chromium - security update

2022-01-14T00:00:00

Description

Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. For the oldstable distribution (buster), security support for Chromium has been discontinued due to toolchain issues which no longer allow to build current Chromium releases on buster. You can either upgrade to the stable release (bullseye) or switch to a browser which continues to receive security supports in buster (firefox-esr or browsers based on webkit2gtk) For the stable distribution (bullseye), these problems have been fixed in version 97.0.4692.71-0.1~deb11u1. We recommend that you upgrade your chromium packages. For the detailed security status of chromium please refer to its security tracker page at: [\ https://security-tracker.debian.org/tracker/chromium](https://security-tracker.debian.org/tracker/chromium)

Affected Software

CPE Name	Name	Version
	chromium	93.0.4577.82-1
	chromium	90.0.4430.212-1

{"id": "OSV:DSA-5046-1", "bulletinFamily": "software", "title": "chromium - security update", "description": "\nMultiple security issues were discovered in Chromium, which could result\nin the execution of arbitrary code, denial of service or information\ndisclosure.\n\n\nFor the oldstable distribution (buster), security support for Chromium\nhas been discontinued due to toolchain issues which no longer allow to\nbuild current Chromium releases on buster. You can either upgrade to\nthe stable release (bullseye) or switch to a browser which continues\nto receive security supports in buster (firefox-esr or browsers based\non webkit2gtk)\n\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 97.0.4692.71-0.1~deb11u1.\n\n\nWe recommend that you upgrade your chromium packages.\n\n\nFor the detailed security status of chromium please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/chromium](https://security-tracker.debian.org/tracker/chromium)\n\n\n", "published": "2022-01-14T00:00:00", "modified": "2022-08-10T07:07:27", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 6.0}, "href": "https://osv.dev/vulnerability/DSA-5046-1", "reporter": "Google", "references": ["https://www.debian.org/security/2022/dsa-5046"], "cvelist": ["CVE-2022-0098", "CVE-2021-37963", "CVE-2021-4099", "CVE-2021-38019", "CVE-2021-38006", "CVE-2021-37979", "CVE-2021-37999", "CVE-2021-4065", "CVE-2021-37983", "CVE-2021-4062", "CVE-2021-4066", "CVE-2021-4079", "CVE-2022-0120", "CVE-2021-4055", "CVE-2022-0116", "CVE-2021-37957", "CVE-2021-37956", "CVE-2022-0096", "CVE-2021-38018", "CVE-2021-4052", "CVE-2021-38011", "CVE-2021-4068", "CVE-2021-38003", "CVE-2021-37995", "CVE-2021-38009", "CVE-2021-38015", "CVE-2021-37982", "CVE-2021-4057", "CVE-2021-37962", "CVE-2022-0117", "CVE-2021-37981", "CVE-2021-38000", "CVE-2021-37989", "CVE-2021-37959", "CVE-2021-38017", "CVE-2021-37965", "CVE-2021-37975", "CVE-2021-37994", "CVE-2022-0103", "CVE-2021-4098", "CVE-2022-0101", "CVE-2021-4061", "CVE-2021-37985", "CVE-2021-37980", "CVE-2021-38021", "CVE-2021-38002", "CVE-2022-0104", "CVE-2021-37970", "CVE-2022-0097", "CVE-2021-38013", "CVE-2022-0107", "CVE-2022-0100", "CVE-2022-0115", "CVE-2021-4056", "CVE-2022-0109", "CVE-2021-37968", "CVE-2022-0114", "CVE-2022-0106", "CVE-2021-38012", "CVE-2021-4063", "CVE-2021-37967", "CVE-2021-37977", "CVE-2021-37997", "CVE-2021-37986", "CVE-2021-37990", "CVE-2021-4102", "CVE-2021-37984", "CVE-2021-37964", "CVE-2021-37976", "CVE-2021-4078", "CVE-2022-0111", "CVE-2021-38005", "CVE-2021-37993", "CVE-2021-37972", "CVE-2022-0102", "CVE-2021-37998", "CVE-2021-38001", "CVE-2021-4064", "CVE-2022-0113", "CVE-2021-38022", "CVE-2021-4053", "CVE-2021-37971", "CVE-2021-37961", "CVE-2021-38020", "CVE-2021-37988", "CVE-2022-0099", "CVE-2021-37958", "CVE-2021-38004", "CVE-2021-4101", "CVE-2021-37966", "CVE-2021-37978", "CVE-2022-0112", "CVE-2021-4058", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-37974", "CVE-2021-37996", "CVE-2021-37973", "CVE-2022-0105", "CVE-2021-37969", "CVE-2021-38016", "CVE-2021-4059", "CVE-2021-37987", "CVE-2022-0110", "CVE-2022-0108", "CVE-2021-37991", "CVE-2021-4054", "CVE-2021-37992", "CVE-2021-4100", "CVE-2022-0118", "CVE-2021-38014", "CVE-2021-4067", "CVE-2021-38010"], "immutableFields": [], "type": "osv", "lastseen": "2022-08-10T07:07:31", "edition": 1, "viewCount": 6, "enchantments": {"dependencies": {"references": [{"idList": ["ASA-202111-9", "ASA-202111-8", "ASA-202112-2", "ASA-202112-6", "ASA-202110-7", "ASA-202112-1", "ASA-202111-4", "ASA-202112-7", "ASA-202110-2", "ASA-202110-8"], "type": "archlinux"}, {"idList": ["GCSA-6179617491562660930", "GCSA-53254084301211911", "GCSA-7342407883646540962", "GCSA-8146707100851062467", "GCSA-2471449198019300311", "GCSA-1169691578072612224", "GCSA-3758141203538733592", "GCSA-2371492188806762489", "GCSA-7014601772789068319", "GCSA-6082209000390727773"], "type": "chrome"}, {"idList": ["701383.PASL", "701378.PASL", "GOOGLE_CHROME_96_0_4664_45.NASL", "MACOSX_GOOGLE_CHROME_95_0_4638_69.NASL", "FREEBSD_PKG_18AC074C579F11ECAAC73065EC8FD3EC.NASL", "MICROSOFT_EDGE_CHROMIUM_95_0_1020_30.NASL", "OPENSUSE-2021-1582.NASL", "OPENSUSE-2021-1339.NASL", "OPENSUSE-2022-0070-1.NASL", "MACOSX_GOOGLE_CHROME_94_0_4606_61.NASL", "MICROSOFT_EDGE_CHROMIUM_96_0_1054_53.NASL", "FEDORA_2021-116EFF380F.NASL", "GENTOO_GLSA-202201-02.NASL", "OPENSUSE-2021-1396.NASL", "701369.PASL", "701380.PASL", "GOOGLE_CHROME_94_0_4606_81.NASL", "OPENSUSE-2022-0014-1.NASL", "GOOGLE_CHROME_97_0_4692_71.NASL", "701379.PASL", "MACOSX_GOOGLE_CHROME_96_0_4664_45.NASL", "OPENSUSE-2021-1433.NASL", "MACOSX_GOOGLE_CHROME_95_0_4638_54.NASL", "FREEBSD_PKG_B6C875F11D7611ECAE80704D7B472482.NASL", "FREEBSD_PKG_FB9BA4905CC411ECAAC73065EC8FD3EC.NASL", "701370.PASL", "MICROSOFT_EDGE_CHROMIUM_94_0_992_38.NASL", "MACOSX_GOOGLE_CHROME_96_0_4664_110.NASL", "GOOGLE_CHROME_94_0_4606_71.NASL", "MACOSX_GOOGLE_CHROME_94_0_4606_54.NASL", "OPENSUSE-2021-1462.NASL", "FREEBSD_PKG_777EDBBE223011EC8869704D7B472482.NASL", "OPENSUSE-2021-1350.NASL", "GOOGLE_CHROME_96_0_4664_110.NASL", "OPENSUSE-2021-1600.NASL", "MICROSOFT_EDGE_CHROMIUM_97_0_1072_55.NASL", "MICROSOFT_EDGE_CHROMIUM_94_0_992_47.NASL", "MACOSX_GOOGLE_CHROME_97_0_4692_71.NASL", "MACOSX_GOOGLE_CHROME_96_0_4664_93.NASL", "GOOGLE_CHROME_95_0_4638_69.NASL", "MICROSOFT_EDGE_CHROMIUM_96_0_1054_57.NASL", "MICROSOFT_EDGE_CHROMIUM_94_0_992_31.NASL", "701368.PASL", "MACOSX_GOOGLE_CHROME_94_0_4606_71.NASL", "701381.PASL", "OPENSUSE-2021-1488.NASL", "GOOGLE_CHROME_95_0_4638_54.NASL", "FREEBSD_PKG_7D3D94D3281011EC9C513065EC8FD3EC.NASL", "701377.PASL", "GOOGLE_CHROME_94_0_4606_54.NASL", "OPENSUSE-2021-1632.NASL", "FREEBSD_PKG_976D7BF938EA11ECB3B03065EC8FD3EC.NASL", "701375.PASL", "OPENSUSE-2021-1392.NASL", "OPENSUSE-2021-1358.NASL", "DEBIAN_DSA-5046.NASL", "MACOSX_GOOGLE_CHROME_94_0_4606_81.NASL", "FREEBSD_PKG_9EECCBF36E2611ECBB103065EC8FD3EC.NASL", "GOOGLE_CHROME_96_0_4664_93.NASL", "FREEBSD_PKG_BDAECFAD311711ECB3B03065EC8FD3EC.NASL", "FREEBSD_PKG_3551E1061B1711ECA8A7704D7B472482.NASL", "MICROSOFT_EDGE_CHROMIUM_95_0_1020_40.NASL", "GOOGLE_CHROME_94_0_4606_61.NASL", "MICROSOFT_EDGE_CHROMIUM_96_0_1052_29.NASL"], "type": "nessus"}, {"idList": ["MALWAREBYTES:3EAF616381CA068D86347AB0BE88B0A2", "MALWAREBYTES:1151D0D15101B94C9C41B6DCAFD58AD5", "MALWAREBYTES:1BBB147ADD90DF3A3483E6805D78B6A6"], "type": "malwarebytes"}, {"idList": ["DEBIANCVE:CVE-2021-38010", "DEBIANCVE:CVE-2021-4059", "DEBIANCVE:CVE-2021-4100", "DEBIANCVE:CVE-2021-4061", "DEBIANCVE:CVE-2021-38016", "DEBIANCVE:CVE-2022-0115", "DEBIANCVE:CVE-2021-4101", "DEBIANCVE:CVE-2022-0113", "DEBIANCVE:CVE-2022-0112", "DEBIANCVE:CVE-2022-0118", "DEBIANCVE:CVE-2021-37978", "DEBIANCVE:CVE-2021-37994", "DEBIANCVE:CVE-2021-38000", "DEBIANCVE:CVE-2021-37964", "DEBIANCVE:CVE-2021-37962", "DEBIANCVE:CVE-2021-37976", "DEBIANCVE:CVE-2021-38018", "DEBIANCVE:CVE-2022-0106", "DEBIANCVE:CVE-2021-38019", "DEBIANCVE:CVE-2021-37965", "DEBIANCVE:CVE-2021-38003", "DEBIANCVE:CVE-2021-37967", "DEBIANCVE:CVE-2021-38004", "DEBIANCVE:CVE-2021-37984", "DEBIANCVE:CVE-2021-37997", "DEBIANCVE:CVE-2021-4099", "DEBIANCVE:CVE-2021-38022", "DEBIANCVE:CVE-2022-0096", "DEBIANCVE:CVE-2021-37988", "DEBIANCVE:CVE-2021-37957", "DEBIANCVE:CVE-2022-0105", "DEBIANCVE:CVE-2021-38011", "DEBIANCVE:CVE-2022-0116", "DEBIANCVE:CVE-2021-4055", "DEBIANCVE:CVE-2021-38015", "DEBIANCVE:CVE-2022-0101", "DEBIANCVE:CVE-2022-0108", "DEBIANCVE:CVE-2021-37973", "DEBIANCVE:CVE-2021-4054", "DEBIANCVE:CVE-2022-0107", "DEBIANCVE:CVE-2021-4063", "DEBIANCVE:CVE-2022-0098", "DEBIANCVE:CVE-2021-37966", "DEBIANCVE:CVE-2021-4066", "DEBIANCVE:CVE-2021-38012", "DEBIANCVE:CVE-2021-4102", "DEBIANCVE:CVE-2021-38013", "DEBIANCVE:CVE-2021-37991", "DEBIANCVE:CVE-2022-0097", "DEBIANCVE:CVE-2021-37970", "DEBIANCVE:CVE-2022-0110", "DEBIANCVE:CVE-2021-37958", "DEBIANCVE:CVE-2021-38021", "DEBIANCVE:CVE-2021-38006", "DEBIANCVE:CVE-2021-4062", "DEBIANCVE:CVE-2021-38020", "DEBIANCVE:CVE-2022-0099", "DEBIANCVE:CVE-2021-4057", "DEBIANCVE:CVE-2021-37975", "DEBIANCVE:CVE-2021-37980", "DEBIANCVE:CVE-2021-37993", "DEBIANCVE:CVE-2021-37968", "DEBIANCVE:CVE-2021-37987", "DEBIANCVE:CVE-2022-0109", "DEBIANCVE:CVE-2021-37990", "DEBIANCVE:CVE-2021-4053", "DEBIANCVE:CVE-2021-38002", "DEBIANCVE:CVE-2022-0111", "DEBIANCVE:CVE-2021-4058", "DEBIANCVE:CVE-2022-0100", "DEBIANCVE:CVE-2022-0120", "DEBIANCVE:CVE-2021-37989", "DEBIANCVE:CVE-2021-38007", "DEBIANCVE:CVE-2021-38005", "DEBIANCVE:CVE-2021-37972", "DEBIANCVE:CVE-2021-37982", "DEBIANCVE:CVE-2021-37986", "DEBIANCVE:CVE-2022-0114", "DEBIANCVE:CVE-2021-38009", "DEBIANCVE:CVE-2021-37992", "DEBIANCVE:CVE-2021-4056", "DEBIANCVE:CVE-2021-37998", "DEBIANCVE:CVE-2022-0104", "DEBIANCVE:CVE-2021-37995", "DEBIANCVE:CVE-2021-37996", "DEBIANCVE:CVE-2021-4068", "DEBIANCVE:CVE-2021-37969", "DEBIANCVE:CVE-2021-4052", "DEBIANCVE:CVE-2021-37985", "DEBIANCVE:CVE-2021-37977", "DEBIANCVE:CVE-2022-0102", "DEBIANCVE:CVE-2021-4098", "DEBIANCVE:CVE-2021-37983", "DEBIANCVE:CVE-2021-37959", "DEBIANCVE:CVE-2021-38008", "DEBIANCVE:CVE-2022-0103", "DEBIANCVE:CVE-2021-37956", "DEBIANCVE:CVE-2021-4065", "DEBIANCVE:CVE-2021-38017", "DEBIANCVE:CVE-2021-4079", "DEBIANCVE:CVE-2021-38014", "DEBIANCVE:CVE-2021-37981", "DEBIANCVE:CVE-2021-37974", "DEBIANCVE:CVE-2021-4067", "DEBIANCVE:CVE-2022-0117", "DEBIANCVE:CVE-2021-37999", "DEBIANCVE:CVE-2021-37963", "DEBIANCVE:CVE-2021-38001", "DEBIANCVE:CVE-2021-37979", "DEBIANCVE:CVE-2021-37971", "DEBIANCVE:CVE-2021-4078", "DEBIANCVE:CVE-2021-4064", "DEBIANCVE:CVE-2021-37961"], "type": "debiancve"}, {"idList": ["CPAI-2021-1028", "CPAI-2021-1055", "CPAI-2021-1116"], "type": "checkpoint_advisories"}, {"idList": ["CISA:28B486B568E680DD9C27FB088FAEC3C7", "CISA:A18F08DE3E2F1C8CB8076BD5F052EFA3"], "type": "cisa"}, {"idList": ["DEBIAN:DSA-5046-1:A18C0"], "type": "debian"}, {"idList": ["GITHUB:D9472F716C46C02F88677DBAD0EEA334"], "type": "github"}, {"idList": ["FEDORA:12FCA30F5428", "FEDORA:D72E230C6791", "FEDORA:210C430584A5", "FEDORA:BC8983072E0A", "FEDORA:BE52E30CCCAA", "FEDORA:4CD8430AA7AD", "FEDORA:1E8AD3056996", "FEDORA:BD29330987FD", "FEDORA:75CA430AA7A6", "FEDORA:1C5A430C4EB3", "FEDORA:E043930AE6E8", "FEDORA:5C0DB31397D8", "FEDORA:B97503020A86", "FEDORA:9952031143B1", "FEDORA:7AA7C307F074"], "type": "fedora"}, {"idList": ["THREATPOST:3697F9293A6DFF6CD5927E9E68FF488A", "THREATPOST:C6B47B678F2F0E21955D4053DE13FA64", "THREATPOST:45B63C766965F5748AEC30DE709C8003"], "type": "threatpost"}, {"idList": ["RAPID7BLOG:20364300767E58631FFE0D21622E63A3", "RAPID7BLOG:B6DE24165AA9AA83EDA117170EDDAD44", "RAPID7BLOG:73EAE8A2825E9B6764F314122B4E5F25"], "type": "rapid7blog"}, {"idList": ["THN:4CC79A3CEFEDEB0DC9CF87C5B9035209", "THN:50D7C51FE6D69FC5DB5B37402AD0E412", "THN:B7217784F9D53002315C9C43CCC73766", "THN:C6CED16C5E8707F2EF9BD08516F7456C", "THN:7323080B670457C9B10250332ADE8B87", "THN:6A9CD6F085628D08978727C0FF597535"], "type": "thn"}, {"idList": ["AKB:795A9D93-F12E-4850-BD6A-5E10D1372B2C", "AKB:D35B77A1-B787-4DAD-A906-5CA8A79C2F30", "AKB:E19B9242-C88F-44D6-8AED-AFDFBCF99977", "AKB:411A7B9E-A187-43CF-8DA1-E0E921F590D1", "AKB:D986B627-DA84-4C1B-8D20-5ADF751B05BF", "AKB:C21CBC3B-DA85-49D2-A7A6-9061F5B01CF9"], "type": "attackerkb"}, {"idList": ["QUALYSBLOG:BC22CE22A3E70823D5F0E944CBD5CE4A", "QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3"], "type": "qualysblog"}, {"idList": ["E860E27F-13A7-53D6-8B01-C4391764E6F3", "D210EB39-6ACF-5BE7-9DDB-17248A36E11D"], "type": "githubexploit"}, {"idList": ["B8C0CBCA-472D-11EC-83DC-3065EC8FD3EC", "9EECCBF3-6E26-11EC-BB10-3065EC8FD3EC", "7D3D94D3-2810-11EC-9C51-3065EC8FD3EC", "3551E106-1B17-11EC-A8A7-704D7B472482", "976D7BF9-38EA-11EC-B3B0-3065EC8FD3EC", "777EDBBE-2230-11EC-8869-704D7B472482", "18AC074C-579F-11EC-AAC7-3065EC8FD3EC", "B6C875F1-1D76-11EC-AE80-704D7B472482", "FB9BA490-5CC4-11EC-AAC7-3065EC8FD3EC", "BDAECFAD-3117-11EC-B3B0-3065EC8FD3EC"], "type": "freebsd"}, {"idList": ["GOOGLEPROJECTZERO:CA925EE6A931620550EF819815B14156"], "type": "googleprojectzero"}, {"idList": ["CVE-2022-0098", "CVE-2021-37963", "CVE-2021-4099", "CVE-2021-38019", "CVE-2021-38006", "CVE-2021-37979", "CVE-2021-37999", "CVE-2021-4065", "CVE-2021-37983", "CVE-2021-4062", "CVE-2021-4066", "CVE-2021-4079", "CVE-2022-0120", "CVE-2021-4055", "CVE-2022-0116", "CVE-2021-37957", "CVE-2021-37956", "CVE-2022-0096", "CVE-2021-38018", "CVE-2021-4052", "CVE-2021-38011", "CVE-2021-4068", "CVE-2021-38003", "CVE-2021-37995", "CVE-2021-38009", "CVE-2021-38015", "CVE-2021-37982", "CVE-2021-4057", "CVE-2021-37962", "CVE-2022-0117", "CVE-2021-37981", "CVE-2021-38000", "CVE-2021-37989", "CVE-2021-37959", "CVE-2021-38017", "CVE-2021-37965", "CVE-2021-37975", "CVE-2021-37994", "CVE-2022-0103", "CVE-2021-4098", "CVE-2022-0101", "CVE-2021-4061", "CVE-2021-37985", "CVE-2021-37980", "CVE-2021-38021", "CVE-2021-38002", "CVE-2022-0104", "CVE-2021-37970", "CVE-2022-0097", "CVE-2021-38013", "CVE-2022-0107", "CVE-2022-0100", "CVE-2022-0115", "CVE-2021-4056", "CVE-2022-0109", "CVE-2021-37968", "CVE-2022-0114", "CVE-2022-0106", "CVE-2021-38012", "CVE-2021-4063", "CVE-2021-37967", "CVE-2021-37977", "CVE-2021-37997", "CVE-2021-37986", "CVE-2021-37990", "CVE-2021-4102", "CVE-2021-37984", "CVE-2021-37964", "CVE-2021-37976", "CVE-2021-4078", "CVE-2022-0111", "CVE-2021-38005", "CVE-2021-37993", "CVE-2021-37972", "CVE-2022-0102", "CVE-2021-37998", "CVE-2021-38001", "CVE-2021-4064", "CVE-2022-0113", "CVE-2021-38022", "CVE-2021-4053", "CVE-2021-37971", "CVE-2021-37961", "CVE-2021-38020", "CVE-2021-37988", "CVE-2022-0099", "CVE-2021-37958", "CVE-2021-38004", "CVE-2021-4101", "CVE-2021-37966", "CVE-2021-37978", "CVE-2022-0112", "CVE-2021-4058", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-37974", "CVE-2021-37996", "CVE-2021-37973", "CVE-2022-0105", "CVE-2021-37969", "CVE-2021-38016", "CVE-2021-4059", "CVE-2021-37987", "CVE-2022-0110", "CVE-2022-0108", "CVE-2021-37991", "CVE-2021-4054", "CVE-2021-37992", "CVE-2021-4100", "CVE-2022-0118", "CVE-2021-38014", "CVE-2021-4067", "CVE-2021-38010"], "type": "cve"}, {"idList": ["HIVEPRO:E94A0D5F817307E8C9D45F52D6A000D1", "HIVEPRO:F243DF43F7B996BA4E54A801D8E23724", "HIVEPRO:F0E08A7B0A92ED0929AD9DE27F33C527"], "type": "hivepro"}, {"idList": ["AVLEONOV:B6F052DA6F44A6D3C449552BB1B53A9A"], "type": "avleonov"}, {"idList": ["RH:CVE-2022-0096", "RH:CVE-2021-37981", "RH:CVE-2022-0118", "RH:CVE-2021-38009", "RH:CVE-2021-37975", "RH:CVE-2022-0103", "RH:CVE-2021-37961", "RH:CVE-2021-37959", "RH:CVE-2021-37984", "RH:CVE-2021-37972", "RH:CVE-2021-38000", "RH:CVE-2021-37970"], "type": "redhatcve"}, {"idList": ["MS:CVE-2022-0117", "MS:CVE-2021-37994", "MS:CVE-2021-38018", "MS:CVE-2022-0096", "MS:CVE-2021-4066", "MS:CVE-2021-37969", "MS:CVE-2022-0107", "MS:CVE-2022-0097", "MS:CVE-2022-0106", "MS:CVE-2021-37972", "MS:CVE-2021-37967", "MS:CVE-2021-37968", "MS:CVE-2021-37964", "MS:CVE-2021-38021", "MS:CVE-2021-37997", "MS:CVE-2022-0111", "MS:CVE-2021-4062", "MS:CVE-2021-37970", "MS:CVE-2021-4068", "MS:CVE-2022-0112", "MS:CVE-2022-0120", "MS:CVE-2021-37982", "MS:CVE-2022-0100", "MS:CVE-2022-0113", "MS:CVE-2021-4067", "MS:CVE-2021-37966", "MS:CVE-2021-37974", "MS:CVE-2021-37984", "MS:CVE-2021-38001", "MS:CVE-2021-37989", "MS:CVE-2022-0118", "MS:CVE-2021-37971", "MS:CVE-2021-4098", "MS:CVE-2021-37963", "MS:CVE-2022-0104", "MS:CVE-2022-0101", "MS:CVE-2021-4064", "MS:CVE-2021-37957", "MS:CVE-2021-4065", "MS:CVE-2021-38013", "MS:CVE-2021-37959", "MS:CVE-2021-38016", "MS:CVE-2021-4055", "MS:CVE-2021-4100", "MS:CVE-2021-37973", "MS:CVE-2021-37988", "MS:CVE-2021-38008", "MS:CVE-2021-4054", "MS:CVE-2022-0105", "MS:CVE-2021-37986", "MS:CVE-2021-4052", "MS:CVE-2021-38007", "MS:CVE-2021-37978", "MS:CVE-2021-37983", "MS:CVE-2021-4056", "MS:CVE-2022-0114", "MS:CVE-2022-0116", "MS:CVE-2021-37990", "MS:CVE-2021-37977", "MS:CVE-2021-37956", "MS:CVE-2022-0109", "MS:CVE-2021-38019", "MS:CVE-2021-37992", "MS:CVE-2021-4099", "MS:CVE-2021-38022", "MS:CVE-2021-37993", "MS:CVE-2022-0102", "MS:CVE-2021-38002", "MS:CVE-2021-37962", "MS:CVE-2021-4063", "MS:CVE-2022-0110", "MS:CVE-2021-38006", "MS:CVE-2021-37975", "MS:CVE-2021-4053", "MS:CVE-2021-38010", "MS:CVE-2021-37976", "MS:CVE-2021-37985", "MS:CVE-2021-4059", "MS:CVE-2021-38017", "MS:CVE-2021-37991", "MS:CVE-2021-37995", "MS:CVE-2022-0099", "MS:CVE-2021-38015", "MS:CVE-2021-4102", "MS:CVE-2022-0115", "MS:CVE-2021-38020", "MS:CVE-2021-4057", "MS:CVE-2021-38009", "MS:CVE-2021-38011", "MS:CVE-2021-37958", "MS:CVE-2021-38005", "MS:CVE-2021-4058", "MS:CVE-2021-37961", "MS:CVE-2021-38000", "MS:CVE-2022-0108", "MS:CVE-2021-38012", "MS:CVE-2021-38014", "MS:CVE-2021-37998", "MS:CVE-2021-4101", "MS:CVE-2021-37979", "MS:CVE-2021-37981", "MS:CVE-2021-37987", "MS:CVE-2021-37980", "MS:CVE-2022-0098", "MS:CVE-2021-38003", "MS:CVE-2021-37996", "MS:CVE-2021-4061", "MS:CVE-2021-37965", "MS:CVE-2022-0103", "MS:CVE-2021-37999"], "type": "mscve"}, {"idList": ["VERACODE:33267", "VERACODE:32879", "VERACODE:33466", "VERACODE:33258", "VERACODE:33672", "VERACODE:33266", "VERACODE:33683", "VERACODE:32878", "VERACODE:32876", "VERACODE:33688", "VERACODE:32877", "VERACODE:33671", "VERACODE:32881", "VERACODE:33675", "VERACODE:33686", "VERACODE:33256", "VERACODE:32416", "VERACODE:33668", "VERACODE:32872", "VERACODE:32880", "VERACODE:33252", "VERACODE:33262", "VERACODE:32425", "VERACODE:32423", "VERACODE:33673", "VERACODE:33780", "VERACODE:32869", "VERACODE:33784", "VERACODE:33685", "VERACODE:33433", "VERACODE:32415", "VERACODE:32866", "VERACODE:33263", "VERACODE:32873", "VERACODE:33691", "VERACODE:33690", "VERACODE:33056", "VERACODE:33669", "VERACODE:32868", "VERACODE:33687", "VERACODE:33677", "VERACODE:33778", "VERACODE:32658", "VERACODE:33661", "VERACODE:32412", "VERACODE:33261", "VERACODE:33674", "VERACODE:32427", "VERACODE:33782", "VERACODE:32419", "VERACODE:33662", "VERACODE:32410", "VERACODE:33664", "VERACODE:32874", "VERACODE:33663", "VERACODE:32421", "VERACODE:33251", "VERACODE:33260", "VERACODE:33682", "VERACODE:33253", "VERACODE:33684", "VERACODE:33779", "VERACODE:32884", "VERACODE:32418", "VERACODE:33667", "VERACODE:32883", "VERACODE:32865", "VERACODE:32424", "VERACODE:33696", "VERACODE:32426", "VERACODE:33783", "VERACODE:32414", "VERACODE:33680", "VERACODE:33264", "VERACODE:32870", "VERACODE:33666", "VERACODE:33785", "VERACODE:33689", "VERACODE:33694", "VERACODE:32864", "VERACODE:32422", "VERACODE:32867", "VERACODE:32660", "VERACODE:33695", "VERACODE:33678", "VERACODE:33781", "VERACODE:32417", "VERACODE:32882", "VERACODE:32429", "VERACODE:33665", "VERACODE:33259", "VERACODE:33446", "VERACODE:32875", "VERACODE:33676", "VERACODE:33255", "VERACODE:33265", "VERACODE:33697", "VERACODE:33777", "VERACODE:33698", "VERACODE:32413", "VERACODE:33670", "VERACODE:33254", "VERACODE:32420", "VERACODE:33679", "VERACODE:33681", "VERACODE:33268", "VERACODE:32411", "VERACODE:32863", "VERACODE:32885", "VERACODE:32428", "VERACODE:33445", "VERACODE:32871", "VERACODE:32659"], "type": "veracode"}, {"idList": ["OPENSUSE-SU-2021:1488-1", "OPENSUSE-SU-2021:1582-1", "OPENSUSE-SU-2021:1434-1", "OPENSUSE-SU-2022:0110-1", "OPENSUSE-SU-2021:1632-1", "OPENSUSE-SU-2021:1433-1", "OPENSUSE-SU-2021:1350-1", "OPENSUSE-SU-2021:1396-1", "OPENSUSE-SU-2021:1339-1", "OPENSUSE-SU-2021:1489-1", "OPENSUSE-SU-2021:1462-1", "OPENSUSE-SU-2022:0047-1", "OPENSUSE-SU-2021:1358-1", "OPENSUSE-SU-2021:1392-1", "OPENSUSE-SU-2021:1600-1", "OPENSUSE-SU-2022:0070-1", "OPENSUSE-SU-2022:0014-1"], "type": "suse"}, {"idList": ["GLSA-202201-02"], "type": "gentoo"}, {"idList": ["KLA12351", "KLA12301", "KLA12307", "KLA12398", "KLA12381", "KLA12413", "KLA12329", "KLA12382", "KLA12333", "KLA12299"], "type": "kaspersky"}, {"idList": ["MGASA-2021-0565", "MGASA-2021-0555", "MGASA-2022-0050", "MGASA-2022-0043"], "type": "mageia"}, {"idList": ["UB:CVE-2021-37991", "UB:CVE-2021-38010", "UB:CVE-2021-4052", "UB:CVE-2021-4100", "UB:CVE-2022-0096", "UB:CVE-2021-37987", "UB:CVE-2021-38021", "UB:CVE-2021-4065", "UB:CVE-2021-4059", "UB:CVE-2021-37976", "UB:CVE-2021-37978", "UB:CVE-2021-37968", "UB:CVE-2021-37975", "UB:CVE-2022-0118", "UB:CVE-2022-0107", "UB:CVE-2021-37971", "UB:CVE-2021-4061", "UB:CVE-2021-37967", "UB:CVE-2021-4056", "UB:CVE-2022-0097", "UB:CVE-2021-4054", "UB:CVE-2021-38015", "UB:CVE-2021-38017", "UB:CVE-2022-0112", "UB:CVE-2021-37969", "UB:CVE-2021-37981", "UB:CVE-2022-0104", "UB:CVE-2021-37995", "UB:CVE-2021-38009", "UB:CVE-2021-38016", "UB:CVE-2021-38007", "UB:CVE-2021-37980", "UB:CVE-2021-4102", "UB:CVE-2021-38013", "UB:CVE-2022-0110", "UB:CVE-2021-4066", "UB:CVE-2021-4067", "UB:CVE-2021-38018", "UB:CVE-2021-37957", "UB:CVE-2021-37979", "UB:CVE-2021-38022", "UB:CVE-2021-4057", "UB:CVE-2021-37965", "UB:CVE-2021-37999", "UB:CVE-2021-37961", "UB:CVE-2021-37963", "UB:CVE-2022-0098", "UB:CVE-2021-37962", "UB:CVE-2021-4068", "UB:CVE-2021-38014", "UB:CVE-2021-38011", "UB:CVE-2021-37982", "UB:CVE-2021-4064", "UB:CVE-2021-38003", "UB:CVE-2022-0099", "UB:CVE-2021-37959", "UB:CVE-2021-4078", "UB:CVE-2021-38001", "UB:CVE-2021-37998", "UB:CVE-2021-4101", "UB:CVE-2021-37988", "UB:CVE-2022-0101", "UB:CVE-2022-0108", "UB:CVE-2022-0115", "UB:CVE-2021-4098", "UB:CVE-2021-37974", "UB:CVE-2022-0103", "UB:CVE-2021-38000", "UB:CVE-2021-38006", "UB:CVE-2021-37986", "UB:CVE-2021-4058", "UB:CVE-2021-4055", "UB:CVE-2022-0117", "UB:CVE-2021-37983", "UB:CVE-2021-38020", "UB:CVE-2022-0120", "UB:CVE-2021-37994", "UB:CVE-2021-38019", "UB:CVE-2021-37993", "UB:CVE-2021-37989", "UB:CVE-2021-4099", "UB:CVE-2021-37985", "UB:CVE-2021-38002", "UB:CVE-2021-37990", "UB:CVE-2021-37996", "UB:CVE-2021-37958", "UB:CVE-2021-38005", "UB:CVE-2021-37970", "UB:CVE-2021-4063", "UB:CVE-2022-0106", "UB:CVE-2021-37956", "UB:CVE-2022-0109", "UB:CVE-2021-4062", "UB:CVE-2022-0114", "UB:CVE-2021-37972", "UB:CVE-2021-4053", "UB:CVE-2022-0113", "UB:CVE-2021-37984", "UB:CVE-2022-0102", "UB:CVE-2022-0100", "UB:CVE-2021-37964", "UB:CVE-2021-38008", "UB:CVE-2021-38004", "UB:CVE-2022-0105", "UB:CVE-2022-0111", "UB:CVE-2021-37992", "UB:CVE-2021-37973", "UB:CVE-2022-0116", "UB:CVE-2021-37977", "UB:CVE-2021-37966", "UB:CVE-2021-37997", "UB:CVE-2021-4079", "UB:CVE-2021-38012"], "type": "ubuntucve"}, {"idList": ["TALOS-2021-1372", "TALOS-2021-1398"], "type": "talos"}]}, "score": {"value": 1.7, "vector": "NONE"}, "affected_software": {"major_version": [{"name": "chromium", "version": 93}, {"name": "chromium", "version": 90}]}, "epss": [{"cve": "CVE-2022-0098", "epss": "0.001170000", "percentile": "0.440250000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37963", "epss": "0.003490000", "percentile": "0.673410000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4099", "epss": "0.001330000", "percentile": "0.465990000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38019", "epss": "0.002140000", "percentile": "0.577010000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38006", "epss": "0.001770000", "percentile": "0.531610000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37979", "epss": "0.002140000", "percentile": "0.576240000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37999", "epss": "0.001480000", "percentile": "0.490590000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4065", "epss": "0.002190000", "percentile": "0.581420000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37983", "epss": "0.002870000", "percentile": "0.639210000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4062", "epss": "0.003410000", "percentile": "0.669170000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4066", "epss": "0.002770000", "percentile": "0.632100000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4079", "epss": "0.001370000", "percentile": "0.474730000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0120", "epss": "0.004440000", "percentile": "0.709200000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4055", "epss": "0.001180000", "percentile": "0.441830000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0116", "epss": "0.002750000", "percentile": "0.630740000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37957", "epss": "0.001560000", "percentile": "0.502300000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37956", "epss": "0.001740000", "percentile": "0.527570000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0096", "epss": "0.002470000", "percentile": "0.608550000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38018", "epss": "0.001060000", "percentile": "0.414330000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4052", "epss": "0.001180000", "percentile": "0.441830000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38011", "epss": "0.001770000", "percentile": "0.531610000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4068", "epss": "0.002260000", "percentile": "0.590890000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38003", "epss": "0.012950000", "percentile": "0.837350000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37995", "epss": "0.001820000", "percentile": "0.537850000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38009", "epss": "0.002180000", "percentile": "0.580540000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38015", "epss": "0.001150000", "percentile": "0.436340000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37982", "epss": "0.002870000", "percentile": "0.639210000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4057", "epss": "0.013980000", "percentile": "0.843520000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37962", "epss": "0.001740000", "percentile": "0.527570000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0117", "epss": "0.005330000", "percentile": "0.735720000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37981", "epss": "0.001770000", "percentile": "0.531040000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38000", "epss": "0.002580000", "percentile": "0.618160000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37989", "epss": "0.001820000", "percentile": "0.537850000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37959", "epss": "0.001130000", "percentile": "0.431260000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38017", "epss": "0.001780000", "percentile": "0.532620000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37965", "epss": "0.002550000", "percentile": "0.616190000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37975", "epss": "0.573330000", "percentile": "0.971250000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37994", "epss": "0.001480000", "percentile": "0.490950000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0103", "epss": "0.002630000", "percentile": "0.622130000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4098", "epss": "0.001020000", "percentile": "0.401180000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0101", "epss": "0.003040000", "percentile": "0.650110000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4061", "epss": "0.002770000", "percentile": "0.632100000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37985", "epss": "0.002870000", "percentile": "0.639210000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37980", "epss": "0.001720000", "percentile": "0.526170000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38021", "epss": "0.001460000", "percentile": "0.488530000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38002", "epss": "0.001480000", "percentile": "0.491280000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0104", "epss": "0.002490000", "percentile": "0.610190000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37970", "epss": "0.001890000", "percentile": "0.546730000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0097", "epss": "0.001210000", "percentile": "0.446650000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38013", "epss": "0.001860000", "percentile": "0.542810000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0107", "epss": "0.001170000", "percentile": "0.440250000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0100", "epss": "0.003040000", "percentile": "0.650110000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0115", "epss": "0.002470000", "percentile": "0.608550000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4056", "epss": "0.002770000", "percentile": "0.632100000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0109", "epss": "0.004700000", "percentile": "0.717750000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37968", "epss": "0.003620000", "percentile": "0.679160000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0114", "epss": "0.002800000", "percentile": "0.634730000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0106", "epss": "0.002470000", "percentile": "0.608550000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38012", "epss": "0.001780000", "percentile": "0.532620000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4063", "epss": "0.002770000", "percentile": "0.632100000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37967", "epss": "0.001790000", "percentile": "0.533960000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37977", "epss": "0.003040000", "percentile": "0.649820000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37997", "epss": "0.002410000", "percentile": "0.603320000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37986", "epss": "0.002020000", "percentile": "0.564840000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37990", "epss": "0.001080000", "percentile": "0.421300000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4102", "epss": "0.003870000", "percentile": "0.690020000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37984", "epss": "0.002020000", "percentile": "0.564840000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37964", "epss": "0.000710000", "percentile": "0.286190000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37976", "epss": "0.026300000", "percentile": "0.886780000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4078", "epss": "0.001780000", "percentile": "0.532620000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0111", "epss": "0.003190000", "percentile": "0.658410000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38005", "epss": "0.001770000", "percentile": "0.531610000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37993", "epss": "0.002870000", "percentile": "0.639210000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37972", "epss": "0.001940000", "percentile": "0.554930000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0102", "epss": "0.002630000", "percentile": "0.622130000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37998", "epss": "0.002410000", "percentile": "0.603320000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38001", "epss": "0.001700000", "percentile": "0.523560000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4064", "epss": "0.002770000", "percentile": "0.632100000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0113", "epss": "0.005290000", "percentile": "0.734700000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38022", "epss": "0.002140000", "percentile": "0.577010000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4053", "epss": "0.002770000", "percentile": "0.632100000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37971", "epss": "0.003460000", "percentile": "0.671420000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37961", "epss": "0.001740000", "percentile": "0.527570000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38020", "epss": "0.001480000", "percentile": "0.490620000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37988", "epss": "0.002870000", "percentile": "0.639210000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0099", "epss": "0.002630000", "percentile": "0.622130000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37958", "epss": "0.003460000", "percentile": "0.671700000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38004", "epss": "0.001790000", "percentile": "0.534040000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4101", "epss": "0.001330000", "percentile": "0.466380000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37966", "epss": "0.001790000", "percentile": "0.533960000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37978", "epss": "0.002150000", "percentile": "0.577440000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0112", "epss": "0.002290000", "percentile": "0.593380000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4058", "epss": "0.003410000", "percentile": "0.669170000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38007", "epss": "0.001780000", "percentile": "0.532620000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38008", "epss": "0.003000000", "percentile": "0.647060000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37974", "epss": "0.002020000", "percentile": "0.564170000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37996", "epss": "0.001060000", "percentile": "0.416440000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37973", "epss": "0.002210000", "percentile": "0.585660000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0105", "epss": "0.002470000", "percentile": "0.608550000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37969", "epss": "0.000880000", "percentile": "0.359200000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38016", "epss": "0.001780000", "percentile": "0.532620000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4059", "epss": "0.002260000", "percentile": "0.590890000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37987", "epss": "0.002870000", "percentile": "0.639210000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0110", "epss": "0.002590000", "percentile": "0.619020000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0108", "epss": "0.005290000", "percentile": "0.734700000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37991", "epss": "0.002020000", "percentile": "0.564840000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4054", "epss": "0.001470000", "percentile": "0.490350000", "modified": "2023-03-20"}, {"cve": "CVE-2021-37992", "epss": "0.002020000", "percentile": "0.564840000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4100", "epss": "0.001330000", "percentile": "0.466380000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0118", "epss": "0.002120000", "percentile": "0.574190000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38014", "epss": "0.001730000", "percentile": "0.527420000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4067", "epss": "0.002770000", "percentile": "0.632100000", "modified": "2023-03-20"}, {"cve": "CVE-2021-38010", "epss": "0.001460000", "percentile": "0.488530000", "modified": "2023-03-20"}], "vulnersScore": 1.7}, "_state": {"score": 1684016453, "dependencies": 1660115447, "affected_software_major_version": 1666703109, "epss": 1679338714}, "_internal": {"score_hash": "dd09da2503f68397232f4661f54c3d75"}, "affectedSoftware": [{"name": "chromium", "operator": "eq", "version": "93.0.4577.82-1"}, {"name": "chromium", "operator": "eq", "version": "90.0.4430.212-1"}]}

