": "CVE-2021-30553",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30553"
},
{
"name": "CVE-2021-30552",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30552"
},
{
"name": "CVE-2021-30550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30550"
},
{
"name": "CVE-2021-30544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30544"
},
{
"name": "CVE-2021-30549",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30549"
},
{
"name": "CVE-2021-30545",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30545"
},
{
"name": "CVE-2021-30546",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30546"
},
{
"name": "CVE-2021-30547",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30547"
}
],
"initial_release_date": "2021-06-10T00:00:00",
"last_revision_date": "2021-06-10T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-455",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-06-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Chrome.\nElles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Google du 09 juin 2021",
"url": "https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html"
}
]
}
CERTFR-2021-AVI-461
Vulnerability from certfr_avis - Published: 2021-06-14 - Updated: 2021-06-14
De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Microsoft Edge (Chromium-based) versions ant\u00e9rieures \u00e0 91.0.864.48",
"product": {
"name": "Edge",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-30551",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30551"
},
{
"name": "CVE-2021-30548",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30548"
},
{
"name": "CVE-2021-30553",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30553"
},
{
"name": "CVE-2021-30552",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30552"
},
{
"name": "CVE-2021-30550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30550"
},
{
"name": "CVE-2021-30544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30544"
},
{
"name": "CVE-2021-30549",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30549"
},
{
"name": "CVE-2021-30545",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30545"
},
{
"name": "CVE-2021-30546",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30546"
},
{
"name": "CVE-2021-30547",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30547"
}
],
"initial_release_date": "2021-06-14T00:00:00",
"last_revision_date": "2021-06-14T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-461",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-06-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Edge.\nElles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-30548 du 11 juin 2021",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30548"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-30544 du 11 juin 2021",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30544"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-30551 du 11 juin 2021",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30551"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-30546 du 11 juin 2021",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30546"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-30550 du 11 juin 2021",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30550"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-30545 du 11 juin 2021",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30545"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-30549 du 11 juin 2021",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30549"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-30552 du 11 juin 2021",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30552"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-30547 du 11 juin 2021",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30547"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2021-30553 du 11 juin 2021",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-30553"
}
]
}
CERTFR-2021-AVI-528
Vulnerability from certfr_avis - Published: 2021-07-16 - Updated: 2021-07-16
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | Firefox ESR | Mozilla Firefox ESR versions antérieures à 78.12 | ||
| Mozilla | Thunderbird | Mozilla Thunderbird versions antérieures à 78.12 | ||
| Mozilla | Firefox | Mozilla Firefox versions antérieures à 90 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Mozilla Firefox ESR versions ant\u00e9rieures \u00e0 78.12",
"product": {
"name": "Firefox ESR",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Mozilla Thunderbird versions ant\u00e9rieures \u00e0 78.12",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Mozilla Firefox versions ant\u00e9rieures \u00e0 90",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-29976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29976"
},
{
"name": "CVE-2021-29971",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29971"
},
{
"name": "CVE-2021-29974",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29974"
},
{
"name": "CVE-2021-29970",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29970"
},
{
"name": "CVE-2021-29975",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29975"
},
{
"name": "CVE-2021-29973",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29973"
},
{
"name": "CVE-2021-29972",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29972"
},
{
"name": "CVE-2021-29969",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29969"
},
{
"name": "CVE-2021-30547",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30547"
},
{
"name": "CVE-2021-29977",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29977"
}
],
"initial_release_date": "2021-07-16T00:00:00",
