Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA12189
HistoryMay 25, 2021 - 12:00 a.m.

KLA12189 Multiple vulnerabilities in Google Chrome

2021-05-2500:00:00
Kaspersky Lab
threats.kaspersky.com
302

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

90.4%

JSON

Detect date:

05/25/2021

Severity:

High

Description:

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, execute arbitrary code, cause denial of service, obtain sensitive information.

Affected products:

Google Chrome earlier than 91.0.4472.77

Solution:

Update to the latest version
Download Google Chrome

Original advisories:

Stable Channel Update for Desktop

Impacts:

ACE

Related products:

Google Chrome

CVE-IDS:

CVE-2021-305384.3Warning
CVE-2021-305406.5High
CVE-2021-305336.5High
CVE-2021-305278.8Critical
CVE-2021-305228.8Critical
CVE-2021-305218.8Critical
CVE-2021-305316.5High
CVE-2021-305238.8Critical
CVE-2021-305248.8Critical
CVE-2021-305358.8Critical
CVE-2021-305268.8Critical
CVE-2021-305308.8Critical
CVE-2021-305258.8Critical
CVE-2021-305395.4High
CVE-2021-305298.8Critical
CVE-2021-305288.8Critical
CVE-2021-305324.3Warning
CVE-2021-305374.3Warning
CVE-2021-305346.5High
CVE-2021-305368.1Critical
CVE-2021-305438.8Critical
CVE-2021-305428.8Critical
CVE-2021-305588.8Critical

KB list:

5001914
5001931
5001919
5001917
4493197
5003729
4464542
5001920
5001927
5001923
4493206
5001918
5001916
5001928
5001936
5001925
5001935
4504711
4484527

References

Related

archlinux 2
nessus 7
suse 2
freebsd 1
chrome 1
kaspersky 1
fedora 6
gentoo 1
veracode 22
prion 23
cve 23
debiancve 23
ubuntucve 23
alpinelinux 20
cnvd 1
mscve 20
attackerkb 1
ubuntu 1
osv 2
checkpoint_advisories 1
mageia 1
cisa_kev 1
talos 1
thn 1
archlinux
archlinux
[ASA-202106-33] opera: multiple issues
2021-06-15 00:00:00
[ASA-202106-2] chromium: multiple issues
2021-06-01 00:00:00
nessus
nessus
openSUSE Security Update : chromium (openSUSE-2021-825)
2021-06-04 00:00:00
Google Chrome < 91.0.4472.77 Multiple Vulnerabilities
2021-05-25 00:00:00
FreeBSD : chromium -- multiple vulnerabilities (674ed047-be0a-11eb-b927-3065ec8fd3ec)
2021-05-27 00:00:00
suse
suse
Security update for chromium (important)
2021-06-02 00:00:00
Security update for chromium (important)
2021-06-04 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2021-05-25 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2021-05-25 00:00:00
kaspersky
kaspersky
KLA12192 Multiple vulnerabilities in Microsoft Browser
2021-05-27 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: chromium-91.0.4472.114-1.fc34
2021-07-09 01:03:32
[SECURITY] Fedora 33 Update: chromium-91.0.4472.114-2.fc33
2021-07-18 01:04:26
[SECURITY] Fedora 33 Update: chromium-94.0.4606.61-1.fc33
2021-10-09 00:27:38
gentoo
gentoo
Chromium, Google Chrome: Multiple vulnerabilities
2021-07-06 00:00:00
veracode
veracode
Insufficient Policy Enforcement
2021-05-28 13:04:05
Denial Of Service (DoS)
2021-08-12 15:36:19
Use After Free
2021-08-12 15:36:21
prion
prion
Design/Logic Flaw
2023-01-02 23:15:00
Design/Logic Flaw
2021-06-07 20:15:00
Heap overflow
2021-06-07 20:15:00
cve
cve
CVE-2021-30530
2021-06-07 20:15:00
CVE-2021-30543
2021-06-07 20:15:00
CVE-2021-30558
2023-01-02 23:15:00
debiancve
debiancve
CVE-2021-30542
2021-06-07 20:15:00
CVE-2021-30558
2023-01-02 23:15:00
CVE-2021-30529
2021-06-07 20:15:00
ubuntucve
ubuntucve
CVE-2021-30543
2021-06-07 00:00:00
CVE-2021-30558
2023-01-02 00:00:00
CVE-2021-30540
2021-06-07 00:00:00
alpinelinux
alpinelinux
CVE-2021-30538
2021-06-07 20:15:00
CVE-2021-30521
2021-06-07 20:15:00
CVE-2021-30536
2021-06-07 20:15:00
cnvd
cnvd
Google Chrome security special issue vulnerability
2023-01-04 00:00:00
mscve
mscve
Chromium: CVE-2021-30521 Heap buffer overflow in Autofill
2021-05-27 07:00:00
Chromium: CVE-2021-30529 Use after free in Bookmarks
2021-05-27 07:00:00
Chromium: CVE-2021-30537 Insufficient policy enforcement in cookies
2021-05-27 07:00:00
attackerkb
attackerkb
CVE-2021-30533
2021-06-07 00:00:00
ubuntu
ubuntu
ICU vulnerability
2021-11-24 00:00:00
osv
osv
A security issue was fixed in ICU
2021-11-24 17:26:57
chromium - security update
2022-01-14 00:00:00
checkpoint_advisories
checkpoint_advisories
Google Chrome Authentication Bypass (CVE-2021-30533)
2022-07-10 00:00:00
mageia
mageia
Updated icu packages fix security vulnerability
2021-10-02 21:57:04
cisa_kev
cisa_kev
Google Chromium PopupBlocker Security Bypass Vulnerability
2022-06-27 00:00:00
talos
talos
Google Chrome WebAudio blink::AudioNodeOutput::Pull code execution vulnerability
2021-06-08 00:00:00
thn
thn
CISA Warns of Active Exploitation of 'PwnKit' Linux Vulnerability in the Wild
2022-06-29 04:01:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.027 Low

EPSS

Percentile

90.4%

JSON
Related for KLA12189
archlinux2nessus7suse2freebsd1chrome1kaspersky1fedora6gentoo1veracode22prion23cve23debiancve23ubuntucve23alpinelinux20cnvd1mscve20attackerkb1ubuntu1osv2checkpoint_advisories1mageia1cisa_kev1talos1thn1