vulnerability

FreeBSD: VID-479FDFDA-6659-11EB-83E2-E09467587C17 (CVE-2021-21145): www/chromium -- multiple vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Feb 2, 2021	Feb 4, 2021	Mar 8, 2021

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Feb 2, 2021

Added

Feb 4, 2021

Modified

Mar 8, 2021

Description

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From VID-479FDFDA-6659-11EB-83E2-E09467587C17:

Chrome Releases reports:

This update include 6 security fixes:

1169317] Critical CVE-2021-21142: Use after free in Payments.

Reported by Khalil Zhani on 2021-01-21

[1163504] High CVE-2021-21143: Heap buffer overflow in

Extensions. Reported by Allen Parker and Alex Morgan of MU on

2021-01-06

[1163845] High CVE-2021-21144: Heap buffer overflow in Tab

Groups. Reported by Leecraso and Guang Gong of 360 Alpha Lab on

2021-01-07

[1154965] High CVE-2021-21145: Use after free in Fonts. Reported

by Anonymous on 2020-12-03

[1161705] High CVE-2021-21146: Use after free in Navigation.

Reported by Alison Huffman and Choongwoo Han of Microsoft Browser

Vulnerability Research on 2020-12-24

[1162942] Medium CVE-2021-21147: Inappropriate implementation in

Skia. Reported by Roman Starkov on 2021-01-04

Solution

freebsd-upgrade-package-chromium

References

NVD-CVE-2021-21145

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today