"last_revision_date": "2021-07-16T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-528",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-07-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nMozilla. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2021-28 du 13 juillet 2021",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-28/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2021-30 du 13 juillet 2021",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-30/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla mfsa2021-29 du 13 juillet 2021",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2021-29/"
}
]
}
Title
Google Chrome越界写入漏洞(CNVD-2021-43406)
Description
Chrome是由Google开发的一款设计简单、高效的Web浏览工具,其特点是简洁、快速。
Google Chrome 91.0.4472.101之前版本中的ANGLE存在越界写入漏洞。目前没有详细的漏洞细节提供。
Severity
中
Patch Name
Google Chrome越界写入漏洞(CNVD-2021-43406)的补丁
Patch Description
Chrome是由Google开发的一款设计简单、高效的Web浏览工具,其特点是简洁、快速。
Google Chrome 91.0.4472.101之前版本中的ANGLE存在越界写入漏洞。目前没有详细的漏洞细节提供。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html
Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-30547
Impacted products
| Name | Google Chrome <91.0.4472.101 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2021-30547",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-30547"
}
},
"description": "Chrome\u662f\u7531Google\u5f00\u53d1\u7684\u4e00\u6b3e\u8bbe\u8ba1\u7b80\u5355\u3001\u9ad8\u6548\u7684Web\u6d4f\u89c8\u5de5\u5177\uff0c\u5176\u7279\u70b9\u662f\u7b80\u6d01\u3001\u5feb\u901f\u3002\n\nGoogle Chrome 91.0.4472.101\u4e4b\u524d\u7248\u672c\u4e2d\u7684ANGLE\u5b58\u5728\u8d8a\u754c\u5199\u5165\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2021-43406",
"openTime": "2021-06-19",
"patchDescription": "Chrome\u662f\u7531Google\u5f00\u53d1\u7684\u4e00\u6b3e\u8bbe\u8ba1\u7b80\u5355\u3001\u9ad8\u6548\u7684Web\u6d4f\u89c8\u5de5\u5177\uff0c\u5176\u7279\u70b9\u662f\u7b80\u6d01\u3001\u5feb\u901f\u3002\r\n\r\nGoogle Chrome 91.0.4472.101\u4e4b\u524d\u7248\u672c\u4e2d\u7684ANGLE\u5b58\u5728\u8d8a\u754c\u5199\u5165\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Google Chrome\u8d8a\u754c\u5199\u5165\u6f0f\u6d1e\uff08CNVD-2021-43406\uff09\u7684\u8865\u4e01",
"products": {
"product": "Google Chrome \u003c91.0.4472.101"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-30547",
"serverity": "\u4e2d",
"submitTime": "2021-06-11",
"title": "Google Chrome\u8d8a\u754c\u5199\u5165\u6f0f\u6d1e\uff08CNVD-2021-43406\uff09"
}
FKIE_CVE-2021-30547
Vulnerability from fkie_nvd - Published: 2021-06-15 22:15 - Updated: 2024-11-21 06:04
Severity
Summary
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome | * | ||
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 34 | |
| mozilla | firefox | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6632C3A3-B619-4774-9822-3B4E8A26599E",
"versionEndExcluding": "91.0.4472.101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56478BD7-9D9D-4513-9DDF-47AAC10550BF",
"versionEndExcluding": "97.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page."
},
{
"lang": "es",
"value": "Una escritura fuera de l\u00edmites en ANGLE en Google Chrome versiones anteriores a 91.0.4472.101 permit\u00eda a un atacante remoto potencialmente llevar a cabo un acceso a la memoria fuera de l\u00edmites por medio de una p\u00e1gina HTML dise\u00f1ada"
}
],
"id": "CVE-2021-30547",
"lastModified": "2024-11-21T06:04:09.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-15T22:15:08.930",
"references": [
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://crbug.com/1210414"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00009.html"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00010.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202202-03"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-14"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4939"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://crbug.com/1210414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202202-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4940"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-H3C6-PC9C-GF82
Vulnerability from github – Published: 2022-05-24 19:05 – Updated: 2022-08-11 00:00
VLAI
Details
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
Severity
8.8 (High)
{
"affected": [],
"aliases": [
"CVE-2021-30547"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-15T22:15:00Z",
"severity": "HIGH"
},
"details": "Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.",
"id": "GHSA-h3c6-pc9c-gf82",
"modified": "2022-08-11T00:00:28Z",
"published": "2022-05-24T19:05:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30547"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1210414"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00009.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00010.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202202-03"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-14"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4939"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4940"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2021-30547
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-30547",
"description": "Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.",
"id": "GSD-2021-30547",
"references": [
"https://www.suse.com/security/cve/CVE-2021-30547.html",
"https://www.debian.org/security/2021/dsa-4940",
"https://www.debian.org/security/2021/dsa-4939",
"https://access.redhat.com/errata/RHSA-2021:2914",
"https://access.redhat.com/errata/RHSA-2021:2883",
"https://access.redhat.com/errata/RHSA-2021:2882",
"https://access.redhat.com/errata/RHSA-2021:2881",
"https://access.redhat.com/errata/RHSA-2021:2743",
"https://access.redhat.com/errata/RHSA-2021:2742",
"https://access.redhat.com/errata/RHSA-2021:2741",
"https://access.redhat.com/errata/RHSA-2021:2740",
"https://ubuntu.com/security/CVE-2021-30547",
"https://advisories.mageia.org/CVE-2021-30547.html",
"https://security.archlinux.org/CVE-2021-30547",
"https://linux.oracle.com/cve/CVE-2021-30547.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-30547"