{"debian": [{"lastseen": "2023-08-16T15:02:49", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5046-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJanuary 14, 2022 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium\nCVE ID : CVE-2021-4052 CVE-2021-4053 CVE-2021-4054 CVE-2021-4055 \n CVE-2021-4056 CVE-2021-4057 CVE-2021-4058 CVE-2021-4059 \n CVE-2021-4061 CVE-2021-4062 CVE-2021-4063 CVE-2021-4064 \n CVE-2021-4065 CVE-2021-4066 CVE-2021-4067 CVE-2021-4068 \n CVE-2021-4078 CVE-2021-4079 CVE-2021-4098 CVE-2021-4099 \n CVE-2021-4100 CVE-2021-4101 CVE-2021-4102 CVE-2021-37956 \n CVE-2021-37957 CVE-2021-37958 CVE-2021-37959 CVE-2021-37961 \n CVE-2021-37962 CVE-2021-37963 CVE-2021-37964 CVE-2021-37965 \n CVE-2021-37966 CVE-2021-37967 CVE-2021-37968 CVE-2021-37969 \n CVE-2021-37970 CVE-2021-37971 CVE-2021-37972 CVE-2021-37973 \n CVE-2021-37974 CVE-2021-37975 CVE-2021-37976 CVE-2021-37977 \n CVE-2021-37978 CVE-2021-37979 CVE-2021-37980 CVE-2021-37981 \n CVE-2021-37982 CVE-2021-37983 CVE-2021-37984 CVE-2021-37985 \n CVE-2021-37986 CVE-2021-37987 CVE-2021-37988 CVE-2021-37989 \n CVE-2021-37990 CVE-2021-37991 CVE-2021-37992 CVE-2021-37993 \n CVE-2021-37994 CVE-2021-37995 CVE-2021-37996 CVE-2021-37997 \n CVE-2021-37998 CVE-2021-37999 CVE-2021-38000 CVE-2021-38001 \n CVE-2021-38002 CVE-2021-38003 CVE-2021-38004 CVE-2021-38005 \n CVE-2021-38006 CVE-2021-38007 CVE-2021-38008 CVE-2021-38009 \n CVE-2021-38010 CVE-2021-38011 CVE-2021-38012 CVE-2021-38013 \n CVE-2021-38014 CVE-2021-38015 CVE-2021-38016 CVE-2021-38017 \n CVE-2021-38018 CVE-2021-38019 CVE-2021-38020 CVE-2021-38021 \n CVE-2021-38022 CVE-2022-0096 CVE-2022-0097 CVE-2022-0098 \n CVE-2022-0099 CVE-2022-0100 CVE-2022-0101 CVE-2022-0102 \n CVE-2022-0103 CVE-2022-0104 CVE-2022-0105 CVE-2022-0106 \n CVE-2022-0107 CVE-2022-0108 CVE-2022-0109 CVE-2022-0110 \n CVE-2022-0111 CVE-2022-0112 CVE-2022-0113 CVE-2022-0114 \n CVE-2022-0115 CVE-2022-0116 CVE-2022-0117 CVE-2022-0118 \n CVE-2022-0120\n\nMultiple security issues were discovered in Chromium, which could result\nin the execution of arbitrary code, denial of service or information\ndisclosure.\n\nFor the oldstable distribution (buster), security support for Chromium\nhas been discontinued due to toolchain issues which no longer allow to\nbuild current Chromium releases on buster. You can either upgrade to\nthe stable release (bullseye) or switch to a browser which continues\nto receive security supports in buster (firefox-esr or browsers based\non webkit2gtk)\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 97.0.4692.71-0.1~deb11u1.\n\nWe recommend that you upgrade your chromium packages.\n\nFor the detailed security status of chromium please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/chromium\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-01-14T19:31:45", "type": "debian", "title": "[SECURITY] [DSA 5046-1] chromium security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37956", "CVE-2021-37957", "CVE-2021-37958", "CVE-2021-37959", "CVE-2021-37961", "CVE-2021-37962", "CVE-2021-37963", "CVE-2021-37964", "CVE-2021-37965", "CVE-2021-37966", "CVE-2021-37967", "CVE-2021-37968", "CVE-2021-37969", "CVE-2021-37970", "CVE-2021-37971", "CVE-2021-37972", "CVE-2021-37973", "CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980", "CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996", "CVE-2021-37997", "CVE-2021-37998", "CVE-2021-37999", "CVE-2021-38000", "CVE-2021-38001", "CVE-2021-38002", "CVE-2021-38003", "CVE-2021-38004", "CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022", "CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068", "CVE-2021-4078", "CVE-2021-4079", "CVE-2021-4098", "CVE-2021-4099", "CVE-2021-4100", "CVE-2021-4101", "CVE-2021-4102", "CVE-2022-0096", "CVE-2022-0097", "CVE-2022-0098", "CVE-2022-0099", "CVE-2022-0100", "CVE-2022-0101", "CVE-2022-0102", "CVE-2022-0103", "CVE-2022-0104", "CVE-2022-0105", "CVE-2022-0106", "CVE-2022-0107", "CVE-2022-0108", "CVE-2022-0109", "CVE-2022-0110", "CVE-2022-0111", "CVE-2022-0112", "CVE-2022-0113", "CVE-2022-0114", "CVE-2022-0115", "CVE-2022-0116", "CVE-2022-0117", "CVE-2022-0118", "CVE-2022-0120"], "modified": "2022-01-14T19:31:45", "id": "DEBIAN:DSA-5046-1:A18C0", "href": "https://lists.debian.org/debian-security-announce/2022/msg00012.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-07-04T14:33:01", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5046 advisory.\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\n - Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37961)\n\n - Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37962)\n\n - Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to bypass site isolation via a crafted HTML page. (CVE-2021-37963)\n\n - Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation attack via a crafted ONC file. (CVE-2021-37964)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-37965, CVE-2021-37968)\n\n - Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37966)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (CVE-2021-37967)\n\n - Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file. (CVE-2021-37969)\n\n - Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37970)\n\n - Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37971)\n\n - Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37972)\n\n - Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37973)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\n - Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)\n\n - Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)\n\n - heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37979)\n\n - Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows. (CVE-2021-37980)\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)\n\n - Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\n - Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37985)\n\n - Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37986)\n\n - Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37987)\n\n - Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37988)\n\n - Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page. (CVE-2021-37989)\n\n - Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app. (CVE-2021-37990)\n\n - Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37991)\n\n - Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37992)\n\n - Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)\n\n - Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-37994)\n\n - Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-37995)\n\n - Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file. (CVE-2021-37996)\n\n - Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37997)\n\n - Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37998)\n\n - Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.\n (CVE-2021-37999)\n\n - Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.\n (CVE-2021-38000)\n\n - Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38001)\n\n - Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-38002)\n\n - Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38003)\n\n - Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38004)\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\n - Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38009)\n\n - Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.\n (CVE-2021-38010)\n\n - Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-38013)\n\n - Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38014)\n\n - Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (CVE-2021-38015)\n\n - Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (CVE-2021-38016)\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-38018)\n\n - Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38019)\n\n - Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-38020)\n\n - Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38021)\n\n - Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38022)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2021-4055)\n\n - Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4056)\n\n - Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-4057)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4058)\n\n - Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-4059)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4061, CVE-2021-4078)\n\n - Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-4062)\n\n - Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4063)\n\n - Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4064)\n\n - Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4065)\n\n - Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4066)\n\n - Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4067)\n\n - Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-4068)\n\n - Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets. (CVE-2021-4079)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-15T00:00:00", "type": "nessus", "title": "Debian DSA-5046-1 : chromium - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37956", "CVE-2021-37957", "CVE-2021-37958", "CVE-2021-37959", "CVE-2021-37961", "CVE-2021-37962", "CVE-2021-37963", "CVE-2021-37964", "CVE-2021-37965", "CVE-2021-37966", "CVE-2021-37967", "CVE-2021-37968", "CVE-2021-37969", "CVE-2021-37970", "CVE-2021-37971", "CVE-2021-37972", "CVE-2021-37973", "CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980", "CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996", "CVE-2021-37997", "CVE-2021-37998", "CVE-2021-37999", "CVE-2021-38000", "CVE-2021-38001", "CVE-2021-38002", "CVE-2021-38003", "CVE-2021-38004", "CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022", "CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068", "CVE-2021-4078", "CVE-2021-4079", "CVE-2021-4098", "CVE-2021-4099", "CVE-2021-4100", "CVE-2021-4101", "CVE-2021-4102", "CVE-2022-0096", "CVE-2022-0097", "CVE-2022-0098", "CVE-2022-0099", "CVE-2022-0100", "CVE-2022-0101", "CVE-2022-0102", "CVE-2022-0103", "CVE-2022-0104", "CVE-2022-0105", "CVE-2022-0106", "CVE-2022-0107", "CVE-2022-0108", "CVE-2022-0109", "CVE-2022-0110", "CVE-2022-0111", "CVE-2022-0112", "CVE-2022-0113", "CVE-2022-0114", "CVE-2022-0115", "CVE-2022-0116", "CVE-2022-0117", "CVE-2022-0118", "CVE-2022-0120"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium", "p-cpe:/a:debian:debian_linux:chromium-common", "p-cpe:/a:debian:debian_linux:chromium-driver", "p-cpe:/a:debian:debian_linux:chromium-l10n", "p-cpe:/a:debian:debian_linux:chromium-sandbox", "p-cpe:/a:debian:debian_linux:chromium-shell", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5046.NASL", "href": "https://www.tenable.com/plugins/nessus/156763", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5046. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156763);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-4052\",\n \"CVE-2021-4053\",\n \"CVE-2021-4054\",\n \"CVE-2021-4055\",\n \"CVE-2021-4056\",\n \"CVE-2021-4057\",\n \"CVE-2021-4058\",\n \"CVE-2021-4059\",\n \"CVE-2021-4061\",\n \"CVE-2021-4062\",\n \"CVE-2021-4063\",\n \"CVE-2021-4064\",\n \"CVE-2021-4065\",\n \"CVE-2021-4066\",\n \"CVE-2021-4067\",\n \"CVE-2021-4068\",\n \"CVE-2021-4078\",\n \"CVE-2021-4079\",\n \"CVE-2021-4098\",\n \"CVE-2021-4099\",\n \"CVE-2021-4100\",\n \"CVE-2021-4101\",\n \"CVE-2021-4102\",\n \"CVE-2021-37956\",\n \"CVE-2021-37957\",\n \"CVE-2021-37958\",\n \"CVE-2021-37959\",\n \"CVE-2021-37961\",\n \"CVE-2021-37962\",\n \"CVE-2021-37963\",\n \"CVE-2021-37964\",\n \"CVE-2021-37965\",\n \"CVE-2021-37966\",\n \"CVE-2021-37967\",\n \"CVE-2021-37968\",\n \"CVE-2021-37969\",\n \"CVE-2021-37970\",\n \"CVE-2021-37971\",\n \"CVE-2021-37972\",\n \"CVE-2021-37973\",\n \"CVE-2021-37974\",\n \"CVE-2021-37975\",\n \"CVE-2021-37976\",\n \"CVE-2021-37977\",\n \"CVE-2021-37978\",\n \"CVE-2021-37979\",\n \"CVE-2021-37980\",\n \"CVE-2021-37981\",\n \"CVE-2021-37982\",\n \"CVE-2021-37983\",\n \"CVE-2021-37984\",\n \"CVE-2021-37985\",\n \"CVE-2021-37986\",\n \"CVE-2021-37987\",\n \"CVE-2021-37988\",\n \"CVE-2021-37989\",\n \"CVE-2021-37990\",\n \"CVE-2021-37991\",\n \"CVE-2021-37992\",\n \"CVE-2021-37993\",\n \"CVE-2021-37994\",\n \"CVE-2021-37995\",\n \"CVE-2021-37996\",\n \"CVE-2021-37997\",\n \"CVE-2021-37998\",\n \"CVE-2021-37999\",\n \"CVE-2021-38000\",\n \"CVE-2021-38001\",\n \"CVE-2021-38002\",\n \"CVE-2021-38003\",\n \"CVE-2021-38004\",\n \"CVE-2021-38005\",\n \"CVE-2021-38006\",\n \"CVE-2021-38007\",\n \"CVE-2021-38008\",\n \"CVE-2021-38009\",\n \"CVE-2021-38010\",\n \"CVE-2021-38011\",\n \"CVE-2021-38012\",\n \"CVE-2021-38013\",\n \"CVE-2021-38014\",\n \"CVE-2021-38015\",\n \"CVE-2021-38016\",\n \"CVE-2021-38017\",\n \"CVE-2021-38018\",\n \"CVE-2021-38019\",\n \"CVE-2021-38020\",\n \"CVE-2021-38021\",\n \"CVE-2021-38022\",\n \"CVE-2022-0096\",\n \"CVE-2022-0097\",\n \"CVE-2022-0098\",\n \"CVE-2022-0099\",\n \"CVE-2022-0100\",\n \"CVE-2022-0101\",\n \"CVE-2022-0102\",\n \"CVE-2022-0103\",\n \"CVE-2022-0104\",\n \"CVE-2022-0105\",\n \"CVE-2022-0106\",\n \"CVE-2022-0107\",\n \"CVE-2022-0108\",\n \"CVE-2022-0109\",\n \"CVE-2022-0110\",\n \"CVE-2022-0111\",\n \"CVE-2022-0112\",\n \"CVE-2022-0113\",\n \"CVE-2022-0114\",\n \"CVE-2022-0115\",\n \"CVE-2022-0116\",\n \"CVE-2022-0117\",\n \"CVE-2022-0118\",\n \"CVE-2022-0120\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0438-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0448-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0449-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0459-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0491-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0522-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0555-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0568-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0576-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0001-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/29\");\n\n script_name(english:\"Debian DSA-5046-1 : chromium - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5046 advisory.\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a\n remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a\n user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\n - Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37961)\n\n - Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who\n had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37962)\n\n - Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote\n attacker to bypass site isolation via a crafted HTML page. (CVE-2021-37963)\n\n - Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54\n allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation\n attack via a crafted ONC file. (CVE-2021-37964)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a\n remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-37965, CVE-2021-37968)\n\n - Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a\n remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37966)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a\n remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML\n page. (CVE-2021-37967)\n\n - Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a\n remote attacker to perform local privilege escalation via a crafted file. (CVE-2021-37969)\n\n - Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37970)\n\n - Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker\n to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37971)\n\n - Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37972)\n\n - Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37973)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to\n obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\n - Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)\n\n - Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)\n\n - heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who\n convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted\n HTML page. (CVE-2021-37979)\n\n - Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker\n to potentially bypass site isolation via Windows. (CVE-2021-37980)\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)\n\n - Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\n - Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a\n user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37985)\n\n - Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37986)\n\n - Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37987)\n\n - Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced\n a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37988)\n\n - Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n abuse content security policy via a crafted HTML page. (CVE-2021-37989)\n\n - Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote\n attacker to leak cross-origin data via a crafted app. (CVE-2021-37990)\n\n - Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2021-37991)\n\n - Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37992)\n\n - Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)\n\n - Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote\n attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-37994)\n\n - Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote\n attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-37995)\n\n - Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a\n remote attacker to bypass navigation restrictions via a malicious file. (CVE-2021-37996)\n\n - Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a\n user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37997)\n\n - Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37998)\n\n - Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote\n attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.\n (CVE-2021-37999)\n\n - Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69\n allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.\n (CVE-2021-38000)\n\n - Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38001)\n\n - Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-38002)\n\n - Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38003)\n\n - Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote\n attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38004)\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\n - Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n leak cross-origin data via a crafted HTML page. (CVE-2021-38009)\n\n - Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.\n (CVE-2021-38010)\n\n - Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed\n a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via\n a crafted HTML page. (CVE-2021-38013)\n\n - Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38014)\n\n - Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who\n convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome\n Extension. (CVE-2021-38015)\n\n - Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a\n remote attacker to bypass same origin policy via a crafted HTML page. (CVE-2021-38016)\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-38018)\n\n - Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker\n to leak cross-origin data via a crafted HTML page. (CVE-2021-38019)\n\n - Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45\n allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-38020)\n\n - Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker\n to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38021)\n\n - Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38022)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user\n to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who\n convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n Chrome Extension. (CVE-2021-4055)\n\n - Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4056)\n\n - Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-4057)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4058)\n\n - Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n leak cross-origin data via a crafted HTML page. (CVE-2021-4059)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4061, CVE-2021-4078)\n\n - Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-4062)\n\n - Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4063)\n\n - Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote\n attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4064)\n\n - Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4065)\n\n - Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4066)\n\n - Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote\n attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4067)\n\n - Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote\n attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-4068)\n\n - Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via crafted WebRTC packets. (CVE-2021-4079)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/chromium\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5046\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37957\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37958\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37961\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37963\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37964\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37965\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37970\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37973\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37976\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37979\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37980\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37981\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37983\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37985\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37987\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37988\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37989\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37990\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37991\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37993\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37996\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37997\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38000\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38001\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38006\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38007\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38008\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38015\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38016\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38017\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38020\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38021\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4052\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4054\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4059\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4062\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4063\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4064\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4065\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4066\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4067\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4068\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4078\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4079\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4101\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4102\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0097\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0101\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0102\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0103\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0105\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0106\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0107\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0109\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0110\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0112\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0113\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0114\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0117\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0120\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/chromium\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/chromium\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the chromium packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 97.0.4692.71-0.1~deb11u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0115\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0097\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-driver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-sandbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'chromium', 'reference': '97.0.4692.71-0.1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-common', 'reference': '97.0.4692.71-0.1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-driver', 'reference': '97.0.4692.71-0.1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-l10n', 'reference': '97.0.4692.71-0.1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-sandbox', 'reference': '97.0.4692.71-0.1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-shell', 'reference': '97.0.4692.71-0.1~deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromium / chromium-common / chromium-driver / chromium-l10n / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-03T15:42:36", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1582-1 advisory.\n\n - Use after free in loader. (CVE-2021-38005)\n\n - Use after free in storage foundation. (CVE-2021-38006, CVE-2021-38011)\n\n - Type Confusion in V8. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media. (CVE-2021-38008)\n\n - Inappropriate implementation in cache. (CVE-2021-38009)\n\n - Inappropriate implementation in service workers. (CVE-2021-38010)\n\n - Heap buffer overflow in fingerprint recognition. (CVE-2021-38013)\n\n - Out of bounds write in Swiftshader. (CVE-2021-38014)\n\n - Inappropriate implementation in input. (CVE-2021-38015)\n\n - Insufficient policy enforcement in background fetch. (CVE-2021-38016)\n\n - Insufficient policy enforcement in iframe sandbox. (CVE-2021-38017)\n\n - Inappropriate implementation in navigation. (CVE-2021-38018)\n\n - Insufficient policy enforcement in CORS. (CVE-2021-38019)\n\n - Insufficient policy enforcement in contacts picker. (CVE-2021-38020)\n\n - Inappropriate implementation in referrer. (CVE-2021-38021)\n\n - Inappropriate implementation in WebAuthentication. (CVE-2021-38022)\n\n - This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. (CVE-2021-4052, CVE-2021-4053, CVE-2021-4054, CVE-2021-4055, CVE-2021-4056, CVE-2021-4057, CVE-2021-4058, CVE-2021-4059, CVE-2021-4061, CVE-2021-4062, CVE-2021-4063, CVE-2021-4065, CVE-2021-4066, CVE-2021-4067, CVE-2021-4068)\n\n - Use after free in screen capture. (CVE-2021-4064)\n\n - Type confusion in V8. (CVE-2021-4078)\n\n - Out of bounds write in WebRTC. (CVE-2021-4079)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-17T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1582-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022", "CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068", "CVE-2021-4078", "CVE-2021-4079"], "modified": "2022-05-06T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-1582.NASL", "href": "https://www.tenable.com/plugins/nessus/156131", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1582-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156131);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2021-4052\",\n \"CVE-2021-4053\",\n \"CVE-2021-4054\",\n \"CVE-2021-4055\",\n \"CVE-2021-4056\",\n \"CVE-2021-4057\",\n \"CVE-2021-4058\",\n \"CVE-2021-4059\",\n \"CVE-2021-4061\",\n \"CVE-2021-4062\",\n \"CVE-2021-4063\",\n \"CVE-2021-4064\",\n \"CVE-2021-4065\",\n \"CVE-2021-4066\",\n \"CVE-2021-4067\",\n \"CVE-2021-4068\",\n \"CVE-2021-4078\",\n \"CVE-2021-4079\",\n \"CVE-2021-38005\",\n \"CVE-2021-38006\",\n \"CVE-2021-38007\",\n \"CVE-2021-38008\",\n \"CVE-2021-38009\",\n \"CVE-2021-38010\",\n \"CVE-2021-38011\",\n \"CVE-2021-38012\",\n \"CVE-2021-38013\",\n \"CVE-2021-38014\",\n \"CVE-2021-38015\",\n \"CVE-2021-38016\",\n \"CVE-2021-38017\",\n \"CVE-2021-38018\",\n \"CVE-2021-38019\",\n \"CVE-2021-38020\",\n \"CVE-2021-38021\",\n \"CVE-2021-38022\"\n );\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1582-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1582-1 advisory.\n\n - Use after free in loader. (CVE-2021-38005)\n\n - Use after free in storage foundation. (CVE-2021-38006, CVE-2021-38011)\n\n - Type Confusion in V8. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media. (CVE-2021-38008)\n\n - Inappropriate implementation in cache. (CVE-2021-38009)\n\n - Inappropriate implementation in service workers. (CVE-2021-38010)\n\n - Heap buffer overflow in fingerprint recognition. (CVE-2021-38013)\n\n - Out of bounds write in Swiftshader. (CVE-2021-38014)\n\n - Inappropriate implementation in input. (CVE-2021-38015)\n\n - Insufficient policy enforcement in background fetch. (CVE-2021-38016)\n\n - Insufficient policy enforcement in iframe sandbox. (CVE-2021-38017)\n\n - Inappropriate implementation in navigation. (CVE-2021-38018)\n\n - Insufficient policy enforcement in CORS. (CVE-2021-38019)\n\n - Insufficient policy enforcement in contacts picker. (CVE-2021-38020)\n\n - Inappropriate implementation in referrer. (CVE-2021-38021)\n\n - Inappropriate implementation in WebAuthentication. (CVE-2021-38022)\n\n - This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this\n vulnerability. Please see Google Chrome Releases for more information. (CVE-2021-4052, CVE-2021-4053,\n CVE-2021-4054, CVE-2021-4055, CVE-2021-4056, CVE-2021-4057, CVE-2021-4058, CVE-2021-4059, CVE-2021-4061,\n CVE-2021-4062, CVE-2021-4063, CVE-2021-4065, CVE-2021-4066, CVE-2021-4067, CVE-2021-4068)\n\n - Use after free in screen capture. (CVE-2021-4064)\n\n - Type confusion in V8. (CVE-2021-4078)\n\n - Out of bounds write in WebRTC. (CVE-2021-4079)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193519\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2H3B3VUHNFAXDEK6YLKWJWLKWC4NOIPM/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?847e6cea\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38006\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38007\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38008\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38015\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38016\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38017\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38020\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38021\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4052\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4054\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4059\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4062\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4063\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4064\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4065\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4066\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4067\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4068\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4078\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4079\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4079\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-38013\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-96.0.4664.93-bp153.2.45.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-96.0.4664.93-bp153.2.45.2', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:28", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1632-1 advisory.\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\n - Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38009)\n\n - Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.\n (CVE-2021-38010)\n\n - Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-38013)\n\n - Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38014)\n\n - Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (CVE-2021-38015)\n\n - Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (CVE-2021-38016)\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-38018)\n\n - Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38019)\n\n - Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-38020)\n\n - Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38021)\n\n - Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38022)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2021-4055)\n\n - Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4056)\n\n - Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-4057)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4058)\n\n - Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-4059)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4061, CVE-2021-4078)\n\n - Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-4062)\n\n - Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4063)\n\n - Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4064)\n\n - Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4065)\n\n - Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4066)\n\n - Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4067)\n\n - Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-4068)\n\n - Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets. (CVE-2021-4079)\n\n - Insufficient data validation in Mojo. (CVE-2021-4098)\n\n - Use after free in Swiftshader. (CVE-2021-4099)\n\n - Object lifecycle issue in ANGLE. (CVE-2021-4100)\n\n - Heap buffer overflow in Swiftshader. (CVE-2021-4101)\n\n - Use after free in V8. (CVE-2021-4102)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-29T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1632-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022", "CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068", "CVE-2021-4078", "CVE-2021-4079", "CVE-2021-4098", "CVE-2021-4099", "CVE-2021-4100", "CVE-2021-4101", "CVE-2021-4102"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-1632.NASL", "href": "https://www.tenable.com/plugins/nessus/156341", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1632-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156341);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-4052\",\n \"CVE-2021-4053\",\n \"CVE-2021-4054\",\n \"CVE-2021-4055\",\n \"CVE-2021-4056\",\n \"CVE-2021-4057\",\n \"CVE-2021-4058\",\n \"CVE-2021-4059\",\n \"CVE-2021-4061\",\n \"CVE-2021-4062\",\n \"CVE-2021-4063\",\n \"CVE-2021-4064\",\n \"CVE-2021-4065\",\n \"CVE-2021-4066\",\n \"CVE-2021-4067\",\n \"CVE-2021-4068\",\n \"CVE-2021-4078\",\n \"CVE-2021-4079\",\n \"CVE-2021-4098\",\n \"CVE-2021-4099\",\n \"CVE-2021-4100\",\n \"CVE-2021-4101\",\n \"CVE-2021-4102\",\n \"CVE-2021-38005\",\n \"CVE-2021-38006\",\n \"CVE-2021-38007\",\n \"CVE-2021-38008\",\n \"CVE-2021-38009\",\n \"CVE-2021-38010\",\n \"CVE-2021-38011\",\n \"CVE-2021-38012\",\n \"CVE-2021-38013\",\n \"CVE-2021-38014\",\n \"CVE-2021-38015\",\n \"CVE-2021-38016\",\n \"CVE-2021-38017\",\n \"CVE-2021-38018\",\n \"CVE-2021-38019\",\n \"CVE-2021-38020\",\n \"CVE-2021-38021\",\n \"CVE-2021-38022\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0568-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0576-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0555-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/29\");\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1632-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1632-1 advisory.\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\n - Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n leak cross-origin data via a crafted HTML page. (CVE-2021-38009)\n\n - Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.\n (CVE-2021-38010)\n\n - Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed\n a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via\n a crafted HTML page. (CVE-2021-38013)\n\n - Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38014)\n\n - Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who\n convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome\n Extension. (CVE-2021-38015)\n\n - Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a\n remote attacker to bypass same origin policy via a crafted HTML page. (CVE-2021-38016)\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-38018)\n\n - Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker\n to leak cross-origin data via a crafted HTML page. (CVE-2021-38019)\n\n - Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45\n allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-38020)\n\n - Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker\n to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38021)\n\n - Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38022)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user\n to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who\n convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n Chrome Extension. (CVE-2021-4055)\n\n - Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4056)\n\n - Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-4057)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4058)\n\n - Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n leak cross-origin data via a crafted HTML page. (CVE-2021-4059)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4061, CVE-2021-4078)\n\n - Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-4062)\n\n - Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4063)\n\n - Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote\n attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4064)\n\n - Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4065)\n\n - Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4066)\n\n - Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote\n attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4067)\n\n - Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote\n attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-4068)\n\n - Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via crafted WebRTC packets. (CVE-2021-4079)\n\n - Insufficient data validation in Mojo. (CVE-2021-4098)\n\n - Use after free in Swiftshader. (CVE-2021-4099)\n\n - Object lifecycle issue in ANGLE. (CVE-2021-4100)\n\n - Heap buffer overflow in Swiftshader. (CVE-2021-4101)\n\n - Use after free in V8. (CVE-2021-4102)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193713\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DUJZLITO4GTLR5FP75FBCLDYZMUY2AFI/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dbea4788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38006\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38007\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38008\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38015\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38016\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38017\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38020\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38021\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4052\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4054\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4059\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4062\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4063\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4064\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4065\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4066\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4067\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4068\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4078\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4079\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4101\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4102\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4102\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-38013\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.2', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-96.0.4664.110-lp152.2.143.