vulnerability
FreeBSD: VID-bdaecfad-3117-11ec-b3b0-3065ec8fd3ec (CVE-2021-37994): chromium -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Oct 19, 2021 | Nov 4, 2022 | Dec 10, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Oct 19, 2021
Added
Nov 4, 2022
Modified
Dec 10, 2025
Description
Chrome Releases reports: This release contains 19 security fixes, including: [1246631] High CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-09-04 [1248661] High CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-09-11 [1249810] High CVE-2021-37983: Use after free in Dev Tools. Reported by Zhihua Yao of KunLun Lab on 2021-09-15 [1253399] High CVE-2021-37984: Heap buffer overflow in PDFium. Reported by Antti Levomäki, Joonas Pihlaja andChristian Jali from Forcepoint on 2021-09-27 [1241860] High CVE-2021-37985: Use after free in V8. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-08-20 [1242404] Medium CVE-2021-37986: Heap buffer overflow in Settings. Reported by raven (@raid_akame) on 2021-08-23 [1206928] Medium CVE-2021-37987: Use after free in Network APIs. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-08 [1228248] Medium CVE-2021-37988: Use after free in Profiles. Reported by raven (@raid_akame) on 2021-07-12 [1233067] Medium CVE-2021-37989: Inappropriate implementation in Blink. Reported by Matt Dyas, Ankur Sundara on 2021-07-26 [1247395] Medium CVE-2021-37990: Inappropriate implementation in WebView. Reported by Kareem Selim of CyShield on 2021-09-07 [1250660] Medium CVE-2021-37991: Race in V8. Reported by Samuel Gross of Google Project Zero on 2021-09-17 [1253746] Medium CVE-2021-37992: Out of bounds read in WebAudio. Reported by sunburst@Ant Security Light-Year Lab on 2021-09-28 [1255332] Medium CVE-2021-37993: Use after free in PDF Accessibility. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-10-02 [1243020] Medium CVE-2021-37996: Insufficient validation of untrusted input in Downloads. Reported by Anonymous on 2021-08-24 [1100761] Low CVE-2021-37994: Inappropriate implementation in iFrame Sandbox. Reported by David Erceg on 2020-06-30 [1242315] Low CVE-2021-37995: Inappropriate implementation in WebApp Installer. Reported by Terence Eden on 2021-08-23
Solution
freebsd-upgrade-package-chromium
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.