],
"details": "Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.",
"id": "GSD-2021-30547",
"modified": "2023-12-13T01:23:31.028722Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "chrome-cve-admin@google.com",
"ID": "CVE-2021-30547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "91.0.4472.101"
}
]
}
}
]
},
"vendor_name": "Google"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html"
},
{
"name": "https://crbug.com/1210414",
"refsource": "MISC",
"url": "https://crbug.com/1210414"
},
{
"name": "FEDORA-2021-f94dadff78",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/"
},
{
"name": "DSA-4939",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4939"
},
{
"name": "[debian-lts-announce] 20210715 [SECURITY] [DLA 2709-1] firefox-esr security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00009.html"
},
{
"name": "FEDORA-2021-ca58c57bdf",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/"
},
{
"name": "DSA-4940",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4940"
},
{
"name": "[debian-lts-announce] 20210719 [SECURITY] [DLA 2711-1] thunderbird security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00010.html"
},
{
"name": "GLSA-202202-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202202-03"
},
{
"name": "GLSA-202208-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-14"
}
]
}
},
"mozilla.org": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2021-30547"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "90"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "78.12"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "78.12"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 90, Thunderbird \u003c 78.12, and Firefox ESR \u003c 78.12."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds write in ANGLE"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mozilla.org/security/advisories/mfsa2021-29/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2021-30/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2021-28/"
},
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1715766"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "91.0.4472.101",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "97.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "chrome-cve-admin@google.com",
"ID": "CVE-2021-30547"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html"
},
{
"name": "https://crbug.com/1210414",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://crbug.com/1210414"
},
{
"name": "FEDORA-2021-f94dadff78",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/"
},
{
"name": "DSA-4939",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4939"
},
{
"name": "[debian-lts-announce] 20210715 [SECURITY] [DLA 2709-1] firefox-esr security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00009.html"
},
{
"name": "FEDORA-2021-ca58c57bdf",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/"
},
{
"name": "DSA-4940",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4940"
},
{
"name": "[debian-lts-announce] 20210719 [SECURITY] [DLA 2711-1] thunderbird security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00010.html"
},
{
"name": "GLSA-202202-03",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202202-03"
},
{
"name": "GLSA-202208-14",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-14"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-12-09T18:28Z",
"publishedDate": "2021-06-15T22:15Z"
}
}
}
OPENSUSE-SU-2021:0881-1
Vulnerability from csaf_opensuse - Published: 2021-06-16 13:54 - Updated: 2021-06-16 13:54Summary
Security update for chromium
Severity
Important
Notes
Title of the patch: Security update for chromium
Description of the patch: This update for chromium fixes the following issues:
Chromium 91.0.4472.101 (boo#1187141)
* CVE-2021-30544: Use after free in BFCache
* CVE-2021-30545: Use after free in Extensions
* CVE-2021-30546: Use after free in Autofill
* CVE-2021-30547: Out of bounds write in ANGLE
* CVE-2021-30548: Use after free in Loader
* CVE-2021-30549: Use after free in Spell check
* CVE-2021-30550: Use after free in Accessibility
* CVE-2021-30551: Type Confusion in V8
* CVE-2021-30552: Use after free in Extensions
* CVE-2021-30553: Use after free in Network service
* Various fixes from internal audits, fuzzing and other initiatives
Patchnames: openSUSE-2021-881
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for chromium",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for chromium fixes the following issues:\n\nChromium 91.0.4472.101 (boo#1187141)\n\n* CVE-2021-30544: Use after free in BFCache\n* CVE-2021-30545: Use after free in Extensions\n* CVE-2021-30546: Use after free in Autofill\n* CVE-2021-30547: Out of bounds write in ANGLE\n* CVE-2021-30548: Use after free in Loader\n* CVE-2021-30549: Use after free in Spell check\n* CVE-2021-30550: Use after free in Accessibility\n* CVE-2021-30551: Type Confusion in V8\n* CVE-2021-30552: Use after free in Extensions\n* CVE-2021-30553: Use after free in Network service\n* Various fixes from internal audits, fuzzing and other initiatives\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2021-881",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0881-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2021:0881-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JKDHVVJH6V5YXSGWD7GDW62DQXQ22Y5E/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2021:0881-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JKDHVVJH6V5YXSGWD7GDW62DQXQ22Y5E/"
},
{
"category": "self",
"summary": "SUSE Bug 1187141",