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-96.0.4664.110-lp152.2.143.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:59:16", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1350-1 advisory.\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\n - : Inappropriate implementation in Blink graphics. (CVE-2021-37960)\n\n - Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37961)\n\n - Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37962)\n\n - Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to bypass site isolation via a crafted HTML page. (CVE-2021-37963)\n\n - Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation attack via a crafted ONC file. (CVE-2021-37964)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-37965, CVE-2021-37968)\n\n - Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37966)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (CVE-2021-37967)\n\n - Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file. (CVE-2021-37969)\n\n - Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37970)\n\n - Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37971)\n\n - Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37972)\n\n - Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37973)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\n - : Use after free in Garbage Collection. (CVE-2021-37977)\n\n - This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. (CVE-2021-37978)\n\n - : Heap buffer overflow in WebRTC. (CVE-2021-37979)\n\n - : Inappropriate implementation in Sandbox. (CVE-2021-37980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-13T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1350-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37956", "CVE-2021-37957", "CVE-2021-37958", "CVE-2021-37959", "CVE-2021-37960", "CVE-2021-37961", "CVE-2021-37962", "CVE-2021-37963", "CVE-2021-37964", "CVE-2021-37965", "CVE-2021-37966", "CVE-2021-37967", "CVE-2021-37968", "CVE-2021-37969", "CVE-2021-37970", "CVE-2021-37971", "CVE-2021-37972", "CVE-2021-37973", "CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-1350.NASL", "href": "https://www.tenable.com/plugins/nessus/154079", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1350-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154079);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-37956\",\n \"CVE-2021-37957\",\n \"CVE-2021-37958\",\n \"CVE-2021-37959\",\n \"CVE-2021-37960\",\n \"CVE-2021-37961\",\n \"CVE-2021-37962\",\n \"CVE-2021-37963\",\n \"CVE-2021-37964\",\n \"CVE-2021-37965\",\n \"CVE-2021-37966\",\n \"CVE-2021-37967\",\n \"CVE-2021-37968\",\n \"CVE-2021-37969\",\n \"CVE-2021-37970\",\n \"CVE-2021-37971\",\n \"CVE-2021-37972\",\n \"CVE-2021-37973\",\n \"CVE-2021-37974\",\n \"CVE-2021-37975\",\n \"CVE-2021-37976\",\n \"CVE-2021-37977\",\n \"CVE-2021-37978\",\n \"CVE-2021-37979\",\n \"CVE-2021-37980\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0438-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0448-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0449-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0459-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1350-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1350-1 advisory.\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a\n remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a\n user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\n - : Inappropriate implementation in Blink graphics. (CVE-2021-37960)\n\n - Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37961)\n\n - Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who\n had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37962)\n\n - Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote\n attacker to bypass site isolation via a crafted HTML page. (CVE-2021-37963)\n\n - Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54\n allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation\n attack via a crafted ONC file. (CVE-2021-37964)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a\n remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-37965, CVE-2021-37968)\n\n - Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a\n remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37966)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a\n remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML\n page. (CVE-2021-37967)\n\n - Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a\n remote attacker to perform local privilege escalation via a crafted file. (CVE-2021-37969)\n\n - Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37970)\n\n - Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker\n to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37971)\n\n - Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37972)\n\n - Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37973)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to\n obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\n - : Use after free in Garbage Collection. (CVE-2021-37977)\n\n - This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this\n vulnerability. Please see Google Chrome Releases for more information. (CVE-2021-37978)\n\n - : Heap buffer overflow in WebRTC. (CVE-2021-37979)\n\n - : Inappropriate implementation in Sandbox. (CVE-2021-37980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191204\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191463\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FGCILKKE7TLKATFOFTDHZ573UHODPDOM/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ba7d1788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37957\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37958\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37961\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37963\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37964\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37965\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37970\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37973\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37976\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37979\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37980\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37979\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-37973\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.2', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-94.0.4606.81-lp152.2.132.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-94.0.4606.81-lp152.2.132.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:51", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1339-1 advisory.\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\n - : Inappropriate implementation in Blink graphics. (CVE-2021-37960)\n\n - Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37961)\n\n - Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37962)\n\n - Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to bypass site isolation via a crafted HTML page. (CVE-2021-37963)\n\n - Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation attack via a crafted ONC file. (CVE-2021-37964)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-37965, CVE-2021-37968)\n\n - Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37966)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (CVE-2021-37967)\n\n - Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file. (CVE-2021-37969)\n\n - Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37970)\n\n - Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37971)\n\n - Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37972)\n\n - Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37973)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-12T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1339-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37956", "CVE-2021-37957", "CVE-2021-37958", "CVE-2021-37959", "CVE-2021-37960", "CVE-2021-37961", "CVE-2021-37962", "CVE-2021-37963", "CVE-2021-37964", "CVE-2021-37965", "CVE-2021-37966", "CVE-2021-37967", "CVE-2021-37968", "CVE-2021-37969", "CVE-2021-37970", "CVE-2021-37971", "CVE-2021-37972", "CVE-2021-37973", "CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-1339.NASL", "href": "https://www.tenable.com/plugins/nessus/154006", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1339-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154006);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-37956\",\n \"CVE-2021-37957\",\n \"CVE-2021-37958\",\n \"CVE-2021-37959\",\n \"CVE-2021-37960\",\n \"CVE-2021-37961\",\n \"CVE-2021-37962\",\n \"CVE-2021-37963\",\n \"CVE-2021-37964\",\n \"CVE-2021-37965\",\n \"CVE-2021-37966\",\n \"CVE-2021-37967\",\n \"CVE-2021-37968\",\n \"CVE-2021-37969\",\n \"CVE-2021-37970\",\n \"CVE-2021-37971\",\n \"CVE-2021-37972\",\n \"CVE-2021-37973\",\n \"CVE-2021-37974\",\n \"CVE-2021-37975\",\n \"CVE-2021-37976\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1339-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1339-1 advisory.\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a\n remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a\n user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\n - : Inappropriate implementation in Blink graphics. (CVE-2021-37960)\n\n - Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37961)\n\n - Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who\n had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37962)\n\n - Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote\n attacker to bypass site isolation via a crafted HTML page. (CVE-2021-37963)\n\n - Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54\n allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation\n attack via a crafted ONC file. (CVE-2021-37964)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a\n remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-37965, CVE-2021-37968)\n\n - Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a\n remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37966)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a\n remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML\n page. (CVE-2021-37967)\n\n - Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a\n remote attacker to perform local privilege escalation via a crafted file. (CVE-2021-37969)\n\n - Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37970)\n\n - Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker\n to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37971)\n\n - Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37972)\n\n - Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37973)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to\n obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191204\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GDJ2M5H37726GXT3YZBJRSXV3JYGN7CL/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d6c232f4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37957\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37958\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37961\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37963\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37964\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37965\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37970\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37973\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37976\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37975\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-37973\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-94.0.4606.71-bp153.2.31.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromedriver-94.0.4606.71-bp153.2.31.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-94.0.4606.71-bp153.2.31.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-94.0.4606.71-bp153.2.31.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-05T14:58:40", "description": "The version of Google Chrome installed on the remote macOS host is prior to 94.0.4606.54. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_09_stable-channel-update-for-desktop_21 advisory.\n\n - Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37970)\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-09-21T00:00:00", "type": "nessus", "title": "Google Chrome < 94.0.4606.54 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37956", "CVE-2021-37957", "CVE-2021-37958", "CVE-2021-37959", "CVE-2021-37961", "CVE-2021-37962", "CVE-2021-37963", "CVE-2021-37964", "CVE-2021-37965", "CVE-2021-37966", "CVE-2021-37967", "CVE-2021-37968", "CVE-2021-37969", "CVE-2021-37970", "CVE-2021-37971", "CVE-2021-37972"], "modified": "2021-10-19T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_94_0_4606_54.NASL", "href": "https://www.tenable.com/plugins/nessus/153516", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153516);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/19\");\n\n script_cve_id(\n \"CVE-2021-37956\",\n \"CVE-2021-37957\",\n \"CVE-2021-37958\",\n \"CVE-2021-37959\",\n \"CVE-2021-37961\",\n \"CVE-2021-37962\",\n \"CVE-2021-37963\",\n \"CVE-2021-37964\",\n \"CVE-2021-37965\",\n \"CVE-2021-37966\",\n \"CVE-2021-37967\",\n \"CVE-2021-37968\",\n \"CVE-2021-37969\",\n \"CVE-2021-37970\",\n \"CVE-2021-37971\",\n \"CVE-2021-37972\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0438-S\");\n\n script_name(english:\"Google Chrome < 94.0.4606.54 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 94.0.4606.54. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2021_09_stable-channel-update-for-desktop_21 advisory.\n\n - Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37970)\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a\n remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a\n user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9293f232\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1243117\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1242269\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1223290\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1229625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1247196\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1228557\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1231933\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1199865\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1203612\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1239709\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1238944\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1243622\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1245053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1245879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1248030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1219354\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1234259\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 94.0.4606.54 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37972\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'94.0.4606.54', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:59", "description": "The version of Google Chrome installed on the remote macOS host is prior to 96.0.4664.45. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_11_stable-channel-update-for-desktop advisory.\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-15T00:00:00", "type": "nessus", "title": "Google Chrome < 96.0.4664.45 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022"], "modified": "2022-05-06T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_96_0_4664_45.NASL", "href": "https://www.tenable.com/plugins/nessus/155353", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155353);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2021-38005\",\n \"CVE-2021-38006\",\n \"CVE-2021-38007\",\n \"CVE-2021-38008\",\n \"CVE-2021-38009\",\n \"CVE-2021-38010\",\n \"CVE-2021-38011\",\n \"CVE-2021-38012\",\n \"CVE-2021-38013\",\n \"CVE-2021-38014\",\n \"CVE-2021-38015\",\n \"CVE-2021-38016\",\n \"CVE-2021-38017\",\n \"CVE-2021-38018\",\n \"CVE-2021-38019\",\n \"CVE-2021-38020\",\n \"CVE-2021-38021\",\n \"CVE-2021-38022\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0555-S\");\n\n script_name(english:\"Google Chrome < 96.0.4664.45 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 96.0.4664.45. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2021_11_stable-channel-update-for-desktop advisory.\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8cf8e77e\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1254189\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1263620\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1260649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1240593\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1241091\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1264477\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1268274\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1262791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1242392\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1248567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/957553\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1244289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1256822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1197889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1251179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1259694\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1233375\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1248862\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 96.0.4664.45 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38017\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-38013\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'96.0.4664.45', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:59", "description": "The version of Google Chrome installed on the remote Windows host is prior to 96.0.4664.45. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_11_stable-channel-update-for-desktop advisory.\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-15T00:00:00", "type": "nessus", "title": "Google Chrome < 96.0.4664.45 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022"], "modified": "2022-05-06T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_96_0_4664_45.NASL", "href": "https://www.tenable.com/plugins/nessus/155352", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155352);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2021-38005\",\n \"CVE-2021-38006\",\n \"CVE-2021-38007\",\n \"CVE-2021-38008\",\n \"CVE-2021-38009\",\n \"CVE-2021-38010\",\n \"CVE-2021-38011\",\n \"CVE-2021-38012\",\n \"CVE-2021-38013\",\n \"CVE-2021-38014\",\n \"CVE-2021-38015\",\n \"CVE-2021-38016\",\n \"CVE-2021-38017\",\n \"CVE-2021-38018\",\n \"CVE-2021-38019\",\n \"CVE-2021-38020\",\n \"CVE-2021-38021\",\n \"CVE-2021-38022\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0555-S\");\n\n script_name(english:\"Google Chrome < 96.0.4664.45 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 96.0.4664.45. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2021_11_stable-channel-update-for-desktop advisory.\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8cf8e77e\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1254189\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1263620\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1260649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1240593\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1241091\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1264477\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1268274\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1262791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1242392\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1248567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/957553\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1244289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1256822\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1197889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1251179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1259694\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1233375\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1248862\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 96.0.4664.45 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38017\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-38013\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'96.0.4664.45', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-28T14:30:38", "description": "The version of Google Chrome installed on the remote Windows host is prior to 95.0.4638.54. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop_19 advisory.\n\n - Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)\n\n - Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-19T00:00:00", "type": "nessus", "title": "Google Chrome < 95.0.4638.54 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_95_0_4638_54.NASL", "href": "https://www.tenable.com/plugins/nessus/154238", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154238);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-37981\",\n \"CVE-2021-37982\",\n \"CVE-2021-37983\",\n \"CVE-2021-37984\",\n \"CVE-2021-37985\",\n \"CVE-2021-37986\",\n \"CVE-2021-37987\",\n \"CVE-2021-37988\",\n \"CVE-2021-37989\",\n \"CVE-2021-37990\",\n \"CVE-2021-37991\",\n \"CVE-2021-37992\",\n \"CVE-2021-37993\",\n \"CVE-2021-37994\",\n \"CVE-2021-37995\",\n \"CVE-2021-37996\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0491-S\");\n\n script_name(english:\"Google Chrome < 95.0.4638.54 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 95.0.4638.54. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop_19 advisory.\n\n - Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)\n\n - Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c0836418\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1246631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1248661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1249810\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1253399\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1241860\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1242404\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1206928\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1228248\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1233067\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1247395\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1250660\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1253746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1255332\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1243020\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1100761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1242315\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 95.0.4638.54 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37993\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-37981\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'95.0.4638.54', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-05T14:58:29", "description": "The version of Google Chrome installed on the remote Windows host is prior to 94.0.4606.54. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_09_stable-channel-update-for-desktop_21 advisory.\n\n - Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37970)\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-09-21T00:00:00", "type": "nessus", "title": "Google Chrome < 94.0.4606.54 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37956", "CVE-2021-37957", "CVE-2021-37958", "CVE-2021-37959", "CVE-2021-37961", "CVE-2021-37962", "CVE-2021-37963", "CVE-2021-37964", "CVE-2021-37965", "CVE-2021-37966", "CVE-2021-37967", "CVE-2021-37968", "CVE-2021-37969", "CVE-2021-37970", "CVE-2021-37971", "CVE-2021-37972"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_94_0_4606_54.NASL", "href": "https://www.tenable.com/plugins/nessus/153515", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153515);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2021-37956\",\n \"CVE-2021-37957\",\n \"CVE-2021-37958\",\n \"CVE-2021-37959\",\n \"CVE-2021-37961\",\n \"CVE-2021-37962\",\n \"CVE-2021-37963\",\n \"CVE-2021-37964\",\n \"CVE-2021-37965\",\n \"CVE-2021-37966\",\n \"CVE-2021-37967\",\n \"CVE-2021-37968\",\n \"CVE-2021-37969\",\n \"CVE-2021-37970\",\n \"CVE-2021-37971\",\n \"CVE-2021-37972\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0438-S\");\n\n script_name(english:\"Google Chrome < 94.0.4606.54 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 94.0.4606.54. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2021_09_stable-channel-update-for-desktop_21 advisory.\n\n - Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37970)\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a\n remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a\n user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9293f232\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1243117\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1242269\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1223290\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1229625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1247196\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1228557\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1231933\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1199865\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1203612\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1239709\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1238944\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1243622\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1245053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1245879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1248030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1219354\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1234259\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 94.0.4606.54 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37972\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'94.0.4606.54', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-28T14:35:27", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1392-1 advisory.\n\n - : Heap buffer overflow in Skia. (CVE-2021-37981)\n\n - : Use after free in Incognito. (CVE-2021-37982)\n\n - : Use after free in Dev Tools. (CVE-2021-37983)\n\n - : Heap buffer overflow in PDFium. (CVE-2021-37984)\n\n - : Use after free in V8. (CVE-2021-37985)\n\n - : Heap buffer overflow in Settings. (CVE-2021-37986)\n\n - : Use after free in Network APIs. (CVE-2021-37987)\n\n - : Use after free in Profiles. (CVE-2021-37988)\n\n - : Inappropriate implementation in Blink. (CVE-2021-37989)\n\n - : Inappropriate implementation in WebView. (CVE-2021-37990)\n\n - : Race in V8. (CVE-2021-37991)\n\n - : Out of bounds read in WebAudio. (CVE-2021-37992)\n\n - : Use after free in PDF Accessibility. (CVE-2021-37993)\n\n - : Inappropriate implementation in iFrame Sandbox. (CVE-2021-37994)\n\n - : Inappropriate implementation in WebApp Installer. (CVE-2021-37995)\n\n - : Insufficient validation of untrusted input in Downloads. (CVE-2021-37996)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-27T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1392-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-1392.NASL", "href": "https://www.tenable.com/plugins/nessus/154513", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1392-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154513);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-37981\",\n \"CVE-2021-37982\",\n \"CVE-2021-37983\",\n \"CVE-2021-37984\",\n \"CVE-2021-37985\",\n \"CVE-2021-37986\",\n \"CVE-2021-37987\",\n \"CVE-2021-37988\",\n \"CVE-2021-37989\",\n \"CVE-2021-37990\",\n \"CVE-2021-37991\",\n \"CVE-2021-37992\",\n \"CVE-2021-37993\",\n \"CVE-2021-37994\",\n \"CVE-2021-37995\",\n \"CVE-2021-37996\"\n );\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1392-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1392-1 advisory.\n\n - : Heap buffer overflow in Skia. (CVE-2021-37981)\n\n - : Use after free in Incognito. (CVE-2021-37982)\n\n - : Use after free in Dev Tools. (CVE-2021-37983)\n\n - : Heap buffer overflow in PDFium. (CVE-2021-37984)\n\n - : Use after free in V8. (CVE-2021-37985)\n\n - : Heap buffer overflow in Settings. (CVE-2021-37986)\n\n - : Use after free in Network APIs. (CVE-2021-37987)\n\n - : Use after free in Profiles. (CVE-2021-37988)\n\n - : Inappropriate implementation in Blink. (CVE-2021-37989)\n\n - : Inappropriate implementation in WebView. (CVE-2021-37990)\n\n - : Race in V8. (CVE-2021-37991)\n\n - : Out of bounds read in WebAudio. (CVE-2021-37992)\n\n - : Use after free in PDF Accessibility. (CVE-2021-37993)\n\n - : Inappropriate implementation in iFrame Sandbox. (CVE-2021-37994)\n\n - : Inappropriate implementation in WebApp Installer. (CVE-2021-37995)\n\n - : Insufficient validation of untrusted input in Downloads. (CVE-2021-37996)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191844\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PA4QP5O5NS7MLCPJRQA74564MFVWF24/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?73a3f306\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37981\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37983\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37985\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37987\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37988\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37989\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37990\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37991\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37993\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37996\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37993\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-37981\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-95.0.4638.54-bp153.2.37.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromedriver-95.0.4638.54-bp153.2.37.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-95.0.4638.54-bp153.2.37.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-95.0.4638.54-bp153.2.37.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-28T14:33:45", "description": "Chrome Releases reports :\n\nThis release contains 19 security fixes, including :\n\n- [1246631] High CVE-2021-37981: Heap buffer overflow in Skia.\nReported by Yangkang (@dnpushme) of 360 ATA on 2021-09-04\n\n- [1248661] High CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-09-11\n\n- [1249810] High CVE-2021-37983: Use after free in Dev Tools. Reported by Zhihua Yao of KunLun Lab on 2021-09-15\n\n- [1253399] High CVE-2021-37984: Heap buffer overflow in PDFium.\nReported by Antti Levomaki, Joonas Pihlaja andChristian Jali from Forcepoint on 2021-09-27\n\n- [1241860] High CVE-2021-37985: Use after free in V8. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-08-20\n\n- [1242404] Medium CVE-2021-37986: Heap buffer overflow in Settings.\nReported by raven (@raid_akame) on 2021-08-23\n\n- [1206928] Medium CVE-2021-37987: Use after free in Network APIs.\nReported by Yangkang (@dnpushme) of 360 ATA on 2021-05-08\n\n- [1228248] Medium CVE-2021-37988: Use after free in Profiles.\nReported by raven (@raid_akame) on 2021-07-12\n\n- [1233067] Medium CVE-2021-37989: Inappropriate implementation in Blink. Reported by Matt Dyas, Ankur Sundara on 2021-07-26\n\n- [1247395] Medium CVE-2021-37990: Inappropriate implementation in WebView. Reported by Kareem Selim of CyShield on 2021-09-07\n\n- [1250660] Medium CVE-2021-37991: Race in V8. Reported by Samuel Gross of Google Project Zero on 2021-09-17\n\n- [1253746] Medium CVE-2021-37992: Out of bounds read in WebAudio.\nReported by sunburst@Ant Security Light-Year Lab on 2021-09-28\n\n- [1255332] Medium CVE-2021-37993: Use after free in PDF Accessibility. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-10-02\n\n- [1243020] Medium CVE-2021-37996: Insufficient validation of untrusted input in Downloads. Reported by Anonymous on 2021-08-24\n\n- [1100761] Low CVE-2021-37994: Inappropriate implementation in iFrame Sandbox. Reported by David Erceg on 2020-06-30\n\n- [1242315] Low CVE-2021-37995: Inappropriate implementation in WebApp Installer. Reported by Terence Eden on 2021-08-23", "cvss3": {}, "published": "2021-10-21T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (bdaecfad-3117-11ec-b3b0-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_BDAECFAD311711ECB3B03065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/154316", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154316);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-37981\",\n \"CVE-2021-37982\",\n \"CVE-2021-37983\",\n \"CVE-2021-37984\",\n \"CVE-2021-37985\",\n \"CVE-2021-37986\",\n \"CVE-2021-37987\",\n \"CVE-2021-37988\",\n \"CVE-2021-37989\",\n \"CVE-2021-37990\",\n \"CVE-2021-37991\",\n \"CVE-2021-37992\",\n \"CVE-2021-37993\",\n \"CVE-2021-37994\",\n \"CVE-2021-37995\",\n \"CVE-2021-37996\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0491-S\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (bdaecfad-3117-11ec-b3b0-3065ec8fd3ec)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Chrome Releases reports :\n\nThis release contains 19 security fixes, including :\n\n- [1246631] High CVE-2021-37981: Heap buffer overflow in Skia.\nReported by Yangkang (@dnpushme) of 360 ATA on 2021-09-04\n\n- [1248661] High CVE-2021-37982: Use after free in Incognito. Reported\nby Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin\nGroup on 2021-09-11\n\n- [1249810] High CVE-2021-37983: Use after free in Dev Tools. Reported\nby Zhihua Yao of KunLun Lab on 2021-09-15\n\n- [1253399] High CVE-2021-37984: Heap buffer overflow in PDFium.\nReported by Antti Levomaki, Joonas Pihlaja andChristian Jali from\nForcepoint on 2021-09-27\n\n- [1241860] High CVE-2021-37985: Use after free in V8. Reported by\nYangkang (@dnpushme) of 360 ATA on 2021-08-20\n\n- [1242404] Medium CVE-2021-37986: Heap buffer overflow in Settings.\nReported by raven (@raid_akame) on 2021-08-23\n\n- [1206928] Medium CVE-2021-37987: Use after free in Network APIs.\nReported by Yangkang (@dnpushme) of 360 ATA on 2021-05-08\n\n- [1228248] Medium CVE-2021-37988: Use after free in Profiles.\nReported by raven (@raid_akame) on 2021-07-12\n\n- [1233067] Medium CVE-2021-37989: Inappropriate implementation in\nBlink. Reported by Matt Dyas, Ankur Sundara on 2021-07-26\n\n- [1247395] Medium CVE-2021-37990: Inappropriate implementation in\nWebView. Reported by Kareem Selim of CyShield on 2021-09-07\n\n- [1250660] Medium CVE-2021-37991: Race in V8. Reported by Samuel\nGross of Google Project Zero on 2021-09-17\n\n- [1253746] Medium CVE-2021-37992: Out of bounds read in WebAudio.\nReported by sunburst@Ant Security Light-Year Lab on 2021-09-28\n\n- [1255332] Medium CVE-2021-37993: Use after free in PDF\nAccessibility. Reported by Cassidy Kim of Amber Security Lab, OPPO\nMobile Telecommunications Corp. Ltd. on 2021-10-02\n\n- [1243020] Medium CVE-2021-37996: Insufficient validation of\nuntrusted input in Downloads. Reported by Anonymous on 2021-08-24\n\n- [1100761] Low CVE-2021-37994: Inappropriate implementation in iFrame\nSandbox. Reported by David Erceg on 2020-06-30\n\n- [1242315] Low CVE-2021-37995: Inappropriate implementation in WebApp\nInstaller. Reported by Terence Eden on 2021-08-23\");\n # https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c0836418\");\n # https://vuxml.freebsd.org/freebsd/bdaecfad-3117-11ec-b3b0-3065ec8fd3ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ae669e5c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37993\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-37981\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<95.0.4638.54\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-28T14:40:40", "description": "The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1488-1 advisory.