Lucene search

K
debianDebianDEBIAN:DSA-4832-1:C6798
HistoryJan 16, 2021 - 2:06 p.m.

[SECURITY] [DSA 4832-1] chromium security update

2021-01-1614:06:35
lists.debian.org
52
chromium
debian
security update
cve-2020-15995
cve-2020-16043
cve-2021-21106
code execution
denial of service
information disclosure

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

9.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

AI Score

10

Confidence

High

EPSS

0.01

Percentile

84.2%


Debian Security Advisory DSA-4832-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
January 16, 2021 https://www.debian.org/security/faq


Package : chromium
CVE ID : CVE-2020-15995 CVE-2020-16043 CVE-2021-21106 CVE-2021-21107
CVE-2021-21108 CVE-2021-21109 CVE-2021-21110 CVE-2021-21111
CVE-2021-21112 CVE-2021-21113 CVE-2021-21114 CVE-2021-21115
CVE-2021-21116
Debian Bug : 979533

Multiple security issues were discovered in the Chromium web browser, which
could result in the execution of arbitrary code, denial of service
or information disclosure.

For the stable distribution (buster), these problems have been fixed in
version 87.0.4280.141-0.1~deb10u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

9.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

AI Score

10

Confidence

High

EPSS

0.01

Percentile

84.2%