"url": "https://bugzilla.suse.com/1187141"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30544 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30545 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30546 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30547 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30548 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30549 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30550 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30551 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30551/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30552 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30553 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30553/"
}
],
"title": "Security update for chromium",
"tracking": {
"current_release_date": "2021-06-16T13:54:40Z",
"generator": {
"date": "2021-06-16T13:54:40Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2021:0881-1",
"initial_release_date": "2021-06-16T13:54:40Z",
"revision_history": [
{
"date": "2021-06-16T13:54:40Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"product": {
"name": "chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"product_id": "chromedriver-91.0.4472.101-lp152.2.104.1.x86_64"
}
},
{
"category": "product_version",
"name": "chromium-91.0.4472.101-lp152.2.104.1.x86_64",
"product": {
"name": "chromium-91.0.4472.101-lp152.2.104.1.x86_64",
"product_id": "chromium-91.0.4472.101-lp152.2.104.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-91.0.4472.101-lp152.2.104.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64"
},
"product_reference": "chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-91.0.4472.101-lp152.2.104.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
},
"product_reference": "chromium-91.0.4472.101-lp152.2.104.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-30544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30544"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30544",
"url": "https://www.suse.com/security/cve/CVE-2021-30544"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30544",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-16T13:54:40Z",
"details": "important"
}
],
"title": "CVE-2021-30544"
},
{
"cve": "CVE-2021-30545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30545"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30545",
"url": "https://www.suse.com/security/cve/CVE-2021-30545"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30545",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-16T13:54:40Z",
"details": "important"
}
],
"title": "CVE-2021-30545"
},
{
"cve": "CVE-2021-30546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30546"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30546",
"url": "https://www.suse.com/security/cve/CVE-2021-30546"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30546",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-16T13:54:40Z",
"details": "important"
}
],
"title": "CVE-2021-30546"
},
{
"cve": "CVE-2021-30547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30547"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30547",
"url": "https://www.suse.com/security/cve/CVE-2021-30547"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30547",
"url": "https://bugzilla.suse.com/1187141"
},
{
"category": "external",
"summary": "SUSE Bug 1188275 for CVE-2021-30547",
"url": "https://bugzilla.suse.com/1188275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-16T13:54:40Z",
"details": "important"
}
],
"title": "CVE-2021-30547"
},
{
"cve": "CVE-2021-30548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30548"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30548",
"url": "https://www.suse.com/security/cve/CVE-2021-30548"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30548",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-16T13:54:40Z",
"details": "important"
}
],
"title": "CVE-2021-30548"
},
{
"cve": "CVE-2021-30549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30549"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30549",
"url": "https://www.suse.com/security/cve/CVE-2021-30549"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30549",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-16T13:54:40Z",
"details": "important"
}
],
"title": "CVE-2021-30549"
},
{
"cve": "CVE-2021-30550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30550"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30550",
"url": "https://www.suse.com/security/cve/CVE-2021-30550"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30550",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-16T13:54:40Z",
"details": "important"
}
],
"title": "CVE-2021-30550"
},
{
"cve": "CVE-2021-30551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30551"
}
],
"notes": [
{
"category": "general",
"text": "Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30551",
"url": "https://www.suse.com/security/cve/CVE-2021-30551"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30551",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-16T13:54:40Z",
"details": "important"
}
],
"title": "CVE-2021-30551"
},
{
"cve": "CVE-2021-30552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30552"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30552",
"url": "https://www.suse.com/security/cve/CVE-2021-30552"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30552",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-16T13:54:40Z",
"details": "important"
}
],
"title": "CVE-2021-30552"
},
{
"cve": "CVE-2021-30553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30553"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30553",
"url": "https://www.suse.com/security/cve/CVE-2021-30553"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30553",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:chromedriver-91.0.4472.101-lp152.2.104.1.x86_64",
"openSUSE Leap 15.2:chromium-91.0.4472.101-lp152.2.104.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-16T13:54:40Z",
"details": "important"
}
],
"title": "CVE-2021-30553"
}
]
}
OPENSUSE-SU-2021:0938-1