\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)\n\n - Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\n - Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37985)\n\n - Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37986)\n\n - Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37987)\n\n - Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37988)\n\n - Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page. (CVE-2021-37989)\n\n - Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app. (CVE-2021-37990)\n\n - Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37991)\n\n - Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37992)\n\n - Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)\n\n - Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-37994)\n\n - Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-37995)\n\n - Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file. (CVE-2021-37996)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-20T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : opera (openSUSE-SU-2021:1488-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996"], "modified": "2022-05-06T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:opera", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-1488.NASL", "href": "https://www.tenable.com/plugins/nessus/155652", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1488-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155652);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2021-37981\",\n \"CVE-2021-37982\",\n \"CVE-2021-37983\",\n \"CVE-2021-37984\",\n \"CVE-2021-37985\",\n \"CVE-2021-37986\",\n \"CVE-2021-37987\",\n \"CVE-2021-37988\",\n \"CVE-2021-37989\",\n \"CVE-2021-37990\",\n \"CVE-2021-37991\",\n \"CVE-2021-37992\",\n \"CVE-2021-37993\",\n \"CVE-2021-37994\",\n \"CVE-2021-37995\",\n \"CVE-2021-37996\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0491-S\");\n\n script_name(english:\"openSUSE 15 Security Update : opera (openSUSE-SU-2021:1488-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1488-1 advisory.\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)\n\n - Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\n - Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a\n user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37985)\n\n - Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37986)\n\n - Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37987)\n\n - Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced\n a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37988)\n\n - Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n abuse content security policy via a crafted HTML page. (CVE-2021-37989)\n\n - Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote\n attacker to leak cross-origin data via a crafted app. (CVE-2021-37990)\n\n - Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2021-37991)\n\n - Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37992)\n\n - Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)\n\n - Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote\n attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-37994)\n\n - Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote\n attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-37995)\n\n - Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a\n remote attacker to bypass navigation restrictions via a malicious file. (CVE-2021-37996)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2KPG5DWW4SNUCP3CCQ2LC7L3RKCFTIAA/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2a94c608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37981\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37983\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37985\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37987\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37988\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37989\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37990\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37991\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37993\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37996\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected opera package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37993\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-37981\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.2', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'opera-81.0.4196.31-lp152.2.76.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'opera');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-28T14:33:32", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1396-1 advisory.\n\n - : Heap buffer overflow in Skia. (CVE-2021-37981)\n\n - : Use after free in Incognito. (CVE-2021-37982)\n\n - : Use after free in Dev Tools. (CVE-2021-37983)\n\n - : Heap buffer overflow in PDFium. (CVE-2021-37984)\n\n - : Use after free in V8. (CVE-2021-37985)\n\n - : Heap buffer overflow in Settings. (CVE-2021-37986)\n\n - : Use after free in Network APIs. (CVE-2021-37987)\n\n - : Use after free in Profiles. (CVE-2021-37988)\n\n - : Inappropriate implementation in Blink. (CVE-2021-37989)\n\n - : Inappropriate implementation in WebView. (CVE-2021-37990)\n\n - : Race in V8. (CVE-2021-37991)\n\n - : Out of bounds read in WebAudio. (CVE-2021-37992)\n\n - : Use after free in PDF Accessibility. (CVE-2021-37993)\n\n - : Inappropriate implementation in iFrame Sandbox. (CVE-2021-37994)\n\n - : Inappropriate implementation in WebApp Installer. (CVE-2021-37995)\n\n - : Insufficient validation of untrusted input in Downloads. (CVE-2021-37996)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-31T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1396-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-1396.NASL", "href": "https://www.tenable.com/plugins/nessus/154748", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1396-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154748);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-37981\",\n \"CVE-2021-37982\",\n \"CVE-2021-37983\",\n \"CVE-2021-37984\",\n \"CVE-2021-37985\",\n \"CVE-2021-37986\",\n \"CVE-2021-37987\",\n \"CVE-2021-37988\",\n \"CVE-2021-37989\",\n \"CVE-2021-37990\",\n \"CVE-2021-37991\",\n \"CVE-2021-37992\",\n \"CVE-2021-37993\",\n \"CVE-2021-37994\",\n \"CVE-2021-37995\",\n \"CVE-2021-37996\"\n );\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1396-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1396-1 advisory.\n\n - : Heap buffer overflow in Skia. (CVE-2021-37981)\n\n - : Use after free in Incognito. (CVE-2021-37982)\n\n - : Use after free in Dev Tools. (CVE-2021-37983)\n\n - : Heap buffer overflow in PDFium. (CVE-2021-37984)\n\n - : Use after free in V8. (CVE-2021-37985)\n\n - : Heap buffer overflow in Settings. (CVE-2021-37986)\n\n - : Use after free in Network APIs. (CVE-2021-37987)\n\n - : Use after free in Profiles. (CVE-2021-37988)\n\n - : Inappropriate implementation in Blink. (CVE-2021-37989)\n\n - : Inappropriate implementation in WebView. (CVE-2021-37990)\n\n - : Race in V8. (CVE-2021-37991)\n\n - : Out of bounds read in WebAudio. (CVE-2021-37992)\n\n - : Use after free in PDF Accessibility. (CVE-2021-37993)\n\n - : Inappropriate implementation in iFrame Sandbox. (CVE-2021-37994)\n\n - : Inappropriate implementation in WebApp Installer. (CVE-2021-37995)\n\n - : Insufficient validation of untrusted input in Downloads. (CVE-2021-37996)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191844\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JYLHMZTJJPI73VMWKC3ARZ4PIBXUS3VM/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1ef07378\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37981\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37983\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37985\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37987\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37988\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37989\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37990\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37991\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37993\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37996\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37993\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-37981\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.2', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-95.0.4638.54-lp152.2.135.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-95.0.4638.54-lp152.2.135.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-28T14:31:21", "description": "The version of Google Chrome installed on the remote macOS host is prior to 95.0.4638.54. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop_19 advisory.\n\n - Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)\n\n - Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-19T00:00:00", "type": "nessus", "title": "Google Chrome < 95.0.4638.54 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_95_0_4638_54.NASL", "href": "https://www.tenable.com/plugins/nessus/154239", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154239);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-37981\",\n \"CVE-2021-37982\",\n \"CVE-2021-37983\",\n \"CVE-2021-37984\",\n \"CVE-2021-37985\",\n \"CVE-2021-37986\",\n \"CVE-2021-37987\",\n \"CVE-2021-37988\",\n \"CVE-2021-37989\",\n \"CVE-2021-37990\",\n \"CVE-2021-37991\",\n \"CVE-2021-37992\",\n \"CVE-2021-37993\",\n \"CVE-2021-37994\",\n \"CVE-2021-37995\",\n \"CVE-2021-37996\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0491-S\");\n\n script_name(english:\"Google Chrome < 95.0.4638.54 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 95.0.4638.54. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop_19 advisory.\n\n - Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)\n\n - Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c0836418\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1246631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1248661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1249810\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1253399\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1241860\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1242404\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1206928\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1228248\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1233067\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1247395\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1250660\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1253746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1255332\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1243020\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1100761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1242315\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 95.0.4638.54 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37993\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-37981\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'95.0.4638.54', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-28T14:33:45", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 95.0.1020.30. It is, therefore, affected by multiple vulnerabilities as referenced in the October 21, 2021 advisory.\n\n - Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)\n\n - Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-21T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 95.0.1020.30 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996", "CVE-2021-42307"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_95_0_1020_30.NASL", "href": "https://www.tenable.com/plugins/nessus/154327", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154327);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-37981\",\n \"CVE-2021-37982\",\n \"CVE-2021-37983\",\n \"CVE-2021-37984\",\n \"CVE-2021-37985\",\n \"CVE-2021-37986\",\n \"CVE-2021-37987\",\n \"CVE-2021-37988\",\n \"CVE-2021-37989\",\n \"CVE-2021-37990\",\n \"CVE-2021-37991\",\n \"CVE-2021-37992\",\n \"CVE-2021-37993\",\n \"CVE-2021-37994\",\n \"CVE-2021-37995\",\n \"CVE-2021-37996\",\n \"CVE-2021-42307\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0491-S\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 95.0.1020.30 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 95.0.1020.30. It is, therefore, affected\nby multiple vulnerabilities as referenced in the October 21, 2021 advisory.\n\n - Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)\n\n - Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#october-21-2021\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6d633bfe\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37981\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37983\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37985\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37987\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37988\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37989\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37990\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37991\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37993\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37996\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42307\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 95.0.1020.30 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37993\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-37981\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '95.0.1020.30' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-05T14:58:40", "description": "Chrome Releases reports :\n\nThis update contains 19 security fixes, including :\n\n- [1243117] High CVE-2021-37956: Use after free in Offline use.\nReported by Huyna at Viettel Cyber Security on 2021-08-24\n\n- [1242269] High CVE-2021-37957: Use after free in WebGPU. Reported by Looben Yang on 2021-08-23\n\n- [1223290] High CVE-2021-37958: Inappropriate implementation in Navigation. Reported by James Lee (@Windowsrcer) on 2021-06-24\n\n- [1229625] High CVE-2021-37959: Use after free in Task Manager.\nReported by raven (@raid_akame) on 2021-07-15\n\n- [1247196] High CVE-2021-37960: Inappropriate implementation in Blink graphics. Reported by Atte Kettunen of OUSPG on 2021-09-07\n\n- [1228557] Medium CVE-2021-37961: Use after free in Tab Strip.\nReported by Khalil Zhani on 2021-07-13\n\n- [1231933] Medium CVE-2021-37962: Use after free in Performance Manager. Reported by Sri on 2021-07-22\n\n- [1199865] Medium CVE-2021-37963: Side-channel information leakage in DevTools. Reported by Daniel Genkin and Ayush Agarwal, University of Michigan, Eyal Ronen and Shaked Yehezkel, Tel Aviv University, Sioli O'Connell, University of Adelaide, and Jason Kim, Georgia Institute of Technology on 2021-04-16\n\n- [1203612] Medium CVE-2021-37964: Inappropriate implementation in ChromeOS Networking. Reported by Hugo Hue and Sze Yiu Chau of the Chinese University of Hong Kong on 2021-04-28\n\n- [1239709] Medium CVE-2021-37965: Inappropriate implementation in Background Fetch API. Reported by Maurice Dauer on 2021-08-13\n\n- [1238944] Medium CVE-2021-37966: Inappropriate implementation in Compositing. Reported by Mohit Raj (shadow2639) on 2021-08-11\n\n- [1243622] Medium CVE-2021-37967: Inappropriate implementation in Background Fetch API. Reported by SorryMybad (@S0rryMybad) of Kunlun Lab on 2021-08-26\n\n- [1245053] Medium CVE-2021-37968: Inappropriate implementation in Background Fetch API. Reported by Maurice Dauer on 2021-08-30\n\n- [1245879] Medium CVE-2021-37969: Inappropriate implementation in Google Updater. Reported by Abdelhamid Naceri (halov) on 2021-09-02\n\n- [1248030] Medium CVE-2021-37970: Use after free in File System API.\nReported by SorryMybad (@S0rryMybad) of Kunlun Lab on 2021-09-09\n\n- [1219354] Low CVE-2021-37971: Incorrect security UI in Web Browser UI. Reported by Rayyan Bijoora on 2021-06-13\n\n- [1234259] Low CVE-2021-37972: Out of bounds read in libjpeg-turbo.\nReported by Xu Hanyu and Lu Yutao from Panguite-Forensics-Lab of Qianxin on 2021-07-29", "cvss3": {}, "published": "2021-10-01T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (3551e106-1b17-11ec-a8a7-704d7b472482)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37956", "CVE-2021-37957", "CVE-2021-37958", "CVE-2021-37959", "CVE-2021-37960", "CVE-2021-37961", "CVE-2021-37962", "CVE-2021-37963", "CVE-2021-37964", "CVE-2021-37965", "CVE-2021-37966", "CVE-2021-37967", "CVE-2021-37968", "CVE-2021-37969", "CVE-2021-37970", "CVE-2021-37971", "CVE-2021-37972"], "modified": "2021-10-14T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_3551E1061B1711ECA8A7704D7B472482.NASL", "href": "https://www.tenable.com/plugins/nessus/153826", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(153826);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/14\");\n\n script_cve_id(\"CVE-2021-37956\", \"CVE-2021-37957\", \"CVE-2021-37958\", \"CVE-2021-37959\", \"CVE-2021-37960\", \"CVE-2021-37961\", \"CVE-2021-37962\", \"CVE-2021-37963\", \"CVE-2021-37964\", \"CVE-2021-37965\", \"CVE-2021-37966\", \"CVE-2021-37967\", \"CVE-2021-37968\", \"CVE-2021-37969\", \"CVE-2021-37970\", \"CVE-2021-37971\", \"CVE-2021-37972\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (3551e106-1b17-11ec-a8a7-704d7b472482)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Chrome Releases reports :\n\nThis update contains 19 security fixes, including :\n\n- [1243117] High CVE-2021-37956: Use after free in Offline use.\nReported by Huyna at Viettel Cyber Security on 2021-08-24\n\n- [1242269] High CVE-2021-37957: Use after free in WebGPU. Reported by\nLooben Yang on 2021-08-23\n\n- [1223290] High CVE-2021-37958: Inappropriate implementation in\nNavigation. Reported by James Lee (@Windowsrcer) on 2021-06-24\n\n- [1229625] High CVE-2021-37959: Use after free in Task Manager.\nReported by raven (@raid_akame) on 2021-07-15\n\n- [1247196] High CVE-2021-37960: Inappropriate implementation in Blink\ngraphics. Reported by Atte Kettunen of OUSPG on 2021-09-07\n\n- [1228557] Medium CVE-2021-37961: Use after free in Tab Strip.\nReported by Khalil Zhani on 2021-07-13\n\n- [1231933] Medium CVE-2021-37962: Use after free in Performance\nManager. Reported by Sri on 2021-07-22\n\n- [1199865] Medium CVE-2021-37963: Side-channel information leakage in\nDevTools. Reported by Daniel Genkin and Ayush Agarwal, University of\nMichigan, Eyal Ronen and Shaked Yehezkel, Tel Aviv University, Sioli\nO'Connell, University of Adelaide, and Jason Kim, Georgia Institute of\nTechnology on 2021-04-16\n\n- [1203612] Medium CVE-2021-37964: Inappropriate implementation in\nChromeOS Networking. Reported by Hugo Hue and Sze Yiu Chau of the\nChinese University of Hong Kong on 2021-04-28\n\n- [1239709] Medium CVE-2021-37965: Inappropriate implementation in\nBackground Fetch API. Reported by Maurice Dauer on 2021-08-13\n\n- [1238944] Medium CVE-2021-37966: Inappropriate implementation in\nCompositing. Reported by Mohit Raj (shadow2639) on 2021-08-11\n\n- [1243622] Medium CVE-2021-37967: Inappropriate implementation in\nBackground Fetch API. Reported by SorryMybad (@S0rryMybad) of Kunlun\nLab on 2021-08-26\n\n- [1245053] Medium CVE-2021-37968: Inappropriate implementation in\nBackground Fetch API. Reported by Maurice Dauer on 2021-08-30\n\n- [1245879] Medium CVE-2021-37969: Inappropriate implementation in\nGoogle Updater. Reported by Abdelhamid Naceri (halov) on 2021-09-02\n\n- [1248030] Medium CVE-2021-37970: Use after free in File System API.\nReported by SorryMybad (@S0rryMybad) of Kunlun Lab on 2021-09-09\n\n- [1219354] Low CVE-2021-37971: Incorrect security UI in Web Browser\nUI. Reported by Rayyan Bijoora on 2021-06-13\n\n- [1234259] Low CVE-2021-37972: Out of bounds read in libjpeg-turbo.\nReported by Xu Hanyu and Lu Yutao from Panguite-Forensics-Lab of\nQianxin on 2021-07-29\"\n );\n # https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_21.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9293f232\"\n );\n # https://vuxml.freebsd.org/freebsd/3551e106-1b17-11ec-a8a7-704d7b472482.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0f54a11b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37957\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<94.0.4606.54\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:42:22", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 96.0.1054.29. It is, therefore, affected by multiple vulnerabilities as referenced in the November 19, 2021 advisory.\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\n - Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38009)\n\n - Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.\n (CVE-2021-38010)\n\n - Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-38013)\n\n - Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38014)\n\n - Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (CVE-2021-38015)\n\n - Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (CVE-2021-38016)\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-38018)\n\n - Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38019)\n\n - Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-38020)\n\n - Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38021)\n\n - Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38022)\n\n - Microsoft Edge (Chromium-based) Spoofing Vulnerability (CVE-2021-42308)\n\n - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability (CVE-2021-43221)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-02-10T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 96.0.1054.29 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022", "CVE-2021-42308", "CVE-2021-43221"], "modified": "2023-02-13T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_96_0_1054_29.NASL", "href": "https://www.tenable.com/plugins/nessus/171335", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(171335);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/13\");\n\n script_cve_id(\n \"CVE-2021-38005\",\n \"CVE-2021-38006\",\n \"CVE-2021-38007\",\n \"CVE-2021-38008\",\n \"CVE-2021-38009\",\n \"CVE-2021-38010\",\n \"CVE-2021-38011\",\n \"CVE-2021-38012\",\n \"CVE-2021-38013\",\n \"CVE-2021-38014\",\n \"CVE-2021-38015\",\n \"CVE-2021-38016\",\n \"CVE-2021-38017\",\n \"CVE-2021-38018\",\n \"CVE-2021-38019\",\n \"CVE-2021-38020\",\n \"CVE-2021-38021\",\n \"CVE-2021-38022\",\n \"CVE-2021-42308\",\n \"CVE-2021-43221\"\n );\n\n script_name(english:\"Microsoft Edge (Chromium) < 96.0.1054.29 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 96.0.1054.29. It is, therefore, affected\nby multiple vulnerabilities as referenced in the November 19, 2021 advisory.\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\n - Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n leak cross-origin data via a crafted HTML page. (CVE-2021-38009)\n\n - Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.\n (CVE-2021-38010)\n\n - Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed\n a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via\n a crafted HTML page. (CVE-2021-38013)\n\n - Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38014)\n\n - Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who\n convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome\n Extension. (CVE-2021-38015)\n\n - Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a\n remote attacker to bypass same origin policy via a crafted HTML page. (CVE-2021-38016)\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-38018)\n\n - Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker\n to leak cross-origin data via a crafted HTML page. (CVE-2021-38019)\n\n - Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45\n allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-38020)\n\n - Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker\n to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38021)\n\n - Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38022)\n\n - Microsoft Edge (Chromium-based) Spoofing Vulnerability (CVE-2021-42308)\n\n - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability (CVE-2021-43221)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?245dfb65\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38006\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38007\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38008\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38015\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38016\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38017\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38020\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38021\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43221\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 96.0.1054.29 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38017\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-38013\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/02/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\n\nvar extended = FALSE;\nif (app_info['Channel'] == 'extended') extended = TRUE;\n\nvar constraints;\nif (!extended) {\n\tconstraints = [\n \t\t{ 'fixed_version' : '96.0.1054.29' }\n\t];\n} else {\n\taudit(AUDIT_INST_VER_NOT_VULN, 'Microsoft Edge (Chromium)');\n};\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:33:32", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 94.0.992.31. It is, therefore, affected by multiple vulnerabilities as referenced in the September 24, 2021 advisory.\n\n - Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37973)\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-09-24T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 94.0.992.31 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37956", "CVE-2021-37957", "CVE-2021-37958", "CVE-2021-37959", "CVE-2021-37960", "CVE-2021-37961", "CVE-2021-37962", "CVE-2021-37963", "CVE-2021-37964", "CVE-2021-37965", "CVE-2021-37966", "CVE-2021-37967", "CVE-2021-37968", "CVE-2021-37969", "CVE-2021-37970", "CVE-2021-37971", "CVE-2021-37972", "CVE-2021-37973"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_94_0_992_31.NASL", "href": "https://www.tenable.com/plugins/nessus/153666", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153666);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-37956\",\n \"CVE-2021-37957\",\n \"CVE-2021-37958\",\n \"CVE-2021-37959\",\n \"CVE-2021-37960\",\n \"CVE-2021-37961\",\n \"CVE-2021-37962\",\n \"CVE-2021-37963\",\n \"CVE-2021-37964\",\n \"CVE-2021-37965\",\n \"CVE-2021-37966\",\n \"CVE-2021-37967\",\n \"CVE-2021-37968\",\n \"CVE-2021-37969\",\n \"CVE-2021-37970\",\n \"CVE-2021-37971\",\n \"CVE-2021-37972\",\n \"CVE-2021-37973\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0448-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 94.0.992.31 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 94.0.992.31. It is, therefore, affected\nby multiple vulnerabilities as referenced in the September 24, 2021 advisory.\n\n - Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37973)\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a\n remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a\n user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#september-24-2021\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6dbcb9b7\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37957\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37958\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37961\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37963\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37964\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37965\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37970\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37973\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 94.0.992.31 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37973\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '94.0.992.31' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-04T14:33:38", "description": "The version of Google Chrome installed on the remote macOS host is prior to 97.0.4692.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_01_stable-channel-update-for-desktop advisory.\n\n - Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0107)\n\n - Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0096)\n\n - Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page. (CVE-2022-0097)\n\n - Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures. (CVE-2022-0098)\n\n - Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.\n (CVE-2022-0099)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-04T00:00:00", "type": "nessus", "title": "Google Chrome < 97.0.4692.71 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0096", "CVE-2022-0097", "CVE-2022-0098", "CVE-2022-0099", "CVE-2022-0100", "CVE-2022-0101", "CVE-2022-0102", "CVE-2022-0103", "CVE-2022-0104", "CVE-2022-0105", "CVE-2022-0106", "CVE-2022-0107", "CVE-2022-0108", "CVE-2022-0109", "CVE-2022-0110", "CVE-2022-0111", "CVE-2022-0112", "CVE-2022-0113", "CVE-2022-0114", "CVE-2022-0115", "CVE-2022-0116", "CVE-2022-0117", "CVE-2022-0118", "CVE-2022-0120", "CVE-2022-0337"], "modified": "2022-05-06T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_97_0_4692_71.NASL", "href": "https://www.tenable.com/plugins/nessus/156461", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156461);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2022-0096\",\n \"CVE-2022-0097\",\n \"CVE-2022-0098\",\n \"CVE-2022-0099\",\n \"CVE-2022-0100\",\n \"CVE-2022-0101\",\n \"CVE-2022-0102\",\n \"CVE-2022-0103\",\n \"CVE-2022-0104\",\n \"CVE-2022-0105\",\n \"CVE-2022-0106\",\n \"CVE-2022-0107\",\n \"CVE-2022-0108\",\n \"CVE-2022-0109\",\n \"CVE-2022-0110\",\n \"CVE-2022-0111\",\n \"CVE-2022-0112\",\n \"CVE-2022-0113\",\n \"CVE-2022-0114\",\n \"CVE-2022-0115\",\n \"CVE-2022-0116\",\n \"CVE-2022-0117\",\n \"CVE-2022-0118\",\n \"CVE-2022-0120\",\n \"CVE-2022-0337\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0001-S\");\n\n script_name(english:\"Google Chrome < 97.0.4692.71 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 97.0.4692.71. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2022_01_stable-channel-update-for-desktop advisory.\n\n - Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker\n who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n HTML page. (CVE-2022-0107)\n\n - Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-0096)\n\n - Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who\n convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox\n via a crafted HTML page. (CVE-2022-0097)\n\n - Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker\n who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific\n user gestures. (CVE-2022-0098)\n\n - Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a\n user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.\n (CVE-2022-0099)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5ffc44e4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1275020\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1117173\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1273609\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1245629\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1238209\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1249426\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1260129\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1272266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1273661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1274376\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1278960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1248438\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1248444\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1261689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1237310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1241188\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1255713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1039885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1267627\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1268903\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1272250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1115847\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1238631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1262953\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 97.0.4692.71 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0115\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0097\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'97.0.4692.71', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:26", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 96.0.1052.29. It is, therefore, affected by multiple vulnerabilities as referenced in the November 19, 2021 advisory.\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-20T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 96.0.1052.29 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022", "CVE-2021-42308", "CVE-2021-43221"], "modified": "2022-05-06T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_96_0_1052_29.NASL", "href": "https://www.tenable.com/plugins/nessus/155653", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155653);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2021-38005\",\n \"CVE-2021-38006\",\n \"CVE-2021-38007\",\n \"CVE-2021-38008\",\n \"CVE-2021-38009\",\n \"CVE-2021-38010\",\n \"CVE-2021-38011\",\n \"CVE-2021-38012\",\n \"CVE-2021-38013\",\n \"CVE-2021-38014\",\n \"CVE-2021-38015\",\n \"CVE-2021-38016\",\n \"CVE-2021-38017\",\n \"CVE-2021-38018\",\n \"CVE-2021-38019\",\n \"CVE-2021-38020\",\n \"CVE-2021-38021\",\n \"CVE-2021-38022\",\n \"CVE-2021-43221\"\n );\n\n script_name(english:\"Microsoft Edge (Chromium) < 96.0.1052.29 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 96.0.1052.29. It is, therefore, affected\nby multiple vulnerabilities as referenced in the November 19, 2021 advisory.\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#november-19-2021\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?95dce263\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38006\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38007\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38008\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38015\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38016\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38017\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38020\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38021\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43221\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 96.0.1052.29 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38017\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-38013\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '96.0.1052.29' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-04T14:33:38", "description": "The version of Google Chrome installed on the remote Windows host is prior to 97.0.4692.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_01_stable-channel-update-for-desktop advisory.\n\n - Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0107)\n\n - Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0096)\n\n - Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page. (CVE-2022-0097)\n\n - Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures. (CVE-2022-0098)\n\n - Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.\n (CVE-2022-0099)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-04T00:00:00", "type": "nessus", "title": "Google Chrome < 97.0.4692.71 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0096", "CVE-2022-0097", "CVE-2022-0098", "CVE-2022-0099", "CVE-2022-0100", "CVE-2022-0101", "CVE-2022-0102", "CVE-2022-0103", "CVE-2022-0104", "CVE-2022-0105", "CVE-2022-0106", "CVE-2022-0107", "CVE-2022-0108", "CVE-2022-0109", "CVE-2022-0110", "CVE-2022-0111", "CVE-2022-0112", "CVE-2022-0113", "CVE-2022-0114", "CVE-2022-0115", "CVE-2022-0116", "CVE-2022-0117", "CVE-2022-0118", "CVE-2022-0120", "CVE-2022-0337"], "modified": "2022-05-06T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_97_0_4692_71.NASL", "href": "https://www.tenable.com/plugins/nessus/156462", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156462);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2022-0096\",\n \"CVE-2022-0097\",\n \"CVE-2022-0098\",\n \"CVE-2022-0099\",\n \"CVE-2022-0100\",\n \"CVE-2022-0101\",\n \"CVE-2022-0102\",\n \"CVE-2022-0103\",\n \"CVE-2022-0104\",\n \"CVE-2022-0105\",\n \"CVE-2022-0106\",\n \"CVE-2022-0107\",\n \"CVE-2022-0108\",\n \"CVE-2022-0109\",\n \"CVE-2022-0110\",\n \"CVE-2022-0111\",\n \"CVE-2022-0112\",\n \"CVE-2022-0113\",\n \"CVE-2022-0114\",\n \"CVE-2022-0115\",\n \"CVE-2022-0116\",\n \"CVE-2022-0117\",\n \"CVE-2022-0118\",\n \"CVE-2022-0120\",\n \"CVE-2022-0337\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0001-S\");\n\n script_name(english:\"Google Chrome < 97.0.4692.71 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 97.0.4692.71. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2022_01_stable-channel-update-for-desktop advisory.\n\n - Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker\n who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n HTML page. (CVE-2022-0107)\n\n - Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-0096)\n\n - Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who\n convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox\n via a crafted HTML page. (CVE-2022-0097)\n\n - Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker\n who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific\n user gestures. (CVE-2022-0098)\n\n - Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a\n user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.