8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.027 Low
EPSS
Percentile
90.4%
Severity: High
Date : 2021-06-01
CVE-ID : CVE-2021-30521 CVE-2021-30522 CVE-2021-30523 CVE-2021-30524
CVE-2021-30525 CVE-2021-30526 CVE-2021-30527 CVE-2021-30528
CVE-2021-30529 CVE-2021-30530 CVE-2021-30531 CVE-2021-30532
CVE-2021-30533 CVE-2021-30534 CVE-2021-30535 CVE-2021-30536
CVE-2021-30537 CVE-2021-30538 CVE-2021-30539 CVE-2021-30540
Package : chromium
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-1990
The package chromium before version 91.0.4472.77-1 is vulnerable to
multiple issues including arbitrary code execution, information
disclosure, insufficient validation and content spoofing.
Upgrade to 91.0.4472.77-1.
The problems have been fixed upstream in version 91.0.4472.77.
None.
A heap buffer overflow security issue has been found in the Autofill
component of the Chromium browser before version 91.0.4472.77.
A use after free security issue has been found in the WebAudio
component of the Chromium browser before version 91.0.4472.77.
A use after free security issue has been found in the WebRTC component
of the Chromium browser before version 91.0.4472.77.
A use after free security issue has been found in the TabStrip
component of the Chromium browser before version 91.0.4472.77.
A use after free security issue has been found in the TabGroups
component of the Chromium browser before version 91.0.4472.77.
An out of bounds write security issue has been found in the TabStrip
component of the Chromium browser before version 91.0.4472.77.
A use after free security issue has been found in the WebUI component
of the Chromium browser before version 91.0.4472.77.
A use after free security issue has been found in the WebAuthentication
component of the Chromium browser before version 91.0.4472.77.
A use after free security issue has been found in the Bookmarks
component of the Chromium browser before version 91.0.4472.77.
An out of bounds memory access security issue has been found in the
WebAudio component of the Chromium browser before version 91.0.4472.77.
An insufficient policy enforcement security issue has been found in the
Content Security Policy component of the Chromium browser before
version 91.0.4472.77.
An insufficient policy enforcement security issue has been found in the
Content Security Policy component of the Chromium browser before
version 91.0.4472.77.
An insufficient policy enforcement security issue has been found in the
PopupBlocker component of the Chromium browser before version
91.0.4472.77.
An insufficient policy enforcement security issue has been found in the
iFrameSandbox component of the Chromium browser before version
91.0.4472.77.
A double free security issue has been found in the ICU component of the
Chromium browser before version 91.0.4472.77.
An out of bounds read security issue has been found in the V8 component
of the Chromium browser before version 91.0.4472.77.
An insufficient policy enforcement security issue has been found in the
cookies component of the Chromium browser before version 91.0.4472.77.
An insufficient policy enforcement security issue has been found in the
content security policy component of the Chromium browser before
version 91.0.4472.77.
An insufficient policy enforcement security issue has been found in the
content security policy component of the Chromium browser before
version 91.0.4472.77.
An incorrect security UI security issue has been found in the payments
component of the Chromium browser before version 91.0.4472.77.
A remote attacker could spoof content, disclose sensitive information,
or execute arbitrary code through crafted web pages.
https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html
https://crbug.com/1208721
https://crbug.com/1176218
https://crbug.com/1187797
https://crbug.com/1197146
https://crbug.com/1197888
https://crbug.com/1198717
https://crbug.com/1199198
https://crbug.com/1206329
https://crbug.com/1195278
https://crbug.com/1201033
https://crbug.com/1115628
https://crbug.com/1117687
https://crbug.com/1145553
https://crbug.com/1151507
https://crbug.com/1194899
https://crbug.com/1194358
https://crbug.com/830101
https://crbug.com/1115045
https://crbug.com/971231
https://crbug.com/1184147
https://security.archlinux.org/CVE-2021-30521
https://security.archlinux.org/CVE-2021-30522
https://security.archlinux.org/CVE-2021-30523
https://security.archlinux.org/CVE-2021-30524
https://security.archlinux.org/CVE-2021-30525
https://security.archlinux.org/CVE-2021-30526
https://security.archlinux.org/CVE-2021-30527
https://security.archlinux.org/CVE-2021-30528
https://security.archlinux.org/CVE-2021-30529
https://security.archlinux.org/CVE-2021-30530
https://security.archlinux.org/CVE-2021-30531
https://security.archlinux.org/CVE-2021-30532
https://security.archlinux.org/CVE-2021-30533
https://security.archlinux.org/CVE-2021-30534
https://security.archlinux.org/CVE-2021-30535
https://security.archlinux.org/CVE-2021-30536
https://security.archlinux.org/CVE-2021-30537
https://security.archlinux.org/CVE-2021-30538
https://security.archlinux.org/CVE-2021-30539
https://security.archlinux.org/CVE-2021-30540
chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html
crbug.com/1115045
crbug.com/1115628
crbug.com/1117687
crbug.com/1145553
crbug.com/1151507
crbug.com/1176218
crbug.com/1184147
crbug.com/1187797
crbug.com/1194358
crbug.com/1194899
crbug.com/1195278
crbug.com/1197146
crbug.com/1197888
crbug.com/1198717
crbug.com/1199198
crbug.com/1201033
crbug.com/1206329
crbug.com/1208721
crbug.com/830101
crbug.com/971231
security.archlinux.org/AVG-1990
security.archlinux.org/CVE-2021-30521
security.archlinux.org/CVE-2021-30522
security.archlinux.org/CVE-2021-30523
security.archlinux.org/CVE-2021-30524
security.archlinux.org/CVE-2021-30525
security.archlinux.org/CVE-2021-30526
security.archlinux.org/CVE-2021-30527
security.archlinux.org/CVE-2021-30528
security.archlinux.org/CVE-2021-30529
security.archlinux.org/CVE-2021-30530
security.archlinux.org/CVE-2021-30531
security.archlinux.org/CVE-2021-30532
security.archlinux.org/CVE-2021-30533
security.archlinux.org/CVE-2021-30534
security.archlinux.org/CVE-2021-30535
security.archlinux.org/CVE-2021-30536
security.archlinux.org/CVE-2021-30537
security.archlinux.org/CVE-2021-30538
security.archlinux.org/CVE-2021-30539
security.archlinux.org/CVE-2021-30540
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.027 Low
EPSS
Percentile
90.4%