Vulnerability from csaf_opensuse - Published: 2021-06-28 13:09 - Updated: 2021-06-28 13:09Summary
Security update for chromium
Severity
Important
Notes
Title of the patch: Security update for chromium
Description of the patch: This update for chromium fixes the following issues:
Chromium 91.0.4472.114 (boo#1187481)
* CVE-2021-30554: Use after free in WebGL
* CVE-2021-30555: Use after free in Sharing
* CVE-2021-30556: Use after free in WebAudio
* CVE-2021-30557: Use after free in TabGroups
* CVE-2021-30544: Use after free in BFCache
* CVE-2021-30545: Use after free in Extensions
* CVE-2021-30546: Use after free in Autofill
* CVE-2021-30547: Out of bounds write in ANGLE
* CVE-2021-30548: Use after free in Loader
* CVE-2021-30549: Use after free in Spell check
* CVE-2021-30550: Use after free in Accessibility
* CVE-2021-30551: Type Confusion in V8
* CVE-2021-30552: Use after free in Extensions
* CVE-2021-30553: Use after free in Network service
* Fix use-after-free in SendTabToSelfSubMenuModel
* Destroy system-token NSSCertDatabase on the IO thread
* Various fixes from internal audits, fuzzing and other initiatives
Patchnames: openSUSE-2021-938
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
49 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for chromium",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for chromium fixes the following issues:\n\nChromium 91.0.4472.114 (boo#1187481)\n\n* CVE-2021-30554: Use after free in WebGL\n* CVE-2021-30555: Use after free in Sharing\n* CVE-2021-30556: Use after free in WebAudio\n* CVE-2021-30557: Use after free in TabGroups\n* CVE-2021-30544: Use after free in BFCache\n* CVE-2021-30545: Use after free in Extensions\n* CVE-2021-30546: Use after free in Autofill\n* CVE-2021-30547: Out of bounds write in ANGLE\n* CVE-2021-30548: Use after free in Loader\n* CVE-2021-30549: Use after free in Spell check\n* CVE-2021-30550: Use after free in Accessibility\n* CVE-2021-30551: Type Confusion in V8\n* CVE-2021-30552: Use after free in Extensions\n* CVE-2021-30553: Use after free in Network service\n* Fix use-after-free in SendTabToSelfSubMenuModel\n* Destroy system-token NSSCertDatabase on the IO thread\n* Various fixes from internal audits, fuzzing and other initiatives\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2021-938",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0938-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2021:0938-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XFR7LUM6J45XO73B4GQD65J3TG3IDVJX/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2021:0938-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XFR7LUM6J45XO73B4GQD65J3TG3IDVJX/"
},
{
"category": "self",
"summary": "SUSE Bug 1187141",
"url": "https://bugzilla.suse.com/1187141"
},
{
"category": "self",
"summary": "SUSE Bug 1187481",
"url": "https://bugzilla.suse.com/1187481"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30544 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30545 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30546 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30547 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30548 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30549 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30550 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30551 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30551/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30552 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30553 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30554 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30554/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30556 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-30557 page",
"url": "https://www.suse.com/security/cve/CVE-2021-30557/"
}
],
"title": "Security update for chromium",
"tracking": {
"current_release_date": "2021-06-28T13:09:47Z",
"generator": {
"date": "2021-06-28T13:09:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2021:0938-1",
"initial_release_date": "2021-06-28T13:09:47Z",
"revision_history": [
{
"date": "2021-06-28T13:09:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"product": {
"name": "chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"product_id": "chromedriver-91.0.4472.114-bp153.2.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"product": {
"name": "chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"product_id": "chromium-91.0.4472.114-bp153.2.13.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"product": {
"name": "chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"product_id": "chromedriver-91.0.4472.114-bp153.2.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"product": {
"name": "chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"product_id": "chromium-91.0.4472.114-bp153.2.13.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP3",
"product": {
"name": "SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64"
},
"product_reference": "chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64"
},
"product_reference": "chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-91.0.4472.114-bp153.2.13.1.aarch64 as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64"
},
"product_reference": "chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-91.0.4472.114-bp153.2.13.1.x86_64 as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
},
"product_reference": "chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-91.0.4472.114-bp153.2.13.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64"
},
"product_reference": "chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-91.0.4472.114-bp153.2.13.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64"
},
"product_reference": "chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-91.0.4472.114-bp153.2.13.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64"