\n (CVE-2022-0099)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5ffc44e4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1275020\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1117173\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1273609\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1245629\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1238209\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1249426\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1260129\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1272266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1273661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1274376\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1278960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1248438\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1248444\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1261689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1237310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1241188\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1255713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1039885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1267627\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1268903\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1272250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1115847\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1238631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1262953\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 97.0.4692.71 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0115\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0097\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'97.0.4692.71', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-04T14:33:36", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0014-1 advisory.\n\n - Use after free in Storage. (CVE-2022-0096)\n\n - Inappropriate implementation in DevTools. (CVE-2022-0097)\n\n - Use after free in Screen Capture. (CVE-2022-0098)\n\n - Use after free in Sign-in. (CVE-2022-0099)\n\n - Heap buffer overflow in Media streams API. (CVE-2022-0100)\n\n - Heap buffer overflow in Bookmarks. (CVE-2022-0101)\n\n - Type Confusion in V8 . (CVE-2022-0102)\n\n - Use after free in SwiftShader. (CVE-2022-0103)\n\n - Heap buffer overflow in ANGLE. (CVE-2022-0104)\n\n - Use after free in PDF. (CVE-2022-0105)\n\n - Use after free in Autofill. (CVE-2022-0106)\n\n - Use after free in File Manager API. (CVE-2022-0107)\n\n - Inappropriate implementation in Navigation. (CVE-2022-0108, CVE-2022-0111)\n\n - Inappropriate implementation in Autofill. (CVE-2022-0109)\n\n - Incorrect security UI in Autofill. (CVE-2022-0110)\n\n - Incorrect security UI in Browser UI. (CVE-2022-0112)\n\n - Inappropriate implementation in Blink. (CVE-2022-0113)\n\n - Out of bounds memory access in Web Serial. (CVE-2022-0114)\n\n - Uninitialized Use in File API. (CVE-2022-0115)\n\n - Inappropriate implementation in Compositing. (CVE-2022-0116)\n\n - Policy bypass in Service Workers. (CVE-2022-0117)\n\n - Inappropriate implementation in WebShare. (CVE-2022-0118)\n\n - Inappropriate implementation in Passwords. (CVE-2022-0120)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-18T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2022:0014-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0096", "CVE-2022-0097", "CVE-2022-0098", "CVE-2022-0099", "CVE-2022-0100", "CVE-2022-0101", "CVE-2022-0102", "CVE-2022-0103", "CVE-2022-0104", "CVE-2022-0105", "CVE-2022-0106", "CVE-2022-0107", "CVE-2022-0108", "CVE-2022-0109", "CVE-2022-0110", "CVE-2022-0111", "CVE-2022-0112", "CVE-2022-0113", "CVE-2022-0114", "CVE-2022-0115", "CVE-2022-0116", "CVE-2022-0117", "CVE-2022-0118", "CVE-2022-0120"], "modified": "2022-05-06T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0014-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156781", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0014-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156781);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2022-0096\",\n \"CVE-2022-0097\",\n \"CVE-2022-0098\",\n \"CVE-2022-0099\",\n \"CVE-2022-0100\",\n \"CVE-2022-0101\",\n \"CVE-2022-0102\",\n \"CVE-2022-0103\",\n \"CVE-2022-0104\",\n \"CVE-2022-0105\",\n \"CVE-2022-0106\",\n \"CVE-2022-0107\",\n \"CVE-2022-0108\",\n \"CVE-2022-0109\",\n \"CVE-2022-0110\",\n \"CVE-2022-0111\",\n \"CVE-2022-0112\",\n \"CVE-2022-0113\",\n \"CVE-2022-0114\",\n \"CVE-2022-0115\",\n \"CVE-2022-0116\",\n \"CVE-2022-0117\",\n \"CVE-2022-0118\",\n \"CVE-2022-0120\"\n );\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2022:0014-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0014-1 advisory.\n\n - Use after free in Storage. (CVE-2022-0096)\n\n - Inappropriate implementation in DevTools. (CVE-2022-0097)\n\n - Use after free in Screen Capture. (CVE-2022-0098)\n\n - Use after free in Sign-in. (CVE-2022-0099)\n\n - Heap buffer overflow in Media streams API. (CVE-2022-0100)\n\n - Heap buffer overflow in Bookmarks. (CVE-2022-0101)\n\n - Type Confusion in V8 . (CVE-2022-0102)\n\n - Use after free in SwiftShader. (CVE-2022-0103)\n\n - Heap buffer overflow in ANGLE. (CVE-2022-0104)\n\n - Use after free in PDF. (CVE-2022-0105)\n\n - Use after free in Autofill. (CVE-2022-0106)\n\n - Use after free in File Manager API. (CVE-2022-0107)\n\n - Inappropriate implementation in Navigation. (CVE-2022-0108, CVE-2022-0111)\n\n - Inappropriate implementation in Autofill. (CVE-2022-0109)\n\n - Incorrect security UI in Autofill. (CVE-2022-0110)\n\n - Incorrect security UI in Browser UI. (CVE-2022-0112)\n\n - Inappropriate implementation in Blink. (CVE-2022-0113)\n\n - Out of bounds memory access in Web Serial. (CVE-2022-0114)\n\n - Uninitialized Use in File API. (CVE-2022-0115)\n\n - Inappropriate implementation in Compositing. (CVE-2022-0116)\n\n - Policy bypass in Service Workers. (CVE-2022-0117)\n\n - Inappropriate implementation in WebShare. (CVE-2022-0118)\n\n - Inappropriate implementation in Passwords. (CVE-2022-0120)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194182\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194331\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XW7HD7EA7DNOWMGKDOA6BCE6FBFET4WB/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?34e4adbe\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0097\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0101\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0102\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0103\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0105\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0106\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0107\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0109\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0110\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0112\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0113\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0114\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0117\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0120\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0115\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0097\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-97.0.4692.71-bp153.2.54.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromedriver-97.0.4692.71-bp153.2.54.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-97.0.4692.71-bp153.2.54.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-97.0.4692.71-bp153.2.54.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-04T14:33:37", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 9eeccbf3-6e26-11ec-bb10-3065ec8fd3ec advisory.\n\n - Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0107)\n\n - Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0096)\n\n - Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page. (CVE-2022-0097)\n\n - Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures. (CVE-2022-0098)\n\n - Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.\n (CVE-2022-0099)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-05T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (9eeccbf3-6e26-11ec-bb10-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0096", "CVE-2022-0097", "CVE-2022-0098", "CVE-2022-0099", "CVE-2022-0100", "CVE-2022-0101", "CVE-2022-0102", "CVE-2022-0103", "CVE-2022-0104", "CVE-2022-0105", "CVE-2022-0106", "CVE-2022-0107", "CVE-2022-0108", "CVE-2022-0109", "CVE-2022-0110", "CVE-2022-0111", "CVE-2022-0112", "CVE-2022-0113", "CVE-2022-0114", "CVE-2022-0115", "CVE-2022-0116", "CVE-2022-0117", "CVE-2022-0118", "CVE-2022-0120"], "modified": "2022-05-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_9EECCBF36E2611ECBB103065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/156469", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156469);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2022-0096\",\n \"CVE-2022-0097\",\n \"CVE-2022-0098\",\n \"CVE-2022-0099\",\n \"CVE-2022-0100\",\n \"CVE-2022-0101\",\n \"CVE-2022-0102\",\n \"CVE-2022-0103\",\n \"CVE-2022-0104\",\n \"CVE-2022-0105\",\n \"CVE-2022-0106\",\n \"CVE-2022-0107\",\n \"CVE-2022-0108\",\n \"CVE-2022-0109\",\n \"CVE-2022-0110\",\n \"CVE-2022-0111\",\n \"CVE-2022-0112\",\n \"CVE-2022-0113\",\n \"CVE-2022-0114\",\n \"CVE-2022-0115\",\n \"CVE-2022-0116\",\n \"CVE-2022-0117\",\n \"CVE-2022-0118\",\n \"CVE-2022-0120\"\n );\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (9eeccbf3-6e26-11ec-bb10-3065ec8fd3ec)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple\nvulnerabilities as referenced in the 9eeccbf3-6e26-11ec-bb10-3065ec8fd3ec advisory.\n\n - Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker\n who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n HTML page. (CVE-2022-0107)\n\n - Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-0096)\n\n - Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who\n convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox\n via a crafted HTML page. (CVE-2022-0097)\n\n - Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker\n who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific\n user gestures. (CVE-2022-0098)\n\n - Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a\n user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.\n (CVE-2022-0099)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5ffc44e4\");\n # https://vuxml.freebsd.org/freebsd/9eeccbf3-6e26-11ec-bb10-3065ec8fd3ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0c16445c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0115\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0097\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'chromium<97.0.4692.71'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-03T15:42:36", "description": "The version of Google Chrome installed on the remote macOS host is prior to 96.0.4664.93. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_12_stable-channel-update-for-desktop advisory.\n\n - Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets. (CVE-2021-4079)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2021-4055)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-06T00:00:00", "type": "nessus", "title": "Google Chrome < 96.0.4664.93 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068", "CVE-2021-4078", "CVE-2021-4079"], "modified": "2022-01-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_96_0_4664_93.NASL", "href": "https://www.tenable.com/plugins/nessus/155866", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155866);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/11\");\n\n script_cve_id(\n \"CVE-2021-4052\",\n \"CVE-2021-4053\",\n \"CVE-2021-4054\",\n \"CVE-2021-4055\",\n \"CVE-2021-4056\",\n \"CVE-2021-4057\",\n \"CVE-2021-4058\",\n \"CVE-2021-4059\",\n \"CVE-2021-4061\",\n \"CVE-2021-4062\",\n \"CVE-2021-4063\",\n \"CVE-2021-4064\",\n \"CVE-2021-4065\",\n \"CVE-2021-4066\",\n \"CVE-2021-4067\",\n \"CVE-2021-4068\",\n \"CVE-2021-4078\",\n \"CVE-2021-4079\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0568-S\");\n\n script_name(english:\"Google Chrome < 96.0.4664.93 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 96.0.4664.93. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2021_12_stable-channel-update-for-desktop advisory.\n\n - Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via crafted WebRTC packets. (CVE-2021-4079)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user\n to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who\n convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n Chrome Extension. (CVE-2021-4055)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7cd0fa03\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1267661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1267791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1239760\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1266510\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1260939\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1262183\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1267496\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1270990\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1271456\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1272403\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1273176\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1273197\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1273674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1274499\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1274641\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1265197\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 96.0.4664.93 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4079\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'96.0.4664.93', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-03T15:42:21", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 18ac074c-579f-11ec-aac7-3065ec8fd3ec advisory.\n\n - Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4067)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2021-4055)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-13T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (18ac074c-579f-11ec-aac7-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068", "CVE-2021-4078", "CVE-2021-4079"], "modified": "2022-01-20T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_18AC074C579F11ECAAC73065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/156027", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156027);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/20\");\n\n script_cve_id(\n \"CVE-2021-4052\",\n \"CVE-2021-4053\",\n \"CVE-2021-4054\",\n \"CVE-2021-4055\",\n \"CVE-2021-4056\",\n \"CVE-2021-4057\",\n \"CVE-2021-4058\",\n \"CVE-2021-4059\",\n \"CVE-2021-4061\",\n \"CVE-2021-4062\",\n \"CVE-2021-4063\",\n \"CVE-2021-4064\",\n \"CVE-2021-4065\",\n \"CVE-2021-4066\",\n \"CVE-2021-4067\",\n \"CVE-2021-4068\",\n \"CVE-2021-4078\",\n \"CVE-2021-4079\"\n );\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (18ac074c-579f-11ec-aac7-3065ec8fd3ec)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple\nvulnerabilities as referenced in the 18ac074c-579f-11ec-aac7-3065ec8fd3ec advisory.\n\n - Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote\n attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4067)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user\n to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who\n convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n Chrome Extension. (CVE-2021-4055)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7cd0fa03\");\n # https://vuxml.freebsd.org/freebsd/18ac074c-579f-11ec-aac7-3065ec8fd3ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c9b505b2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4079\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'chromium<96.0.4664.93'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-03T15:45:33", "description": "The version of Google Chrome installed on the remote Windows host is prior to 96.0.4664.93. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_12_stable-channel-update-for-desktop advisory.\n\n - Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets. (CVE-2021-4079)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2021-4055)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-06T00:00:00", "type": "nessus", "title": "Google Chrome < 96.0.4664.93 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068", "CVE-2021-4078", "CVE-2021-4079"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_96_0_4664_93.NASL", "href": "https://www.tenable.com/plugins/nessus/155867", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155867);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2021-4052\",\n \"CVE-2021-4053\",\n \"CVE-2021-4054\",\n \"CVE-2021-4055\",\n \"CVE-2021-4056\",\n \"CVE-2021-4057\",\n \"CVE-2021-4058\",\n \"CVE-2021-4059\",\n \"CVE-2021-4061\",\n \"CVE-2021-4062\",\n \"CVE-2021-4063\",\n \"CVE-2021-4064\",\n \"CVE-2021-4065\",\n \"CVE-2021-4066\",\n \"CVE-2021-4067\",\n \"CVE-2021-4068\",\n \"CVE-2021-4078\",\n \"CVE-2021-4079\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0568-S\");\n\n script_name(english:\"Google Chrome < 96.0.4664.93 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 96.0.4664.93. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2021_12_stable-channel-update-for-desktop advisory.\n\n - Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via crafted WebRTC packets. (CVE-2021-4079)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user\n to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who\n convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n Chrome Extension. (CVE-2021-4055)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7cd0fa03\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1267661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1267791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1239760\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1266510\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1260939\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1262183\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1267496\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1270990\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1271456\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1272403\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1273176\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1273197\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1273674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1274499\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1274641\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1265197\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 96.0.4664.93 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4079\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'96.0.4664.93', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-03T15:44:14", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 96.0.1054.53. It is, therefore, affected by multiple vulnerabilities as referenced in the December 10, 2021 advisory.\n\n - Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4067)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2021-4055)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-11T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 96.0.1054.53 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068"], "modified": "2022-01-11T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_96_0_1054_53.NASL", "href": "https://www.tenable.com/plugins/nessus/156011", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156011);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/11\");\n\n script_cve_id(\n \"CVE-2021-4052\",\n \"CVE-2021-4053\",\n \"CVE-2021-4054\",\n \"CVE-2021-4055\",\n \"CVE-2021-4056\",\n \"CVE-2021-4057\",\n \"CVE-2021-4058\",\n \"CVE-2021-4059\",\n \"CVE-2021-4061\",\n \"CVE-2021-4062\",\n \"CVE-2021-4063\",\n \"CVE-2021-4064\",\n \"CVE-2021-4065\",\n \"CVE-2021-4066\",\n \"CVE-2021-4067\",\n \"CVE-2021-4068\"\n );\n\n script_name(english:\"Microsoft Edge (Chromium) < 96.0.1054.53 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 96.0.1054.53. It is, therefore, affected\nby multiple vulnerabilities as referenced in the December 10, 2021 advisory.\n\n - Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote\n attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4067)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user\n to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who\n convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n Chrome Extension. (CVE-2021-4055)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#december-10-2021\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?10871512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4052\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4054\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4059\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4062\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4063\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4064\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4065\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4066\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4067\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4068\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 96.0.1054.53 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4067\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '96.0.1054.53' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-04T14:32:32", "description": "The version of Google Chrome installed on the remote macOS host is prior to 95.0.4638.69. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop_28 advisory.\n\n - Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38003)\n\n - Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37997)\n\n - Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37998)\n\n - Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.\n (CVE-2021-37999)\n\n - Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.\n (CVE-2021-38000)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-28T00:00:00", "type": "nessus", "title": "Google Chrome < 95.0.4638.69 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37997", "CVE-2021-37998", "CVE-2021-37999", "CVE-2021-38000", "CVE-2021-38001", "CVE-2021-38002", "CVE-2021-38003", "CVE-2021-38004"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_95_0_4638_69.NASL", "href": "https://www.tenable.com/plugins/nessus/154705", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154705);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-37997\",\n \"CVE-2021-37998\",\n \"CVE-2021-37999\",\n \"CVE-2021-38000\",\n \"CVE-2021-38001\",\n \"CVE-2021-38002\",\n \"CVE-2021-38003\",\n \"CVE-2021-38004\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0522-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"Google Chrome < 95.0.4638.69 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 95.0.4638.69. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop_28 advisory.\n\n - Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38003)\n\n - Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a\n user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37997)\n\n - Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37998)\n\n - Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote\n attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.\n (CVE-2021-37999)\n\n - Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69\n allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.\n (CVE-2021-38000)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b9b4b94a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1259864\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1259587\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1251541\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1249962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1260577\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1260940\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1263462\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 95.0.4638.69 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38003\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-38002\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'95.0.4638.69', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:35", "description": "The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1433-1 advisory.\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\n - : Use after free in Garbage Collection. (CVE-2021-37977)\n\n - This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. (CVE-2021-37978)\n\n - : Heap buffer overflow in WebRTC. (CVE-2021-37979)\n\n - : Inappropriate implementation in Sandbox. (CVE-2021-37980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-02T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : opera (openSUSE-SU-2021:1433-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:opera", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-1433.NASL", "href": "https://www.tenable.com/plugins/nessus/154822", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1433-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154822);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-37974\",\n \"CVE-2021-37975\",\n \"CVE-2021-37976\",\n \"CVE-2021-37977\",\n \"CVE-2021-37978\",\n \"CVE-2021-37979\",\n \"CVE-2021-37980\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0449-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0459-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"openSUSE 15 Security Update : opera (openSUSE-SU-2021:1433-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1433-1 advisory.\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to\n obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\n - : Use after free in Garbage Collection. (CVE-2021-37977)\n\n - This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this\n vulnerability. Please see Google Chrome Releases for more information. (CVE-2021-37978)\n\n - : Heap buffer overflow in WebRTC. (CVE-2021-37979)\n\n - : Inappropriate implementation in Sandbox. (CVE-2021-37980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2JKY4BZIJEZDOAALSG7OM4W3NORVRUO4/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ab3a14ec\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37976\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37979\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37980\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected opera package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37979\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.2', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'opera-80.0.4170.63-lp152.2.73.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'opera');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-04T14:32:07", "description": "The version of Google Chrome installed on the remote Windows host is prior to 95.0.4638.69. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop_28 advisory.\n\n - Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38003)\n\n - Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37997)\n\n - Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37998)\n\n - Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.\n (CVE-2021-37999)\n\n - Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.\n (CVE-2021-38000)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-28T00:00:00", "type": "nessus", "title": "Google Chrome < 95.0.4638.69 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37997", "CVE-2021-37998", "CVE-2021-37999", "CVE-2021-38000", "CVE-2021-38001", "CVE-2021-38002", "CVE-2021-38003", "CVE-2021-38004"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_95_0_4638_69.NASL", "href": "https://www.tenable.com/plugins/nessus/154706", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154706);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-37997\",\n \"CVE-2021-37998\",\n \"CVE-2021-37999\",\n \"CVE-2021-38000\",\n \"CVE-2021-38001\",\n \"CVE-2021-38002\",\n \"CVE-2021-38003\",\n \"CVE-2021-38004\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0522-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"Google Chrome < 95.0.4638.69 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 95.0.4638.69. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop_28 advisory.\n\n - Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38003)\n\n - Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a\n user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37997)\n\n - Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37998)\n\n - Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote\n attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.\n (CVE-2021-37999)\n\n - Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69\n allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.\n (CVE-2021-38000)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b9b4b94a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1259864\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1259587\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1251541\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1249962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1260577\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1260940\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1263462\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 95.0.4638.69 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38003\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-38002\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'95.0.4638.69', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-04T14:32:57", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 95.0.1020.40. It is, therefore, affected by multiple vulnerabilities as referenced in the October 29, 2021 advisory.\n\n - Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38003)\n\n - Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37997)\n\n - Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37998)\n\n - Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.\n (CVE-2021-37999)\n\n - Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.\n (CVE-2021-38000)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-29T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 95.0.1020.40 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37997", "CVE-2021-37998", "CVE-2021-37999", "CVE-2021-38000", "CVE-2021-38001", "CVE-2021-38002", "CVE-2021-38003"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_95_0_1020_40.NASL", "href": "https://www.tenable.com/plugins/nessus/154738", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154738);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-37997\",\n \"CVE-2021-37998\",\n \"CVE-2021-37999\",\n \"CVE-2021-38000\",\n \"CVE-2021-38001\",\n \"CVE-2021-38002\",\n \"CVE-2021-38003\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0522-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 95.0.1020.40 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 95.0.1020.40. It is, therefore, affected\nby multiple vulnerabilities as referenced in the October 29, 2021 advisory.\n\n - Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38003)\n\n - Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a\n user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37997)\n\n - Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37998)\n\n - Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote\n attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.\n (CVE-2021-37999)\n\n - Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69\n allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.\n (CVE-2021-38000)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#october-29-2021\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dd5c7f7f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37997\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38000\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38001\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38003\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 95.0.1020.40 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38003\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-38002\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '95.0.1020.40' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-04T14:32:33", "description": "Chrome Releases reports :\n\nThis release contains 8 security fixes, including :\n\n- [1259864] High CVE-2021-37997 : Use after free in Sign-In. Reported by Wei Yuan of MoyunSec VLab on 2021-10-14\n\n- [1259587] High CVE-2021-37998 : Use after free in Garbage Collection. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-10-13\n\n- [1251541] High CVE-2021-37999 : Insufficient data validation in New Tab Page. Reported by Ashish Arun Dhone on 2021-09-21\n\n- [1249962] High CVE-2021-38000 : Insufficient validation of untrusted input in Intents. Reported by Clement Lecigne, Neel Mehta, and Maddie Stone of Google Threat Analysis Group on 2021-09-15\n\n- [1260577] High CVE-2021-38001 : Type Confusion in V8. Reported by @s0rrymybad of Kunlun Lab via Tianfu Cup on 2021-10-16\n\n- [1260940] High CVE-2021-38002 : Use after free in Web Transport.\nReported by @__R0ng of 360 Alpha Lab, ? via Tianfu Cup on 2021-10-16\n\n- [1263462] High CVE-2021-38003 : Inappropriate implementation in V8.\nReported by Clement Lecigne from Google TAG and Samuel Gross from Google Project Zero on 2021-10-26\n\nGoogle is aware that exploits for CVE-2021-38000 and CVE-2021-38003 exist in the wild.", "cvss3": {}, "published": "2021-11-01T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (976d7bf9-38ea-11ec-b3b0-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37997", "CVE-2021-37998", "CVE-2021-37999", "CVE-2021-38000", "CVE-2021-38001", "CVE-2021-38002", "CVE-2021-38003"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_976D7BF938EA11ECB3B03065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/154773", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154773);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-37997\",\n \"CVE-2021-37998\",\n \"CVE-2021-37999\",\n \"CVE-2021-38000\",\n \"CVE-2021-38001\",\n \"CVE-2021-38002\",\n \"CVE-2021-38003\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0522-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (976d7bf9-38ea-11ec-b3b0-3065ec8fd3ec)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Chrome Releases reports :\n\nThis release contains 8 security fixes, including :\n\n- [1259864] High CVE-2021-37997 : Use after free in Sign-In. Reported\nby Wei Yuan of MoyunSec VLab on 2021-10-14\n\n- [1259587] High CVE-2021-37998 : Use after free in Garbage\nCollection. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile\nTelecommunications Corp. Ltd. on 2021-10-13\n\n- [1251541] High CVE-2021-37999 : Insufficient data validation in New\nTab Page. Reported by Ashish Arun Dhone on 2021-09-21\n\n- [1249962] High CVE-2021-38000 : Insufficient validation of untrusted\ninput in Intents. Reported by Clement Lecigne, Neel Mehta, and Maddie\nStone of Google Threat Analysis Group on 2021-09-15\n\n- [1260577] High CVE-2021-38001 : Type Confusion in V8. Reported by\n@s0rrymybad of Kunlun Lab via Tianfu Cup on 2021-10-16\n\n- [1260940] High CVE-2021-38002 : Use after free in Web Transport.\nReported by @__R0ng of 360 Alpha Lab, ? via Tianfu Cup on 2021-10-16\n\n- [1263462] High CVE-2021-38003 : Inappropriate implementation in V8.\nReported by Clement Lecigne from Google TAG and Samuel Gross from\nGoogle Project Zero on 2021-10-26\n\nGoogle is aware that exploits for CVE-2021-38000 and CVE-2021-38003\nexist in the wild.\");\n # https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b9b4b94a\");\n # https://vuxml.freebsd.org/freebsd/976d7bf9-38ea-11ec-b3b0-3065ec8fd3ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1d1c70ec\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38003\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-38002\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<95.0.4638.69\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T15:16:05", "description": "The remote Fedora 34 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-116eff380f advisory.\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\n - Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)\n\n - Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-16T00:00:00", "type": "nessus", "title": "Fedora 34 : chromium (2021-116eff380f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:34", "p-cpe:/a:fedoraproject:fedora:chromium"], "id": "FEDORA_2021-116EFF380F.NASL", "href": "https://www.tenable.com/plugins/nessus/154180", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2021-116eff380f\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154180);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-37974\",\n \"CVE-2021-37975\",\n \"CVE-2021-37976\",\n \"CVE-2021-37977\",\n \"CVE-2021-37978\",\n \"CVE-2021-37979\",\n \"CVE-2021-37980\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0449-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0459-S\");\n script_xref(name:\"FEDORA\", value:\"2021-116eff380f\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"Fedora 34 : chromium (2021-116eff380f)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 34 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2021-116eff380f advisory.\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to\n obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\n - Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)\n\n - Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2021-116eff380f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromium package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37979\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:34\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:chromium\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Fedora' >!< release) audit(AUDIT_OS_NOT, 'Fedora');\nvar os_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^34([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 34', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\nvar pkgs = [\n {'reference':'chromium-94.0.4606.81-1.fc34', 'release':'FC34', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-04T14:34:05", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1462-1 advisory.\n\n - : Use after free in Sign-In. (CVE-2021-37997)\n\n - : Use after free in Garbage Collection. (CVE-2021-37998)\n\n - : Insufficient data validation in New Tab Page. (CVE-2021-37999)\n\n - : Insufficient validation of untrusted input in Intents. (CVE-2021-38000)\n\n - : Type Confusion in V8. (CVE-2021-38001)\n\n - : Use after free in Web Transport. (CVE-2021-38002)\n\n - : Inappropriate implementation in V8. (CVE-2021-38003)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-09T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1462-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37997", "CVE-2021-37998", "CVE-2021-37999", "CVE-2021-38000", "CVE-2021-38001", "CVE-2021-38002", "CVE-2021-38003"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.2", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-1462.NASL", "href": "https://www.tenable.com/plugins/nessus/154976", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1462-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154976);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-37997\",\n \"CVE-2021-37998\",\n \"CVE-2021-37999\",\n \"CVE-2021-38000\",\n \"CVE-2021-38001\",\n \"CVE-2021-38002\",\n \"CVE-2021-38003\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1462-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1462-1 advisory.\n\n - : Use after free in Sign-In. (CVE-2021-37997)\n\n - : Use after free in Garbage Collection. (CVE-2021-37998)\n\n - : Insufficient data validation in New Tab Page. (CVE-2021-37999)\n\n - : Insufficient validation of untrusted input in Intents. (CVE-2021-38000)\n\n - : Type Confusion in V8. (CVE-2021-38001)\n\n - : Use after free in Web Transport. (CVE-2021-38002)\n\n - : Inappropriate implementation in V8. (CVE-2021-38003)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192184\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LILU2Q77SAPFWPTS2P4ZOLY6WZ3NJCJN/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?22c7858a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37997\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38000\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38001\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38003\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38003\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-38002\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.2|SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.2 / 15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-95.0.4638.69-bp153.2.40.3', 'cpu':'aarch64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromedriver-95.0.4638.69-bp153.2.40.3', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromedriver-95.0.4638.69-bp153.2.40.3', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromedriver-95.0.4638.69-bp153.2.40.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-95.0.4638.69-bp153.2.40.3', 'cpu':'aarch64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-95.0.4638.69-bp153.2.40.3', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-95.0.4638.69-bp153.2.40.3', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-95.0.4638.69-bp153.2.40.3', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-04T14:34:09", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 97.0.1072.55. It is, therefore, affected by multiple vulnerabilities as referenced in the January 6, 2022 advisory.\n\n - Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0107)\n\n - Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0096)\n\n - Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page. (CVE-2022-0097)\n\n - Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures. (CVE-2022-0098)\n\n - Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.\n (CVE-2022-0099)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-06T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 97.0.1072.55 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0096", "CVE-2022-0097", "CVE-2022-0098", "CVE-2022-0099", "CVE-2022-0100", "CVE-2022-0101", "CVE-2022-0102", "CVE-2022-0103", "CVE-2022-0104", "CVE-2022-0105", "CVE-2022-0106", "CVE-2022-0107", "CVE-2022-0108", "CVE-2022-0109", "CVE-2022-0110", "CVE-2022-0111", "CVE-2022-0112", "CVE-2022-0113", "CVE-2022-0114", "CVE-2022-0115", "CVE-2022-0116", "CVE-2022-0117", "CVE-2022-0118", "CVE-2022-0120", "CVE-2022-21929", "CVE-2022-21930", "CVE-2022-21931", "CVE-2022-21954", "CVE-2022-21970"], "modified": "2022-05-06T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_97_0_1072_55.NASL", "href": "https://www.tenable.com/plugins/nessus/156545", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156545);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2022-0096\",\n \"CVE-2022-0097\",\n \"CVE-2022-0098\",\n \"CVE-2022-0099\",\n \"CVE-2022-0100\",\n \"CVE-2022-0101\",\n \"CVE-2022-0102\",\n \"CVE-2022-0103\",\n \"CVE-2022-0104\",\n \"CVE-2022-0105\",\n \"CVE-2022-0106\",\n \"CVE-2022-0107\",\n \"CVE-2022-0108\",\n \"CVE-2022-0109\",\n \"CVE-2022-0110\",\n \"CVE-2022-0111\",\n \"CVE-2022-0112\",\n \"CVE-2022-0113\",\n \"CVE-2022-0114\",\n \"CVE-2022-0115\",\n \"CVE-2022-0116\",\n \"CVE-2022-0117\",\n \"CVE-2022-0118\",\n \"CVE-2022-0120\",\n \"CVE-2022-21929\",\n \"CVE-2022-21930\",\n \"CVE-2022-21931\",\n \"CVE-2022-21954\",\n \"CVE-2022-21970\"\n );\n\n script_name(english:\"Microsoft Edge (Chromium) < 97.0.1072.55 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 97.0.1072.55. It is, therefore, affected\nby multiple vulnerabilities as referenced in the January 6, 2022 advisory.\n\n - Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker\n who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n HTML page. (CVE-2022-0107)\n\n - Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-0096)\n\n - Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who\n convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox\n via a crafted HTML page. (CVE-2022-0097)\n\n - Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker\n who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific\n user gestures. (CVE-2022-0098)\n\n - Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a\n user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.\n (CVE-2022-0099)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#january-6-2022\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?10ad4694\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0097\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0101\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0102\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0103\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0105\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0106\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0107\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0109\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0110\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0112\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0113\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0114\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0117\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0120\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21930\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21931\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21954\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21970\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 97.0.1072.55 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21970\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0097\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '97.0.1072.55' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:50", "description": "Chrome Releases reports :\n\nThis release contains 4 security fixes, including :\n\n- [1252878] High CVE-2021-37977: Use after free in Garbage Collection.\nReported by Anonymous on 2021-09-24\n\n- [1236318] High CVE-2021-37978: Heap buffer overflow in Blink.\nReported by Yangkang (@dnpushme) of 360 ATA on 2021-08-04\n\n- [1247260] High CVE-2021-37979: Heap buffer overflow in WebRTC.\nReported by Marcin Towalski of Cisco Talos on 2021-09-07\n\n- [1254631] High CVE-2021-37980: Inappropriate implementation in Sandbox. Reported by Yonghwi Jin (@jinmo123) on 2021-09-30", "cvss3": {}, "published": "2021-10-11T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (7d3d94d3-2810-11ec-9c51-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_7D3D94D3281011EC9C513065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/153985", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153985);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2021-37977\",\n \"CVE-2021-37978\",\n \"CVE-2021-37979\",\n \"CVE-2021-37980\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0459-S\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (7d3d94d3-2810-11ec-9c51-3065ec8fd3ec)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Chrome Releases reports :\n\nThis release contains 4 security fixes, including :\n\n- [1252878] High CVE-2021-37977: Use after free in Garbage Collection.\nReported by Anonymous on 2021-09-24\n\n- [1236318] High CVE-2021-37978: Heap buffer overflow in Blink.\nReported by Yangkang (@dnpushme) of 360 ATA on 2021-08-04\n\n- [1247260] High CVE-2021-37979: Heap buffer overflow in WebRTC.\nReported by Marcin Towalski of Cisco Talos on 2021-09-07\n\n- [1254631] High CVE-2021-37980: Inappropriate implementation in\nSandbox. Reported by Yonghwi Jin (@jinmo123) on 2021-09-30\");\n # https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7bd0fdf5\");\n # https://vuxml.freebsd.org/freebsd/7d3d94d3-2810-11ec-9c51-3065ec8fd3ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fc0f86bd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37979\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<94.0.4606.81\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:35", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 96.0.1054.57. It is, therefore, affected by multiple vulnerabilities as referenced in the December 14, 2021 advisory.\n\n - Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4102)\n\n - Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-4098)\n\n - Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4099)\n\n - Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4100)\n\n - Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4101)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-14T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 96.0.1054.57 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4098", "CVE-2021-4099", "CVE-2021-4100", "CVE-2021-4101", "CVE-2021-4102"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_96_0_1054_57.NASL", "href": "https://www.tenable.com/plugins/nessus/156077", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156077);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-4098\",\n \"CVE-2021-4099\",\n \"CVE-2021-4100\",\n \"CVE-2021-4101\",\n \"CVE-2021-4102\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/29\");\n script_xref(name:\"IAVA\", value:\"2021-A-0576-S\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 96.0.1054.57 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 96.0.1054.57. It is, therefore, affected\nby multiple vulnerabilities as referenced in the December 14, 2021 advisory.\n\n - Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4102)\n\n - Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who\n had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-4098)\n\n - Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4099)\n\n - Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4100)\n\n - Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4101)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#december-14-2021\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f5dd1e14\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4101\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-4102\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 96.0.1054.57 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4102\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '96.0.1054.57' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:24", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the fb9ba490-5cc4-11ec-aac7-3065ec8fd3ec advisory.\n\n - Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4102)\n\n - Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-4098)\n\n - Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4099)\n\n - Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4100)\n\n - Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4101)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-14T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (fb9ba490-5cc4-11ec-aac7-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4098", "CVE-2021-4099", "CVE-2021-4100", "CVE-2021-4101", "CVE-2021-4102"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_FB9BA4905CC411ECAAC73065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/156053", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156053);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-4098\",\n \"CVE-2021-4099\",\n \"CVE-2021-4100\",\n \"CVE-2021-4101\",\n \"CVE-2021-4102\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/29\");\n script_xref(name:\"IAVA\", value:\"2021-A-0576-S\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (fb9ba490-5cc4-11ec-aac7-3065ec8fd3ec)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple\nvulnerabilities as referenced in the fb9ba490-5cc4-11ec-aac7-3065ec8fd3ec advisory.\n\n - Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4102)\n\n - Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who\n had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-4098)\n\n - Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4099)\n\n - Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4100)\n\n - Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4101)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?84db7651\");\n # https://vuxml.freebsd.org/freebsd/fb9ba490-5cc4-11ec-aac7-3065ec8fd3ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a2ebf783\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4102\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'chromium<96.0.4664.110'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:24", "description": "The version of Google Chrome installed on the remote macOS host is prior to 96.0.4664.110. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_12_stable-channel-update-for-desktop_13 advisory.\n\n - Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4102)\n\n - Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-4098)\n\n - Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4099)\n\n - Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4100)\n\n - Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4101)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-13T00:00:00", "type": "nessus", "title": "Google Chrome < 96.0.4664.110 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4098", "CVE-2021-4099", "CVE-2021-4100", "CVE-2021-4101", "CVE-2021-4102"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_96_0_4664_110.NASL", "href": "https://www.tenable.com/plugins/nessus/156034", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156034);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-4098\",\n \"CVE-2021-4099\",\n \"CVE-2021-4100\",\n \"CVE-2021-4101\",\n \"CVE-2021-4102\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0576-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/29\");\n\n script_name(english:\"Google Chrome < 96.0.4664.110 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 96.0.4664.110. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2021_12_stable-channel-update-for-desktop_13 advisory.\n\n - Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4102)\n\n - Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who\n had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-4098)\n\n - Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4099)\n\n - Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4100)\n\n - Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4101)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?84db7651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1263457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1270658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1272068\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1262080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1278387\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 96.0.4664.110 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4102\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'96.0.4664.110', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:47", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1600-1 advisory.\n\n - Insufficient data validation in Mojo. (CVE-2021-4098)\n\n - Use after free in Swiftshader. (CVE-2021-4099)\n\n - Object lifecycle issue in ANGLE. (CVE-2021-4100)\n\n - Heap buffer overflow in Swiftshader. (CVE-2021-4101)\n\n - Use after free in V8. (CVE-2021-4102)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-21T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1600-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4098", "CVE-2021-4099", "CVE-2021-4100", "CVE-2021-4101", "CVE-2021-4102"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-1600.NASL", "href": "https://www.tenable.com/plugins/nessus/156217", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1600-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156217);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-4098\",\n \"CVE-2021-4099\",\n \"CVE-2021-4100\",\n \"CVE-2021-4101\",\n \"CVE-2021-4102\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/29\");\n script_xref(name:\"IAVA\", value:\"2021-A-0576-S\");\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1600-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1600-1 advisory.\n\n - Insufficient data validation in Mojo. (CVE-2021-4098)\n\n - Use after free in Swiftshader. (CVE-2021-4099)\n\n - Object lifecycle issue in ANGLE. (CVE-2021-4100)\n\n - Heap buffer overflow in Swiftshader. (CVE-2021-4101)\n\n - Use after free in V8. (CVE-2021-4102)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1193713\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LGS65TJIBHZIF3QKXXU62A2KR5NRUCPQ/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?eeb2894b\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4101\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4102\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4102\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-96.0.4664.110-bp153.2.48.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-96.0.4664.110-bp153.2.48.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:09", "description": "The version of Google Chrome installed on the remote Windows host is prior to 96.0.4664.110. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_12_stable-channel-update-for-desktop_13 advisory.\n\n - Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4102)\n\n - Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-4098)\n\n - Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4099)\n\n - Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4100)\n\n - Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4101)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-13T00:00:00", "type": "nessus", "title": "Google Chrome < 96.0.4664.110 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4098", "CVE-2021-4099", "CVE-2021-4100", "CVE-2021-4101", "CVE-2021-4102"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_96_0_4664_110.NASL", "href": "https://www.tenable.com/plugins/nessus/156033", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156033);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2021-4098\",\n \"CVE-2021-4099\",\n \"CVE-2021-4100\",\n \"CVE-2021-4101\",\n \"CVE-2021-4102\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0576-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/29\");\n\n script_name(english:\"Google Chrome < 96.0.4664.110 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 96.0.4664.110. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2021_12_stable-channel-update-for-desktop_13 advisory.\n\n - Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4102)\n\n - Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who\n had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-4098)\n\n - Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4099)\n\n - Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4100)\n\n - Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4101)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?84db7651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1263457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1270658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1272068\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1262080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1278387\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 96.0.4664.110 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4102\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'96.0.4664.110', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:59:00", "description": "The version of Google Chrome installed on the remote macOS host is prior to 94.0.4606.81. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop advisory.\n\n - heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37979)\n\n - Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)\n\n - Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)\n\n - Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows. (CVE-2021-37980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-07T00:00:00", "type": "nessus", "title": "Google Chrome < 94.0.4606.81 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980"], "modified": "2021-11-15T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_94_0_4606_81.NASL", "href": "https://www.tenable.com/plugins/nessus/153932", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153932);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/15\");\n\n script_cve_id(\n \"CVE-2021-37977\",\n \"CVE-2021-37978\",\n \"CVE-2021-37979\",\n \"CVE-2021-37980\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0459-S\");\n\n script_name(english:\"Google Chrome < 94.0.4606.81 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 94.0.4606.81. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop advisory.\n\n - heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who\n convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted\n HTML page. (CVE-2021-37979)\n\n - Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)\n\n - Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)\n\n - Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker\n to potentially bypass site isolation via Windows. (CVE-2021-37980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7bd0fdf5\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1252878\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1236318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1247260\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1254631\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 94.0.4606.81 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37979\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'94.0.4606.81', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:59:15", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 94.0.992.47. It is, therefore, affected by multiple vulnerabilities as referenced in the October 11, 2021 advisory.\n\n - heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37979)\n\n - Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)\n\n - Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)\n\n - Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows. (CVE-2021-37980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-11T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 94.0.992.47 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980"], "modified": "2021-11-15T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_94_0_992_47.NASL", "href": "https://www.tenable.com/plugins/nessus/153995", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153995);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/15\");\n\n script_cve_id(\n \"CVE-2021-37977\",\n \"CVE-2021-37978\",\n \"CVE-2021-37979\",\n \"CVE-2021-37980\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0459-S\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 94.0.992.47 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 94.0.992.47. It is, therefore, affected\nby multiple vulnerabilities as referenced in the October 11, 2021 advisory.\n\n - heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who\n convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted\n HTML page. (CVE-2021-37979)\n\n - Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)\n\n - Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)\n\n - Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker\n to potentially bypass site isolation via Windows. (CVE-2021-37980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#october-11-2021\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3a3f355a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37979\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37980\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 94.0.992.47 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37979\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '94.0.992.47' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:59:00", "description": "The version of Google Chrome installed on the remote Windows host is prior to 94.0.4606.81. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop advisory.\n\n - heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37979)\n\n - Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)\n\n - Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)\n\n - Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows. (CVE-2021-37980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-07T00:00:00", "type": "nessus", "title": "Google Chrome < 94.0.4606.81 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_94_0_4606_81.NASL", "href": "https://www.tenable.com/plugins/nessus/153931", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153931);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2021-37977\",\n \"CVE-2021-37978\",\n \"CVE-2021-37979\",\n \"CVE-2021-37980\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0459-S\");\n\n script_name(english:\"Google Chrome < 94.0.4606.81 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 94.0.4606.81. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2021_10_stable-channel-update-for-desktop advisory.\n\n - heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who\n convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted\n HTML page. (CVE-2021-37979)\n\n - Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)\n\n - Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)\n\n - Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker\n to potentially bypass site isolation via Windows. (CVE-2021-37980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7bd0fdf5\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1252878\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1236318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1247260\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1254631\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 94.0.4606.81 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37979\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'94.0.4606.81', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-04T14:33:42", "description": "The remote host is affected by the vulnerability described in GLSA-202201-02 (Chromium, Google Chrome: Multiple vulnerabilities)\n\n - Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page. (CVE-2021-30565)\n\n - Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit stack corruption via a crafted HTML page.\n (CVE-2021-30566)\n\n - Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture. (CVE-2021-30567)\n\n - Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30568)\n\n - Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30569)\n\n - Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-30571)\n\n - Use after free in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30572)\n\n - Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30573)\n\n - Use after free in protocol handling in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30574)\n\n - Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-30575)\n\n - Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-30576, CVE-2021-30581)\n\n - Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file. (CVE-2021-30577)\n\n - Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (CVE-2021-30578)\n\n - Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30579)\n\n - Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page. (CVE-2021-30580)\n\n - Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-30582)\n\n - Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-30583)\n\n - Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-30584)\n\n - Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30585)\n\n - Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30586)\n\n - Inappropriate implementation in Compositing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-30587)\n\n - Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30588)\n\n - Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link. (CVE-2021-30589)\n\n - Heap buffer overflow in Bookmarks in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30590)\n\n - Use after free in File System API in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30591)\n\n - Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page. (CVE-2021-30592)\n\n - Out of bounds read in Tab Strip in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page.\n (CVE-2021-30593)\n\n - Use after free in Page Info UI in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device. (CVE-2021-30594)\n\n - Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-30596)\n\n - Use after free in Browser UI in Google Chrome on Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device. (CVE-2021-30597)\n\n - Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (CVE-2021-30598, CVE-2021-30599)\n\n - Use after free in Printing in Google Chrome prior to 92.0.4515.159 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-30600)\n\n - Use after free in Extensions API in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-30601)\n\n - Use after free in WebRTC in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to visit a malicious website to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-30602)\n\n - Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30603)\n\n - Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30604)\n\n - Chromium: CVE-2021-30606 Use after free in Blink (CVE-2021-30606)\n\n - Chromium: CVE-2021-30607 Use after free in Permissions (CVE-2021-30607)\n\n - Chromium: CVE-2021-30608 Use after free in Web Share (CVE-2021-30608)\n\n - Chromium: CVE-2021-30609 Use after free in Sign-In (CVE-2021-30609)\n\n - Chromium: CVE-2021-30610 Use after free in Extensions API (CVE-2021-30610)\n\n - Chromium: CVE-2021-30611 Use after free in WebRTC (CVE-2021-30611)\n\n - Chromium: CVE-2021-30612 Use after free in WebRTC (CVE-2021-30612)\n\n - Chromium: CVE-2021-30613 Use after free in Base internals (CVE-2021-30613)\n\n - Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip (CVE-2021-30614)\n\n - Chromium: CVE-2021-30615 Cross-origin data leak in Navigation (CVE-2021-30615)\n\n - Chromium: CVE-2021-30616 Use after free in Media (CVE-2021-30616)\n\n - Chromium: CVE-2021-30617 Policy bypass in Blink (CVE-2021-30617)\n\n - Chromium: CVE-2021-30618 Inappropriate implementation in DevTools (CVE-2021-30618)\n\n - Chromium: CVE-2021-30619 UI Spoofing in Autofill (CVE-2021-30619)\n\n - Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink (CVE-2021-30620)\n\n - Chromium: CVE-2021-30621 UI Spoofing in Autofill (CVE-2021-30621)\n\n - Chromium: CVE-2021-30622 Use after free in WebApp Installs (CVE-2021-30622)\n\n - Chromium: CVE-2021-30623 Use after free in Bookmarks (CVE-2021-30623)\n\n - Chromium: CVE-2021-30624 Use after free in Autofill (CVE-2021-30624)\n\n - Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30625)\n\n - Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30626)\n\n - Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30627)\n\n - Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (CVE-2021-30628)\n\n - Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-30629)\n\n - Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (CVE-2021-30630)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2021-30631, CVE-2021-37960)\n\n - Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30632)\n\n - Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-30633)\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\n - Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37961)\n\n - Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37962)\n\n - Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to bypass site isolation via a crafted HTML page. (CVE-2021-37963)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-37965, CVE-2021-37968)\n\n - Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37966)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (CVE-2021-37967)\n\n - Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37970)\n\n - Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37971)\n\n - Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37973)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\n - Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)\n\n - Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)\n\n - heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37979)\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)\n\n - Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\n - Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37985)\n\n - Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37986)\n\n - Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37987)\n\n - Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37988)\n\n - Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page. (CVE-2021-37989)\n\n - Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app. (CVE-2021-37990)\n\n - Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37991)\n\n - Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37992)\n\n - Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)\n\n - Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-37994)\n\n - Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-37995)\n\n - Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file. (CVE-2021-37996)\n\n - Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37997)\n\n - Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37998)\n\n - Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.\n (CVE-2021-37999)\n\n - Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.\n (CVE-2021-38000)\n\n - Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38001)\n\n - Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-38002)\n\n - Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38003)\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\n - Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38009)\n\n - Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.