},
"product_reference": "chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-91.0.4472.114-bp153.2.13.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
},
"product_reference": "chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-30544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30544"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30544",
"url": "https://www.suse.com/security/cve/CVE-2021-30544"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30544",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30544"
},
{
"cve": "CVE-2021-30545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30545"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30545",
"url": "https://www.suse.com/security/cve/CVE-2021-30545"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30545",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30545"
},
{
"cve": "CVE-2021-30546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30546"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30546",
"url": "https://www.suse.com/security/cve/CVE-2021-30546"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30546",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30546"
},
{
"cve": "CVE-2021-30547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30547"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30547",
"url": "https://www.suse.com/security/cve/CVE-2021-30547"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30547",
"url": "https://bugzilla.suse.com/1187141"
},
{
"category": "external",
"summary": "SUSE Bug 1188275 for CVE-2021-30547",
"url": "https://bugzilla.suse.com/1188275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30547"
},
{
"cve": "CVE-2021-30548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30548"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30548",
"url": "https://www.suse.com/security/cve/CVE-2021-30548"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30548",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30548"
},
{
"cve": "CVE-2021-30549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30549"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30549",
"url": "https://www.suse.com/security/cve/CVE-2021-30549"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30549",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30549"
},
{
"cve": "CVE-2021-30550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30550"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30550",
"url": "https://www.suse.com/security/cve/CVE-2021-30550"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30550",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30550"
},
{
"cve": "CVE-2021-30551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30551"
}
],
"notes": [
{
"category": "general",
"text": "Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30551",
"url": "https://www.suse.com/security/cve/CVE-2021-30551"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30551",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30551"
},
{
"cve": "CVE-2021-30552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30552"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30552",
"url": "https://www.suse.com/security/cve/CVE-2021-30552"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30552",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30552"
},
{
"cve": "CVE-2021-30553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30553"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30553",
"url": "https://www.suse.com/security/cve/CVE-2021-30553"
},
{
"category": "external",
"summary": "SUSE Bug 1187141 for CVE-2021-30553",
"url": "https://bugzilla.suse.com/1187141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30553"
},
{
"cve": "CVE-2021-30554",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30554"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30554",
"url": "https://www.suse.com/security/cve/CVE-2021-30554"
},
{
"category": "external",
"summary": "SUSE Bug 1187481 for CVE-2021-30554",
"url": "https://bugzilla.suse.com/1187481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30554"
},
{
"cve": "CVE-2021-30555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30555"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Sharing in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and user gesture.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30555",
"url": "https://www.suse.com/security/cve/CVE-2021-30555"
},
{
"category": "external",
"summary": "SUSE Bug 1187481 for CVE-2021-30555",
"url": "https://bugzilla.suse.com/1187481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30555"
},
{
"cve": "CVE-2021-30556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30556"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in WebAudio in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30556",
"url": "https://www.suse.com/security/cve/CVE-2021-30556"
},
{
"category": "external",
"summary": "SUSE Bug 1187481 for CVE-2021-30556",
"url": "https://bugzilla.suse.com/1187481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30556"
},
{
"cve": "CVE-2021-30557",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-30557"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in TabGroups in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-30557",
"url": "https://www.suse.com/security/cve/CVE-2021-30557"
},
{
"category": "external",
"summary": "SUSE Bug 1187481 for CVE-2021-30557",
"url": "https://bugzilla.suse.com/1187481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromedriver-91.0.4472.114-bp153.2.13.1.x86_64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.aarch64",
"openSUSE Leap 15.3:chromium-91.0.4472.114-bp153.2.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-28T13:09:47Z",
"details": "important"
}
],
"title": "CVE-2021-30557"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…