\n (CVE-2021-38010)\n\n - Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-38013)\n\n - Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38014)\n\n - Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (CVE-2021-38015)\n\n - Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (CVE-2021-38016)\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-38018)\n\n - Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38019)\n\n - Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-38020)\n\n - Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38021)\n\n - Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38022)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-31T00:00:00", "type": "nessus", "title": "GLSA-202201-02 : Chromium, Google Chrome: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-30565", "CVE-2021-30566", "CVE-2021-30567", "CVE-2021-30568", "CVE-2021-30569", "CVE-2021-30571", "CVE-2021-30572", "CVE-2021-30573", "CVE-2021-30574", "CVE-2021-30575", "CVE-2021-30576", "CVE-2021-30577", "CVE-2021-30578", "CVE-2021-30579", "CVE-2021-30580", "CVE-2021-30581", "CVE-2021-30582", "CVE-2021-30583", "CVE-2021-30584", "CVE-2021-30585", "CVE-2021-30586", "CVE-2021-30587", "CVE-2021-30588", "CVE-2021-30589", "CVE-2021-30590", "CVE-2021-30591", "CVE-2021-30592", "CVE-2021-30593", "CVE-2021-30594", "CVE-2021-30596", "CVE-2021-30597", "CVE-2021-30598", "CVE-2021-30599", "CVE-2021-30600", "CVE-2021-30601", "CVE-2021-30602", "CVE-2021-30603", "CVE-2021-30604", "CVE-2021-30606", "CVE-2021-30607", "CVE-2021-30608", "CVE-2021-30609", "CVE-2021-30610", "CVE-2021-30611", "CVE-2021-30612", "CVE-2021-30613", "CVE-2021-30614", "CVE-2021-30615", "CVE-2021-30616", "CVE-2021-30617", "CVE-2021-30618", "CVE-2021-30619", "CVE-2021-30620", "CVE-2021-30621", "CVE-2021-30622", "CVE-2021-30623", "CVE-2021-30624", "CVE-2021-30625", "CVE-2021-30626", "CVE-2021-30627", "CVE-2021-30628", "CVE-2021-30629", "CVE-2021-30630", "CVE-2021-30631", "CVE-2021-30632", "CVE-2021-30633", "CVE-2021-37956", "CVE-2021-37957", "CVE-2021-37958", "CVE-2021-37959", "CVE-2021-37960", "CVE-2021-37961", "CVE-2021-37962", "CVE-2021-37963", "CVE-2021-37965", "CVE-2021-37966", "CVE-2021-37967", "CVE-2021-37968", "CVE-2021-37970", "CVE-2021-37971", "CVE-2021-37973", "CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996", "CVE-2021-37997", "CVE-2021-37998", "CVE-2021-37999", "CVE-2021-38000", "CVE-2021-38001", "CVE-2021-38002", "CVE-2021-38003", "CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022", "CVE-2021-4098", "CVE-2021-4099", "CVE-2021-4100", "CVE-2021-4101", "CVE-2021-4102", "CVE-2022-0096", "CVE-2022-0097", "CVE-2022-0098", "CVE-2022-0099", "CVE-2022-0100", "CVE-2022-0101", "CVE-2022-0102", "CVE-2022-0103", "CVE-2022-0104", "CVE-2022-0105", "CVE-2022-0106", "CVE-2022-0107", "CVE-2022-0108", "CVE-2022-0109", "CVE-2022-0110", "CVE-2022-0111", "CVE-2022-0112", "CVE-2022-0113", "CVE-2022-0114", "CVE-2022-0115", "CVE-2022-0116", "CVE-2022-0117", "CVE-2022-0118", "CVE-2022-0120", "CVE-2022-0289", "CVE-2022-0290", "CVE-2022-0291", "CVE-2022-0292", "CVE-2022-0293", "CVE-2022-0294", "CVE-2022-0295", "CVE-2022-0296", "CVE-2022-0297", "CVE-2022-0298", "CVE-2022-0300", "CVE-2022-0301", "CVE-2022-0302", "CVE-2022-0303", "CVE-2022-0304", "CVE-2022-0305", "CVE-2022-0306", "CVE-2022-0307", "CVE-2022-0308", "CVE-2022-0309", "CVE-2022-0310", "CVE-2022-0311"], "modified": "2022-02-03T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:chromium", "p-cpe:/a:gentoo:linux:google-chrome", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202201-02.NASL", "href": "https://www.tenable.com/plugins/nessus/157241", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202201-02.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157241);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/03\");\n\n script_cve_id(\n \"CVE-2021-4098\",\n \"CVE-2021-4099\",\n \"CVE-2021-4100\",\n \"CVE-2021-4101\",\n \"CVE-2021-4102\",\n \"CVE-2021-30565\",\n \"CVE-2021-30566\",\n \"CVE-2021-30567\",\n \"CVE-2021-30568\",\n \"CVE-2021-30569\",\n \"CVE-2021-30571\",\n \"CVE-2021-30572\",\n \"CVE-2021-30573\",\n \"CVE-2021-30574\",\n \"CVE-2021-30575\",\n \"CVE-2021-30576\",\n \"CVE-2021-30577\",\n \"CVE-2021-30578\",\n \"CVE-2021-30579\",\n \"CVE-2021-30580\",\n \"CVE-2021-30581\",\n \"CVE-2021-30582\",\n \"CVE-2021-30583\",\n \"CVE-2021-30584\",\n \"CVE-2021-30585\",\n \"CVE-2021-30586\",\n \"CVE-2021-30587\",\n \"CVE-2021-30588\",\n \"CVE-2021-30589\",\n \"CVE-2021-30590\",\n \"CVE-2021-30591\",\n \"CVE-2021-30592\",\n \"CVE-2021-30593\",\n \"CVE-2021-30594\",\n \"CVE-2021-30596\",\n \"CVE-2021-30597\",\n \"CVE-2021-30598\",\n \"CVE-2021-30599\",\n \"CVE-2021-30600\",\n \"CVE-2021-30601\",\n \"CVE-2021-30602\",\n \"CVE-2021-30603\",\n \"CVE-2021-30604\",\n \"CVE-2021-30606\",\n \"CVE-2021-30607\",\n \"CVE-2021-30608\",\n \"CVE-2021-30609\",\n \"CVE-2021-30610\",\n \"CVE-2021-30611\",\n \"CVE-2021-30612\",\n \"CVE-2021-30613\",\n \"CVE-2021-30614\",\n \"CVE-2021-30615\",\n \"CVE-2021-30616\",\n \"CVE-2021-30617\",\n \"CVE-2021-30618\",\n \"CVE-2021-30619\",\n \"CVE-2021-30620\",\n \"CVE-2021-30621\",\n \"CVE-2021-30622\",\n \"CVE-2021-30623\",\n \"CVE-2021-30624\",\n \"CVE-2021-30625\",\n \"CVE-2021-30626\",\n \"CVE-2021-30627\",\n \"CVE-2021-30628\",\n \"CVE-2021-30629\",\n \"CVE-2021-30630\",\n \"CVE-2021-30631\",\n \"CVE-2021-30632\",\n \"CVE-2021-30633\",\n \"CVE-2021-37956\",\n \"CVE-2021-37957\",\n \"CVE-2021-37958\",\n \"CVE-2021-37959\",\n \"CVE-2021-37960\",\n \"CVE-2021-37961\",\n \"CVE-2021-37962\",\n \"CVE-2021-37963\",\n \"CVE-2021-37965\",\n \"CVE-2021-37966\",\n \"CVE-2021-37967\",\n \"CVE-2021-37968\",\n \"CVE-2021-37970\",\n \"CVE-2021-37971\",\n \"CVE-2021-37973\",\n \"CVE-2021-37974\",\n \"CVE-2021-37975\",\n \"CVE-2021-37976\",\n \"CVE-2021-37977\",\n \"CVE-2021-37978\",\n \"CVE-2021-37979\",\n \"CVE-2021-37981\",\n \"CVE-2021-37982\",\n \"CVE-2021-37983\",\n \"CVE-2021-37984\",\n \"CVE-2021-37985\",\n \"CVE-2021-37986\",\n \"CVE-2021-37987\",\n \"CVE-2021-37988\",\n \"CVE-2021-37989\",\n \"CVE-2021-37990\",\n \"CVE-2021-37991\",\n \"CVE-2021-37992\",\n \"CVE-2021-37993\",\n \"CVE-2021-37994\",\n \"CVE-2021-37995\",\n \"CVE-2021-37996\",\n \"CVE-2021-37997\",\n \"CVE-2021-37998\",\n \"CVE-2021-37999\",\n \"CVE-2021-38000\",\n \"CVE-2021-38001\",\n \"CVE-2021-38002\",\n \"CVE-2021-38003\",\n \"CVE-2021-38005\",\n \"CVE-2021-38006\",\n \"CVE-2021-38007\",\n \"CVE-2021-38008\",\n \"CVE-2021-38009\",\n \"CVE-2021-38010\",\n \"CVE-2021-38011\",\n \"CVE-2021-38012\",\n \"CVE-2021-38013\",\n \"CVE-2021-38014\",\n \"CVE-2021-38015\",\n \"CVE-2021-38016\",\n \"CVE-2021-38017\",\n \"CVE-2021-38018\",\n \"CVE-2021-38019\",\n \"CVE-2021-38020\",\n \"CVE-2021-38021\",\n \"CVE-2021-38022\",\n \"CVE-2022-0096\",\n \"CVE-2022-0097\",\n \"CVE-2022-0098\",\n \"CVE-2022-0099\",\n \"CVE-2022-0100\",\n \"CVE-2022-0101\",\n \"CVE-2022-0102\",\n \"CVE-2022-0103\",\n \"CVE-2022-0104\",\n \"CVE-2022-0105\",\n \"CVE-2022-0106\",\n \"CVE-2022-0107\",\n \"CVE-2022-0108\",\n \"CVE-2022-0109\",\n \"CVE-2022-0110\",\n \"CVE-2022-0111\",\n \"CVE-2022-0112\",\n \"CVE-2022-0113\",\n \"CVE-2022-0114\",\n \"CVE-2022-0115\",\n \"CVE-2022-0116\",\n \"CVE-2022-0117\",\n \"CVE-2022-0118\",\n \"CVE-2022-0120\",\n \"CVE-2022-0289\",\n \"CVE-2022-0290\",\n \"CVE-2022-0291\",\n \"CVE-2022-0292\",\n \"CVE-2022-0293\",\n \"CVE-2022-0294\",\n \"CVE-2022-0295\",\n \"CVE-2022-0296\",\n \"CVE-2022-0297\",\n \"CVE-2022-0298\",\n \"CVE-2022-0300\",\n \"CVE-2022-0301\",\n \"CVE-2022-0302\",\n \"CVE-2022-0303\",\n \"CVE-2022-0304\",\n \"CVE-2022-0305\",\n \"CVE-2022-0306\",\n \"CVE-2022-0307\",\n \"CVE-2022-0308\",\n \"CVE-2022-0309\",\n \"CVE-2022-0310\",\n \"CVE-2022-0311\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0346-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0361-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0385-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0401-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0411-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0438-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0448-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0449-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0459-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0491-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0522-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0555-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0576-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0001-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0042-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/12/29\");\n\n script_name(english:\"GLSA-202201-02 : Chromium, Google Chrome: Multiple vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202201-02 (Chromium, Google Chrome: Multiple\nvulnerabilities)\n\n - Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an\n attacker who convinced a user to install a malicious extension to perform an out of bounds memory write\n via a crafted HTML page. (CVE-2021-30565)\n\n - Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who\n had compromised the renderer process to potentially exploit stack corruption via a crafted HTML page.\n (CVE-2021-30566)\n\n - Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a\n user to open DevTools to potentially exploit heap corruption via specific user gesture. (CVE-2021-30567)\n\n - Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30568)\n\n - Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-30569)\n\n - Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker\n who convinced a user to install a malicious extension to potentially perform a sandbox escape via a\n crafted HTML page. (CVE-2021-30571)\n\n - Use after free in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30572)\n\n - Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-30573)\n\n - Use after free in protocol handling in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30574)\n\n - Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-30575)\n\n - Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-30576, CVE-2021-30581)\n\n - Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote\n attacker to perform local privilege escalation via a crafted file. (CVE-2021-30577)\n\n - Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform\n out of bounds memory access via a crafted HTML page. (CVE-2021-30578)\n\n - Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30579)\n\n - Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an\n attacker who convinced a user to install a malicious application to obtain potentially sensitive\n information via a crafted HTML page. (CVE-2021-30580)\n\n - Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote\n attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-30582)\n\n - Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107\n allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-30583)\n\n - Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote\n attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-30584)\n\n - Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote\n attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30585)\n\n - Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an\n attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via\n a crafted HTML page. (CVE-2021-30586)\n\n - Inappropriate implementation in Compositing in Google Chrome prior to 92.0.4515.107 allowed a remote\n attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-30587)\n\n - Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-30588)\n\n - Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a\n remote attacker to bypass navigation restrictions via a crafted click-to-call link. (CVE-2021-30589)\n\n - Heap buffer overflow in Bookmarks in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30590)\n\n - Use after free in File System API in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30591)\n\n - Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who\n convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted\n HTML page. (CVE-2021-30592)\n\n - Out of bounds read in Tab Strip in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced\n a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page.\n (CVE-2021-30593)\n\n - Use after free in Page Info UI in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to\n potentially exploit heap corruption via physical access to the device. (CVE-2021-30594)\n\n - Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote\n attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-30596)\n\n - Use after free in Browser UI in Google Chrome on Chrome prior to 92.0.4515.131 allowed a remote attacker\n to potentially exploit heap corruption via physical access to the device. (CVE-2021-30597)\n\n - Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute\n arbitrary code inside a sandbox via a crafted HTML page. (CVE-2021-30598, CVE-2021-30599)\n\n - Use after free in Printing in Google Chrome prior to 92.0.4515.159 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-30600)\n\n - Use after free in Extensions API in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced\n a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-30601)\n\n - Use after free in WebRTC in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user\n to visit a malicious website to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-30602)\n\n - Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-30603)\n\n - Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-30604)\n\n - Chromium: CVE-2021-30606 Use after free in Blink (CVE-2021-30606)\n\n - Chromium: CVE-2021-30607 Use after free in Permissions (CVE-2021-30607)\n\n - Chromium: CVE-2021-30608 Use after free in Web Share (CVE-2021-30608)\n\n - Chromium: CVE-2021-30609 Use after free in Sign-In (CVE-2021-30609)\n\n - Chromium: CVE-2021-30610 Use after free in Extensions API (CVE-2021-30610)\n\n - Chromium: CVE-2021-30611 Use after free in WebRTC (CVE-2021-30611)\n\n - Chromium: CVE-2021-30612 Use after free in WebRTC (CVE-2021-30612)\n\n - Chromium: CVE-2021-30613 Use after free in Base internals (CVE-2021-30613)\n\n - Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip (CVE-2021-30614)\n\n - Chromium: CVE-2021-30615 Cross-origin data leak in Navigation (CVE-2021-30615)\n\n - Chromium: CVE-2021-30616 Use after free in Media (CVE-2021-30616)\n\n - Chromium: CVE-2021-30617 Policy bypass in Blink (CVE-2021-30617)\n\n - Chromium: CVE-2021-30618 Inappropriate implementation in DevTools (CVE-2021-30618)\n\n - Chromium: CVE-2021-30619 UI Spoofing in Autofill (CVE-2021-30619)\n\n - Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink (CVE-2021-30620)\n\n - Chromium: CVE-2021-30621 UI Spoofing in Autofill (CVE-2021-30621)\n\n - Chromium: CVE-2021-30622 Use after free in WebApp Installs (CVE-2021-30622)\n\n - Chromium: CVE-2021-30623 Use after free in Bookmarks (CVE-2021-30623)\n\n - Chromium: CVE-2021-30624 Use after free in Autofill (CVE-2021-30624)\n\n - Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who\n convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML\n page. (CVE-2021-30625)\n\n - Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30626)\n\n - Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30627)\n\n - Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to\n potentially exploit stack corruption via a crafted HTML page. (CVE-2021-30628)\n\n - Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-30629)\n\n - Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who\n had compromised the renderer process to leak cross-origin data via a crafted HTML page. (CVE-2021-30630)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2021-30631,\n CVE-2021-37960)\n\n - Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-30632)\n\n - Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-30633)\n\n - Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37956)\n\n - Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37957)\n\n - Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a\n remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. (CVE-2021-37958)\n\n - Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a\n user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37959)\n\n - Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37961)\n\n - Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who\n had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37962)\n\n - Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote\n attacker to bypass site isolation via a crafted HTML page. (CVE-2021-37963)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a\n remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-37965, CVE-2021-37968)\n\n - Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a\n remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37966)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a\n remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML\n page. (CVE-2021-37967)\n\n - Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37970)\n\n - Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker\n to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2021-37971)\n\n - Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37973)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to\n obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\n - Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37977)\n\n - Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37978)\n\n - heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who\n convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted\n HTML page. (CVE-2021-37979)\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37982)\n\n - Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37983)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\n - Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a\n user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37985)\n\n - Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37986)\n\n - Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37987)\n\n - Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced\n a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37988)\n\n - Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n abuse content security policy via a crafted HTML page. (CVE-2021-37989)\n\n - Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote\n attacker to leak cross-origin data via a crafted app. (CVE-2021-37990)\n\n - Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2021-37991)\n\n - Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37992)\n\n - Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37993)\n\n - Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote\n attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-37994)\n\n - Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote\n attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-37995)\n\n - Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a\n remote attacker to bypass navigation restrictions via a malicious file. (CVE-2021-37996)\n\n - Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a\n user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37997)\n\n - Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37998)\n\n - Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote\n attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.\n (CVE-2021-37999)\n\n - Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69\n allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.\n (CVE-2021-38000)\n\n - Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38001)\n\n - Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-38002)\n\n - Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38003)\n\n - Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38005)\n\n - Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38006, CVE-2021-38011)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38007, CVE-2021-38012)\n\n - Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38008)\n\n - Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n leak cross-origin data via a crafted HTML page. (CVE-2021-38009)\n\n - Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.\n (CVE-2021-38010)\n\n - Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed\n a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via\n a crafted HTML page. (CVE-2021-38013)\n\n - Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38014)\n\n - Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who\n convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome\n Extension. (CVE-2021-38015)\n\n - Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a\n remote attacker to bypass same origin policy via a crafted HTML page. (CVE-2021-38016)\n\n - Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38017)\n\n - Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-38018)\n\n - Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker\n to leak cross-origin data via a crafted HTML page. (CVE-2021-38019)\n\n - Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45\n allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2021-38020)\n\n - Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker\n to bypass navigation restrictions via a crafted HTML page. (CVE-2021-38021)\n\n - Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote\n attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-38022)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202201-02\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=803167\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=806223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=808715\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=811348\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=813035\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=814221\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=814617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=815673\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=816984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=819054\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=820689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=824274\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=829190\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=830642\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=831624\");\n script_set_attribute(attribute:\"solution\", value:\n\"All Chromium users should upgrade to the latest version:\n\n\t\t\t# emerge --sync\n\t\t\t# emerge --ask --oneshot --verbose\n\t\t\t>=www-client/chromium-97.0.4692.99\n\t\t\nAll Google Chrome users should upgrade to the latest version:\n\n\t\t\t# emerge --sync\n\t\t\t# emerge --ask --oneshot --verbose\n\t\t\t>=www-client/google-chrome-97.0.4692.99\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38017\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:google-chrome\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : \"www-client/google-chrome\",\n 'unaffected' : make_list(\"ge 97.0.4692.99\"),\n 'vulnerable' : make_list(\"lt 97.0.4692.99\")\n },\n {\n 'name' : \"www-client/chromium\",\n 'unaffected' : make_list(\"ge 97.0.4692.99\"),\n 'vulnerable' : make_list(\"lt 97.0.4692.99\")\n }\n];\n\nforeach package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium / Google Chrome\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:33:45", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 94.0.992.38. It is, therefore, affected by multiple vulnerabilities as referenced in the October 1, 2021 advisory.\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-01T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 94.0.992.38 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_94_0_992_38.NASL", "href": "https://www.tenable.com/plugins/nessus/153839", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153839);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2021-37974\", \"CVE-2021-37975\", \"CVE-2021-37976\");\n script_xref(name:\"IAVA\", value:\"2021-A-0449-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 94.0.992.38 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 94.0.992.38. It is, therefore, affected\nby multiple vulnerabilities as referenced in the October 1, 2021 advisory.\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to\n obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#october-1-2021\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fc68e93b\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-37976\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 94.0.992.38 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37975\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '94.0.992.38' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:33:45", "description": "The version of Google Chrome installed on the remote Windows host is prior to 94.0.4606.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_09_stable-channel-update-for-desktop_30 advisory.\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-01T00:00:00", "type": "nessus", "title": "Google Chrome < 94.0.4606.71 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_94_0_4606_71.NASL", "href": "https://www.tenable.com/plugins/nessus/153829", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153829);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2021-37974\", \"CVE-2021-37975\", \"CVE-2021-37976\");\n script_xref(name:\"IAVA\", value:\"2021-A-0449-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"Google Chrome < 94.0.4606.71 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 94.0.4606.71. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2021_09_stable-channel-update-for-desktop_30 advisory.\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to\n obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_30.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?afe6895d\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1245578\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1252918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1251787\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 94.0.4606.71 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37975\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'94.0.4606.71', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:33:11", "description": "The version of Google Chrome installed on the remote macOS host is prior to 94.0.4606.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021_09_stable-channel-update-for-desktop_30 advisory.\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-01T00:00:00", "type": "nessus", "title": "Google Chrome < 94.0.4606.71 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_94_0_4606_71.NASL", "href": "https://www.tenable.com/plugins/nessus/153828", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153828);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2021-37974\", \"CVE-2021-37975\", \"CVE-2021-37976\");\n script_xref(name:\"IAVA\", value:\"2021-A-0449-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"Google Chrome < 94.0.4606.71 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 94.0.4606.71. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2021_09_stable-channel-update-for-desktop_30 advisory.\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to\n obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_30.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?afe6895d\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1245578\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1252918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1251787\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 94.0.4606.71 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37975\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'94.0.4606.71', severity:SECURITY_WARNING, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:24", "description": "The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1358-1 advisory.\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-17T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : opera (openSUSE-SU-2021:1358-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:opera", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-1358.NASL", "href": "https://www.tenable.com/plugins/nessus/154196", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1358-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154196);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2021-37974\", \"CVE-2021-37975\", \"CVE-2021-37976\");\n script_xref(name:\"IAVA\", value:\"2021-A-0449-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"openSUSE 15 Security Update : opera (openSUSE-SU-2021:1358-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1358-1 advisory.\n\n - Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-37974)\n\n - Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-37975)\n\n - Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to\n obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2021-37976)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JAX3Q57Z6FBAZI5TMEFWFYPK5JXVPRKE/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?63f6d5ec\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37976\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected opera package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37975\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.2', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'opera-80.0.4170.16-lp152.2.70.1', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'opera');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:58:59", "description": "Chrome Releases/Stable updates reports :\n\nThis release contains 4 security fixes, including :\n\n- [1245578] High CVE-2021-37974: Use after free in Safe Browsing.\nReported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-09-01\n\n- [1252918] High CVE-2021-37975: Use after free in V8. Reported by Anonymous on 2021-09-24\n\n- [1251787] Medium CVE-2021-37976: Information leak in core. Reported by Clement Lecigne from Google TAG, with technical assistance from Sergei Glazunov and Mark Brand from Google Project Zero on 2021-09-21\n\nGoogle is aware the exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild.", "cvss3": {}, "published": "2021-10-05T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (777edbbe-2230-11ec-8869-704d7b472482)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_777EDBBE223011EC8869704D7B472482.NASL", "href": "https://www.tenable.com/plugins/nessus/153871", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153871);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2021-37974\", \"CVE-2021-37975\", \"CVE-2021-37976\");\n script_xref(name:\"IAVA\", value:\"2021-A-0449-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (777edbbe-2230-11ec-8869-704d7b472482)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Chrome Releases/Stable updates reports :\n\nThis release contains 4 security fixes, including :\n\n- [1245578] High CVE-2021-37974: Use after free in Safe Browsing.\nReported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at\nQi'anxin Group on 2021-09-01\n\n- [1252918] High CVE-2021-37975: Use after free in V8. Reported by\nAnonymous on 2021-09-24\n\n- [1251787] Medium CVE-2021-37976: Information leak in core. Reported\nby Clement Lecigne from Google TAG, with technical assistance from\nSergei Glazunov and Mark Brand from Google Project Zero on 2021-09-21\n\nGoogle is aware the exploits for CVE-2021-37975 and CVE-2021-37976\nexist in the wild.\");\n # https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_30.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?afe6895d\");\n # https://vuxml.freebsd.org/freebsd/777edbbe-2230-11ec-8869-704d7b472482.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dd516a9e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-37975\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"chromium<94.0.4606.71\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-08T15:16:18", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0070-1 advisory.\n\n - Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30625)\n\n - Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30626)\n\n - Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30627)\n\n - Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (CVE-2021-30628)\n\n - Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (CVE-2021-30630)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2021-30631)\n\n - Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30632)\n\n - Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-30633)\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\n - Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37987)\n\n - Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page. (CVE-2021-37989)\n\n - Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37992)\n\n - Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file. (CVE-2021-37996)\n\n - Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37998)\n\n - Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38001)\n\n - Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-38002)\n\n - Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38003)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-05T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : nodejs-electron (openSUSE-SU-2022:0070-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-30625", "CVE-2021-30626", "CVE-2021-30627", "CVE-2021-30628", "CVE-2021-30630", "CVE-2021-30631", "CVE-2021-30632", "CVE-2021-30633", "CVE-2021-37981", "CVE-2021-37984", "CVE-2021-37987", "CVE-2021-37989", "CVE-2021-37992", "CVE-2021-37996", "CVE-2021-37998", "CVE-2021-38001", "CVE-2021-38002", "CVE-2021-38003"], "modified": "2022-05-06T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:nodejs-electron", "p-cpe:/a:novell:opensuse:nodejs-electron-devel", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0070-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158639", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0070-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158639);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2021-30625\",\n \"CVE-2021-30626\",\n \"CVE-2021-30627\",\n \"CVE-2021-30628\",\n \"CVE-2021-30630\",\n \"CVE-2021-30631\",\n \"CVE-2021-30632\",\n \"CVE-2021-30633\",\n \"CVE-2021-37981\",\n \"CVE-2021-37984\",\n \"CVE-2021-37987\",\n \"CVE-2021-37989\",\n \"CVE-2021-37992\",\n \"CVE-2021-37996\",\n \"CVE-2021-37998\",\n \"CVE-2021-38001\",\n \"CVE-2021-38002\",\n \"CVE-2021-38003\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0411-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0491-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0522-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n\n script_name(english:\"openSUSE 15 Security Update : nodejs-electron (openSUSE-SU-2022:0070-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0070-1 advisory.\n\n - Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who\n convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML\n page. (CVE-2021-30625)\n\n - Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30626)\n\n - Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30627)\n\n - Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to\n potentially exploit stack corruption via a crafted HTML page. (CVE-2021-30628)\n\n - Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who\n had compromised the renderer process to leak cross-origin data via a crafted HTML page. (CVE-2021-30630)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2021-30631)\n\n - Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-30632)\n\n - Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-30633)\n\n - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had\n compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2021-37981)\n\n - Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37984)\n\n - Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37987)\n\n - Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n abuse content security policy via a crafted HTML page. (CVE-2021-37989)\n\n - Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37992)\n\n - Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a\n remote attacker to bypass navigation restrictions via a malicious file. (CVE-2021-37996)\n\n - Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-37998)\n\n - Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-38001)\n\n - Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially perform a sandbox escape via a crafted HTML page. (CVE-2021-38002)\n\n - Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-38003)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/G2JZKFAH5MWINMQLTSYZ2GQCLX5UGIGE/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?09a3d8c4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30626\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30627\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30628\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30630\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-30633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37981\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37987\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37989\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37996\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-37998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38001\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-38003\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected nodejs-electron and / or nodejs-electron-devel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38003\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-38002\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs-electron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs-electron-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'nodejs-electron-16.0.9-bp153.2.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nodejs-electron-devel-16.0.9-bp153.2.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'nodejs-electron / nodejs-electron-devel');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "archlinux": [{"lastseen": "2023-05-23T16:20:51", "description": "Arch Linux Security Advisory ASA-202112-1\n=========================================\n\nSeverity: High\nDate : 2021-12-03\nCVE-ID : CVE-2021-37981 CVE-2021-37982 CVE-2021-37984 CVE-2021-37985\nCVE-2021-37986 CVE-2021-37987 CVE-2021-37988 CVE-2021-37989\nCVE-2021-37990 CVE-2021-37991 CVE-2021-37992 CVE-2021-37993\nCVE-2021-37994 CVE-2021-37995 CVE-2021-37996 CVE-2021-37998\nCVE-2021-38000 CVE-2021-38001 CVE-2021-38003 CVE-2021-38004\nCVE-2021-38005 CVE-2021-38006 CVE-2021-38007 CVE-2021-38008\nCVE-2021-38009 CVE-2021-38010 CVE-2021-38011 CVE-2021-38012\nCVE-2021-38013 CVE-2021-38014 CVE-2021-38015 CVE-2021-38016\nCVE-2021-38017 CVE-2021-38018 CVE-2021-38019 CVE-2021-38020\nCVE-2021-38021 CVE-2021-38022\nPackage : vivaldi\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-2475\n\nSummary\n=======\n\nThe package vivaldi before version 5.0.2497.24-1 is vulnerable to\nmultiple issues including arbitrary code execution, insufficient\nvalidation, access restriction bypass, content spoofing, information\ndisclosure, same-origin policy bypass, sandbox escape and denial of\nservice.\n\nResolution\n==========\n\nUpgrade to 5.0.2497.24-1.\n\n# pacman -Syu \"vivaldi>=5.0.2497.24-1\"\n\nThe problems have been fixed upstream in version 5.0.2497.24.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-37981 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the Skia\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37982 (arbitrary code execution)\n\nA use after free security issue has been found in the Incognito\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37984 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the PDFium\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37985 (arbitrary code execution)\n\nA use after free security issue has been found in the V8 component of\nthe Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37986 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the Settings\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37987 (arbitrary code execution)\n\nA use after free security issue has been found in the Network APIs\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37988 (arbitrary code execution)\n\nA use after free security issue has been found in the Profiles\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37989 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\nBlink component of the Chromium browser engine before version\n95.0.4638.54.\n\n- CVE-2021-37990 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\nWebView component of the Chromium browser engine before version\n95.0.4638.54.\n\n- CVE-2021-37991 (arbitrary code execution)\n\nA race security issue has been found in the V8 component of the\nChromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37992 (information disclosure)\n\nAn out of bounds read security issue has been found in the WebAudio\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37993 (arbitrary code execution)\n\nA use after free security issue has been found in the PDF Accessibility\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37994 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\niFrame Sandbox component of the Chromium browser engine before version\n95.0.4638.54.\n\n- CVE-2021-37995 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\nWebApp Installer component of the Chromium browser engine before\nversion 95.0.4638.54.\n\n- CVE-2021-37996 (insufficient validation)\n\nAn insufficient validation of untrusted input security issue has been\nfound in the Downloads component of the Chromium browser engine before\nversion 95.0.4638.54.\n\n- CVE-2021-37998 (arbitrary code execution)\n\nA use after free security issue has been found in the Garbage\nCollection component of the Chromium browser engine before version\n95.0.4638.69.\n\n- CVE-2021-38000 (insufficient validation)\n\nAn insufficient validation of untrusted input security issue has been\nfound in the Intents component of the Chromium browser engine before\nversion 95.0.4638.69. Google is aware that an exploit for\nCVE-2021-38000 exists in the wild.\n\n- CVE-2021-38001 (arbitrary code execution)\n\nA type confusion security issue has been found in the V8 component of\nthe Chromium browser engine before version 95.0.4638.69.\n\n- CVE-2021-38003 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the V8\ncomponent of the Chromium browser engine before version 95.0.4638.69.\nGoogle is aware that an exploit for CVE-2021-38003 exists in the wild.\n\n- CVE-2021-38004 (access restriction bypass)\n\nAn insufficient policy enforcement security issue has been found in the\nAutofill component of the Chromium browser engine before version\n95.0.4638.69.\n\n- CVE-2021-38005 (arbitrary code execution)\n\nA use after free security issue has been found in the loader component\nof the Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38006 (arbitrary code execution)\n\nA use after free security issue has been found in the storage\nfoundation component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38007 (arbitrary code execution)\n\nA type confusion security issue has been found in the V8 component of\nthe Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38008 (arbitrary code execution)\n\nA use after free security issue has been found in the media component\nof the Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38009 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\ncache component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38010 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\nservice workers component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38011 (arbitrary code execution)\n\nA use after free security issue has been found in the storage\nfoundation component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38012 (arbitrary code execution)\n\nA type confusion security issue has been found in the V8 component of\nthe Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38013 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the fingerprint\nrecognition component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38014 (arbitrary code execution)\n\nAn out of bounds write security issue has been found in the Swiftshader\ncomponent of the Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38015 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\ninput component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38016 (access restriction bypass)\n\nAn insufficient policy enforcement security issue has been found in the\nbackground fetch component of the Chromium browser engine before\nversion 96.0.4664.45.\n\n- CVE-2021-38017 (sandbox escape)\n\nAn insufficient policy enforcement security issue has been found in the\niframe sandbox component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38018 (content spoofing)\n\nAn inappropriate implementation security issue has been found in the\nnavigation component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38019 (same-origin policy bypass)\n\nAn insufficient policy enforcement security issue has been found in the\nCORS component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38020 (information disclosure)\n\nAn insufficient policy enforcement security issue has been found in the\ncontacts picker component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38021 (information disclosure)\n\nAn inappropriate implementation security issue has been found in the\nreferrer component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38022 (denial of service)\n\nAn inappropriate implementation security issue has been found in the\nWebAuthentication component of the Chromium browser engine before\nversion 96.0.4664.45.\n\nImpact\n======\n\nA remote attacker could execute arbitrary code, disclose sensitive\ninformation, spoof content, bypass security restrictions or crash the\nbrowser through crafted web content. Google is aware that exploits for\ntwo of the security issues exist in the wild.\n\nReferences\n==========\n\nhttps://vivaldi.com/blog/desktop/update-three-4-3/\nhttps://vivaldi.com/blog/desktop/further-updates-to-theme-sharing-vivaldi-browser-snapshot-2488-3/\nhttps://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html\nhttps://crbug.com/1246631\nhttps://crbug.com/1248661\nhttps://crbug.com/1253399\nhttps://crbug.com/1241860\nhttps://crbug.com/1242404\nhttps://crbug.com/1206928\nhttps://crbug.com/1228248\nhttps://crbug.com/1233067\nhttps://crbug.com/1247395\nhttps://crbug.com/1250660\nhttps://crbug.com/1253746\nhttps://crbug.com/1255332\nhttps://crbug.com/1100761\nhttps://crbug.com/1242315\nhttps://crbug.com/1243020\nhttps://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html\nhttps://crbug.com/1259587\nhttps://crbug.com/1249962\nhttps://crbug.com/1260577\nhttps://crbug.com/1263462\nhttps://crbug.com/1227170\nhttps://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html\nhttps://crbug.com/1241091\nhttps://crbug.com/1240593\nhttps://crbug.com/1254189\nhttps://crbug.com/1263620\nhttps://crbug.com/1260649\nhttps://crbug.com/1264477\nhttps://crbug.com/1268274\nhttps://crbug.com/1262791\nhttps://crbug.com/1242392\nhttps://crbug.com/1248567\nhttps://crbug.com/957553\nhttps://crbug.com/1244289\nhttps://crbug.com/1256822\nhttps://crbug.com/1197889\nhttps://crbug.com/1251179\nhttps://crbug.com/1259694\nhttps://crbug.com/1233375\nhttps://crbug.com/1248862\nhttps://security.archlinux.org/CVE-2021-37981\nhttps://security.archlinux.org/CVE-2021-37982\nhttps://security.archlinux.org/CVE-2021-37984\nhttps://security.archlinux.org/CVE-2021-37985\nhttps://security.archlinux.org/CVE-2021-37986\nhttps://security.archlinux.org/CVE-2021-37987\nhttps://security.archlinux.org/CVE-2021-37988\nhttps://security.archlinux.org/CVE-2021-37989\nhttps://security.archlinux.org/CVE-2021-37990\nhttps://security.archlinux.org/CVE-2021-37991\nhttps://security.archlinux.org/CVE-2021-37992\nhttps://security.archlinux.org/CVE-2021-37993\nhttps://security.archlinux.org/CVE-2021-37994\nhttps://security.archlinux.org/CVE-2021-37995\nhttps://security.archlinux.org/CVE-2021-37996\nhttps://security.archlinux.org/CVE-2021-37998\nhttps://security.archlinux.org/CVE-2021-38000\nhttps://security.archlinux.org/CVE-2021-38001\nhttps://security.archlinux.org/CVE-2021-38003\nhttps://security.archlinux.org/CVE-2021-38004\nhttps://security.archlinux.org/CVE-2021-38005\nhttps://security.archlinux.org/CVE-2021-38006\nhttps://security.archlinux.org/CVE-2021-38007\nhttps://security.archlinux.org/CVE-2021-38008\nhttps://security.archlinux.org/CVE-2021-38009\nhttps://security.archlinux.org/CVE-2021-38010\nhttps://security.archlinux.org/CVE-2021-38011\nhttps://security.archlinux.org/CVE-2021-38012\nhttps://security.archlinux.org/CVE-2021-38013\nhttps://security.archlinux.org/CVE-2021-38014\nhttps://security.archlinux.org/CVE-2021-38015\nhttps://security.archlinux.org/CVE-2021-38016\nhttps://security.archlinux.org/CVE-2021-38017\nhttps://security.archlinux.org/CVE-2021-38018\nhttps://security.archlinux.org/CVE-2021-38019\nhttps://security.archlinux.org/CVE-2021-38020\nhttps://security.archlinux.org/CVE-2021-38021\nhttps://security.archlinux.org/CVE-2021-38022", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-12-03T00:00:00", "type": "archlinux", "title": "[ASA-202112-1] vivaldi: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996", "CVE-2021-37998", "CVE-2021-38000", "CVE-2021-38001", "CVE-2021-38003", "CVE-2021-38004", "CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022"], "modified": "2021-12-03T00:00:00", "id": "ASA-202112-1", "href": "https://security.archlinux.org/ASA-202112-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-23T16:20:51", "description": "Arch Linux Security Advisory ASA-202111-9\n=========================================\n\nSeverity: High\nDate : 2021-11-18\nCVE-ID : CVE-2021-38005 CVE-2021-38006 CVE-2021-38007 CVE-2021-38008\nCVE-2021-38009 CVE-2021-38010 CVE-2021-38011 CVE-2021-38012\nCVE-2021-38013 CVE-2021-38014 CVE-2021-38015 CVE-2021-38016\nCVE-2021-38017 CVE-2021-38018 CVE-2021-38019 CVE-2021-38020\nCVE-2021-38021 CVE-2021-38022\nPackage : chromium\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-2560\n\nSummary\n=======\n\nThe package chromium before version 96.0.4664.45-1 is vulnerable to\nmultiple issues including arbitrary code execution, access restriction\nbypass, content spoofing, information disclosure, same-origin policy\nbypass, sandbox escape and denial of service.\n\nResolution\n==========\n\nUpgrade to 96.0.4664.45-1.\n\n# pacman -Syu \"chromium>=96.0.4664.45-1\"\n\nThe problems have been fixed upstream in version 96.0.4664.45.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-38005 (arbitrary code execution)\n\nA use after free security issue has been found in the loader component\nof the Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38006 (arbitrary code execution)\n\nA use after free security issue has been found in the storage\nfoundation component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38007 (arbitrary code execution)\n\nA type confusion security issue has been found in the V8 component of\nthe Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38008 (arbitrary code execution)\n\nA use after free security issue has been found in the media component\nof the Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38009 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\ncache component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38010 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\nservice workers component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38011 (arbitrary code execution)\n\nA use after free security issue has been found in the storage\nfoundation component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38012 (arbitrary code execution)\n\nA type confusion security issue has been found in the V8 component of\nthe Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38013 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the fingerprint\nrecognition component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38014 (arbitrary code execution)\n\nAn out of bounds write security issue has been found in the Swiftshader\ncomponent of the Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38015 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\ninput component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38016 (access restriction bypass)\n\nAn insufficient policy enforcement security issue has been found in the\nbackground fetch component of the Chromium browser engine before\nversion 96.0.4664.45.\n\n- CVE-2021-38017 (sandbox escape)\n\nAn insufficient policy enforcement security issue has been found in the\niframe sandbox component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38018 (content spoofing)\n\nAn inappropriate implementation security issue has been found in the\nnavigation component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38019 (same-origin policy bypass)\n\nAn insufficient policy enforcement security issue has been found in the\nCORS component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38020 (information disclosure)\n\nAn insufficient policy enforcement security issue has been found in the\ncontacts picker component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38021 (information disclosure)\n\nAn inappropriate implementation security issue has been found in the\nreferrer component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38022 (denial of service)\n\nAn inappropriate implementation security issue has been found in the\nWebAuthentication component of the Chromium browser engine before\nversion 96.0.4664.45.\n\nImpact\n======\n\nA remote attacker could execute arbitrary code, spoof content, bypass\nsecurity restrictions or crash the browser through crafted web content.\n\nReferences\n==========\n\nhttps://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html\nhttps://crbug.com/1241091\nhttps://crbug.com/1240593\nhttps://crbug.com/1254189\nhttps://crbug.com/1263620\nhttps://crbug.com/1260649\nhttps://crbug.com/1264477\nhttps://crbug.com/1268274\nhttps://crbug.com/1262791\nhttps://crbug.com/1242392\nhttps://crbug.com/1248567\nhttps://crbug.com/957553\nhttps://crbug.com/1244289\nhttps://crbug.com/1256822\nhttps://crbug.com/1197889\nhttps://crbug.com/1251179\nhttps://crbug.com/1259694\nhttps://crbug.com/1233375\nhttps://crbug.com/1248862\nhttps://security.archlinux.org/CVE-2021-38005\nhttps://security.archlinux.org/CVE-2021-38006\nhttps://security.archlinux.org/CVE-2021-38007\nhttps://security.archlinux.org/CVE-2021-38008\nhttps://security.archlinux.org/CVE-2021-38009\nhttps://security.archlinux.org/CVE-2021-38010\nhttps://security.archlinux.org/CVE-2021-38011\nhttps://security.archlinux.org/CVE-2021-38012\nhttps://security.archlinux.org/CVE-2021-38013\nhttps://security.archlinux.org/CVE-2021-38014\nhttps://security.archlinux.org/CVE-2021-38015\nhttps://security.archlinux.org/CVE-2021-38016\nhttps://security.archlinux.org/CVE-2021-38017\nhttps://security.archlinux.org/CVE-2021-38018\nhttps://security.archlinux.org/CVE-2021-38019\nhttps://security.archlinux.org/CVE-2021-38020\nhttps://security.archlinux.org/CVE-2021-38021\nhttps://security.archlinux.org/CVE-2021-38022", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-11-18T00:00:00", "type": "archlinux", "title": "[ASA-202111-9] chromium: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022"], "modified": "2021-11-18T00:00:00", "id": "ASA-202111-9", "href": "https://security.archlinux.org/ASA-202111-9", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-23T16:20:51", "description": "Arch Linux Security Advisory ASA-202112-2\n=========================================\n\nSeverity: High\nDate : 2021-12-03\nCVE-ID : CVE-2021-38005 CVE-2021-38006 CVE-2021-38007 CVE-2021-38008\nCVE-2021-38009 CVE-2021-38010 CVE-2021-38011 CVE-2021-38012\nCVE-2021-38013 CVE-2021-38014 CVE-2021-38015 CVE-2021-38016\nCVE-2021-38017 CVE-2021-38018 CVE-2021-38019 CVE-2021-38020\nCVE-2021-38021 CVE-2021-38022\nPackage : opera\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-2563\n\nSummary\n=======\n\nThe package opera before version 82.0.4227.23-1 is vulnerable to\nmultiple issues including arbitrary code execution, access restriction\nbypass, content spoofing, information disclosure, same-origin policy\nbypass, sandbox escape and denial of service.\n\nResolution\n==========\n\nUpgrade to 82.0.4227.23-1.\n\n# pacman -Syu \"opera>=82.0.4227.23-1\"\n\nThe problems have been fixed upstream in version 82.0.4227.23.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-38005 (arbitrary code execution)\n\nA use after free security issue has been found in the loader component\nof the Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38006 (arbitrary code execution)\n\nA use after free security issue has been found in the storage\nfoundation component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38007 (arbitrary code execution)\n\nA type confusion security issue has been found in the V8 component of\nthe Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38008 (arbitrary code execution)\n\nA use after free security issue has been found in the media component\nof the Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38009 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\ncache component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38010 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\nservice workers component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38011 (arbitrary code execution)\n\nA use after free security issue has been found in the storage\nfoundation component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38012 (arbitrary code execution)\n\nA type confusion security issue has been found in the V8 component of\nthe Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38013 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the fingerprint\nrecognition component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38014 (arbitrary code execution)\n\nAn out of bounds write security issue has been found in the Swiftshader\ncomponent of the Chromium browser engine before version 96.0.4664.45.\n\n- CVE-2021-38015 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\ninput component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38016 (access restriction bypass)\n\nAn insufficient policy enforcement security issue has been found in the\nbackground fetch component of the Chromium browser engine before\nversion 96.0.4664.45.\n\n- CVE-2021-38017 (sandbox escape)\n\nAn insufficient policy enforcement security issue has been found in the\niframe sandbox component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38018 (content spoofing)\n\nAn inappropriate implementation security issue has been found in the\nnavigation component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38019 (same-origin policy bypass)\n\nAn insufficient policy enforcement security issue has been found in the\nCORS component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38020 (information disclosure)\n\nAn insufficient policy enforcement security issue has been found in the\ncontacts picker component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38021 (information disclosure)\n\nAn inappropriate implementation security issue has been found in the\nreferrer component of the Chromium browser engine before version\n96.0.4664.45.\n\n- CVE-2021-38022 (denial of service)\n\nAn inappropriate implementation security issue has been found in the\nWebAuthentication component of the Chromium browser engine before\nversion 96.0.4664.45.\n\nImpact\n======\n\nA remote attacker could execute arbitrary code, spoof content, bypass\nsecurity restrictions or crash the browser through crafted web content.\n\nReferences\n==========\n\nhttps://blogs.opera.com/desktop/changelog-for-81/\nhttps://blogs.opera.com/desktop/changelog-for-82/\nhttps://chromereleases.googleblog.com/2021/11/stable-channel-update-for-desktop.html\nhttps://crbug.com/1241091\nhttps://crbug.com/1240593\nhttps://crbug.com/1254189\nhttps://crbug.com/1263620\nhttps://crbug.com/1260649\nhttps://crbug.com/1264477\nhttps://crbug.com/1268274\nhttps://crbug.com/1262791\nhttps://crbug.com/1242392\nhttps://crbug.com/1248567\nhttps://crbug.com/957553\nhttps://crbug.com/1244289\nhttps://crbug.com/1256822\nhttps://crbug.com/1197889\nhttps://crbug.com/1251179\nhttps://crbug.com/1259694\nhttps://crbug.com/1233375\nhttps://crbug.com/1248862\nhttps://security.archlinux.org/CVE-2021-38005\nhttps://security.archlinux.org/CVE-2021-38006\nhttps://security.archlinux.org/CVE-2021-38007\nhttps://security.archlinux.org/CVE-2021-38008\nhttps://security.archlinux.org/CVE-2021-38009\nhttps://security.archlinux.org/CVE-2021-38010\nhttps://security.archlinux.org/CVE-2021-38011\nhttps://security.archlinux.org/CVE-2021-38012\nhttps://security.archlinux.org/CVE-2021-38013\nhttps://security.archlinux.org/CVE-2021-38014\nhttps://security.archlinux.org/CVE-2021-38015\nhttps://security.archlinux.org/CVE-2021-38016\nhttps://security.archlinux.org/CVE-2021-38017\nhttps://security.archlinux.org/CVE-2021-38018\nhttps://security.archlinux.org/CVE-2021-38019\nhttps://security.archlinux.org/CVE-2021-38020\nhttps://security.archlinux.org/CVE-2021-38021\nhttps://security.archlinux.org/CVE-2021-38022", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-12-03T00:00:00", "type": "archlinux", "title": "[ASA-202112-2] opera: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022"], "modified": "2021-12-03T00:00:00", "id": "ASA-202112-2", "href": "https://security.archlinux.org/ASA-202112-2", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-23T16:20:53", "description": "Arch Linux Security Advisory ASA-202110-2\n=========================================\n\nSeverity: High\nDate : 2021-10-21\nCVE-ID : CVE-2021-37981 CVE-2021-37982 CVE-2021-37983 CVE-2021-37984\nCVE-2021-37985 CVE-2021-37986 CVE-2021-37987 CVE-2021-37988\nCVE-2021-37989 CVE-2021-37990 CVE-2021-37991 CVE-2021-37992\nCVE-2021-37993 CVE-2021-37994 CVE-2021-37995 CVE-2021-37996\nPackage : chromium\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-2474\n\nSummary\n=======\n\nThe package chromium before version 95.0.4638.54-1 is vulnerable to\nmultiple issues including arbitrary code execution, information\ndisclosure and insufficient validation.\n\nResolution\n==========\n\nUpgrade to 95.0.4638.54-1.\n\n# pacman -Syu \"chromium>=95.0.4638.54-1\"\n\nThe problems have been fixed upstream in version 95.0.4638.54.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-37981 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the Skia\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37982 (arbitrary code execution)\n\nA use after free security issue has been found in the Incognito\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37983 (arbitrary code execution)\n\nA use after free security issue has been found in the Dev Tools\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37984 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the PDFium\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37985 (arbitrary code execution)\n\nA use after free security issue has been found in the V8 component of\nthe Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37986 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the Settings\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37987 (arbitrary code execution)\n\nA use after free security issue has been found in the Network APIs\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37988 (arbitrary code execution)\n\nA use after free security issue has been found in the Profiles\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37989 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\nBlink component of the Chromium browser engine before version\n95.0.4638.54.\n\n- CVE-2021-37990 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\nWebView component of the Chromium browser engine before version\n95.0.4638.54.\n\n- CVE-2021-37991 (arbitrary code execution)\n\nA race security issue has been found in the V8 component of the\nChromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37992 (information disclosure)\n\nAn out of bounds read security issue has been found in the WebAudio\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37993 (arbitrary code execution)\n\nA use after free security issue has been found in the PDF Accessibility\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37994 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\niFrame Sandbox component of the Chromium browser engine before version\n95.0.4638.54.\n\n- CVE-2021-37995 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\nWebApp Installer component of the Chromium browser engine before\nversion 95.0.4638.54.\n\n- CVE-2021-37996 (insufficient validation)\n\nAn insufficient validation of untrusted input security issue has been\nfound in the Downloads component of the Chromium browser engine before\nversion 95.0.4638.54.\n\nImpact\n======\n\nA remote attacker could execute arbitrary code or disclose sensitive\ninformation through crafted web content.\n\nReferences\n==========\n\nhttps://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html\nhttps://crbug.com/1246631\nhttps://crbug.com/1248661\nhttps://crbug.com/1249810\nhttps://crbug.com/1253399\nhttps://crbug.com/1241860\nhttps://crbug.com/1242404\nhttps://crbug.com/1206928\nhttps://crbug.com/1228248\nhttps://crbug.com/1233067\nhttps://crbug.com/1247395\nhttps://crbug.com/1250660\nhttps://crbug.com/1253746\nhttps://crbug.com/1255332\nhttps://crbug.com/1100761\nhttps://crbug.com/1242315\nhttps://crbug.com/1243020\nhttps://security.archlinux.org/CVE-2021-37981\nhttps://security.archlinux.org/CVE-2021-37982\nhttps://security.archlinux.org/CVE-2021-37983\nhttps://security.archlinux.org/CVE-2021-37984\nhttps://security.archlinux.org/CVE-2021-37985\nhttps://security.archlinux.org/CVE-2021-37986\nhttps://security.archlinux.org/CVE-2021-37987\nhttps://security.archlinux.org/CVE-2021-37988\nhttps://security.archlinux.org/CVE-2021-37989\nhttps://security.archlinux.org/CVE-2021-37990\nhttps://security.archlinux.org/CVE-2021-37991\nhttps://security.archlinux.org/CVE-2021-37992\nhttps://security.archlinux.org/CVE-2021-37993\nhttps://security.archlinux.org/CVE-2021-37994\nhttps://security.archlinux.org/CVE-2021-37995\nhttps://security.archlinux.org/CVE-2021-37996", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-10-21T00:00:00", "type": "archlinux", "title": "[ASA-202110-2] chromium: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996"], "modified": "2021-10-21T00:00:00", "id": "ASA-202110-2", "href": "https://security.archlinux.org/ASA-202110-2", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-23T16:20:52", "description": "Arch Linux Security Advisory ASA-202111-4\n=========================================\n\nSeverity: High\nDate : 2021-11-05\nCVE-ID : CVE-2021-37981 CVE-2021-37982 CVE-2021-37983 CVE-2021-37984\nCVE-2021-37985 CVE-2021-37986 CVE-2021-37987 CVE-2021-37988\nCVE-2021-37989 CVE-2021-37990 CVE-2021-37991 CVE-2021-37992\nCVE-2021-37993 CVE-2021-37994 CVE-2021-37995 CVE-2021-37996\nPackage : opera\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-2468\n\nSummary\n=======\n\nThe package opera before version 81.0.4196.31-1 is vulnerable to\nmultiple issues including arbitrary code execution, information\ndisclosure and insufficient validation.\n\nResolution\n==========\n\nUpgrade to 81.0.4196.31-1.\n\n# pacman -Syu \"opera>=81.0.4196.31-1\"\n\nThe problems have been fixed upstream in version 81.0.4196.31.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-37981 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the Skia\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37982 (arbitrary code execution)\n\nA use after free security issue has been found in the Incognito\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37983 (arbitrary code execution)\n\nA use after free security issue has been found in the Dev Tools\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37984 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the PDFium\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37985 (arbitrary code execution)\n\nA use after free security issue has been found in the V8 component of\nthe Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37986 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the Settings\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37987 (arbitrary code execution)\n\nA use after free security issue has been found in the Network APIs\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37988 (arbitrary code execution)\n\nA use after free security issue has been found in the Profiles\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37989 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\nBlink component of the Chromium browser engine before version\n95.0.4638.54.\n\n- CVE-2021-37990 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\nWebView component of the Chromium browser engine before version\n95.0.4638.54.\n\n- CVE-2021-37991 (arbitrary code execution)\n\nA race security issue has been found in the V8 component of the\nChromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37992 (information disclosure)\n\nAn out of bounds read security issue has been found in the WebAudio\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37993 (arbitrary code execution)\n\nA use after free security issue has been found in the PDF Accessibility\ncomponent of the Chromium browser engine before version 95.0.4638.54.\n\n- CVE-2021-37994 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\niFrame Sandbox component of the Chromium browser engine before version\n95.0.4638.54.\n\n- CVE-2021-37995 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the\nWebApp Installer component of the Chromium browser engine before\nversion 95.0.4638.54.\n\n- CVE-2021-37996 (insufficient validation)\n\nAn insufficient validation of untrusted input security issue has been\nfound in the Downloads component of the Chromium browser engine before\nversion 95.0.4638.54.\n\nImpact\n======\n\nA remote attacker could execute arbitrary code or disclose sensitive\ninformation through crafted web content.\n\nReferences\n==========\n\nhttps://blogs.opera.com/desktop/changelog-for-80/\nhttps://blogs.opera.com/desktop/changelog-for-81/\nhttps://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html\nhttps://crbug.com/1246631\nhttps://crbug.com/1248661\nhttps://crbug.com/1249810\nhttps://crbug.com/1253399\nhttps://crbug.com/1241860\nhttps://crbug.com/1242404\nhttps://crbug.com/1206928\nhttps://crbug.com/1228248\nhttps://crbug.com/1233067\nhttps://crbug.com/1247395\nhttps://crbug.com/1250660\nhttps://crbug.com/1253746\nhttps://crbug.com/1255332\nhttps://crbug.com/1100761\nhttps://crbug.com/1242315\nhttps://crbug.com/1243020\nhttps://security.archlinux.org/CVE-2021-37981\nhttps://security.archlinux.org/CVE-2021-37982\nhttps://security.archlinux.org/CVE-2021-37983\nhttps://security.archlinux.org/CVE-2021-37984\nhttps://security.archlinux.org/CVE-2021-37985\nhttps://security.archlinux.org/CVE-2021-37986\nhttps://security.archlinux.org/CVE-2021-37987\nhttps://security.archlinux.org/CVE-2021-37988\nhttps://security.archlinux.org/CVE-2021-37989\nhttps://security.archlinux.org/CVE-2021-37990\nhttps://security.archlinux.org/CVE-2021-37991\nhttps://security.archlinux.org/CVE-2021-37992\nhttps://security.archlinux.org/CVE-2021-37993\nhttps://security.archlinux.org/CVE-2021-37994\nhttps://security.archlinux.org/CVE-2021-37995\nhttps://security.archlinux.org/CVE-2021-37996", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-11-05T00:00:00", "type": "archlinux", "title": "[ASA-202111-4] opera: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996"], "modified": "2021-11-05T00:00:00", "id": "ASA-202111-4", "href": "https://security.archlinux.org/ASA-202111-4", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-23T16:20:51", "description": "Arch Linux Security Advisory ASA-202112-6\n=========================================\n\nSeverity: High\nDate : 2021-12-11\nCVE-ID : CVE-2021-4052 CVE-2021-4053 CVE-2021-4054 CVE-2021-4055\nCVE-2021-4056 CVE-2021-4057 CVE-2021-4058 CVE-2021-4059\nCVE-2021-4061 CVE-2021-4062 CVE-2021-4063 CVE-2021-4064\nCVE-2021-4065 CVE-2021-4066 CVE-2021-4067 CVE-2021-4068\nPackage : chromium\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-2600\n\nSummary\n=======\n\nThe package chromium before version 96.0.4664.93-1 is vulnerable to\nmultiple issues including arbitrary code execution, content spoofing\nand insufficient validation.\n\nResolution\n==========\n\nUpgrade to 96.0.4664.93-1.\n\n# pacman -Syu \"chromium>=96.0.4664.93-1\"\n\nThe problems have been fixed upstream in version 96.0.4664.93.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-4052 (arbitrary code execution)\n\nA use after free security issue has been found in the web apps\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4053 (arbitrary code execution)\n\nA use after free security issue has been found in the UI component of\nthe Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4054 (content spoofing)\n\nAn incorrect security UI security issue has been found in the autofill\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4055 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the extensions\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4056 (arbitrary code execution)\n\nA type confusion security issue has been found in the loader component\nof the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4057 (arbitrary code execution)\n\nA use after free security issue has been found in the file API\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4058 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the ANGLE\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4059 (insufficient validation)\n\nAn insufficient data validation security issue has been found in the\nloader component of the Chromium browser engine before version\n96.0.4664.93.\n\n- CVE-2021-4061 (arbitrary code execution)\n\nA type confusion security issue has been found in the V8 component of\nthe Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4062 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the BFCache\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4063 (arbitrary code execution)\n\nA use after free security issue has been found in the developer tools\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4064 (arbitrary code execution)\n\nA use after free security issue has been found in the screen capture\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4065 (arbitrary code execution)\n\nA use after free security issue has been found in the autofill\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4066 (arbitrary code execution)\n\nAn integer underflow security issue has been found in the ANGLE\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4067 (arbitrary code execution)\n\nA use after free security issue has been found in the window manager\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4068 (insufficient validation)\n\nAn insufficient validation of untrusted input security issue has been\nfound in the new tab page component of the Chromium browser engine\nbefore version 96.0.4664.93.\n\nImpact\n======\n\nA remote attacker could execute arbitrary code or spoof content through\ncrafted web content.\n\nReferences\n==========\n\nhttps://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html\nhttps://crbug.com/1267661\nhttps://crbug.com/1267791\nhttps://crbug.com/1239760\nhttps://crbug.com/1266510\nhttps://crbug.com/1260939\nhttps://crbug.com/1262183\nhttps://crbug.com/1267496\nhttps://crbug.com/1270990\nhttps://crbug.com/1271456\nhttps://crbug.com/1272403\nhttps://crbug.com/1273176\nhttps://crbug.com/1273197\nhttps://crbug.com/1273674\nhttps://crbug.com/1274499\nhttps://crbug.com/1274641\nhttps://crbug.com/1265197\nhttps://security.archlinux.org/CVE-2021-4052\nhttps://security.archlinux.org/CVE-2021-4053\nhttps://security.archlinux.org/CVE-2021-4054\nhttps://security.archlinux.org/CVE-2021-4055\nhttps://security.archlinux.org/CVE-2021-4056\nhttps://security.archlinux.org/CVE-2021-4057\nhttps://security.archlinux.org/CVE-2021-4058\nhttps://security.archlinux.org/CVE-2021-4059\nhttps://security.archlinux.org/CVE-2021-4061\nhttps://security.archlinux.org/CVE-2021-4062\nhttps://security.archlinux.org/CVE-2021-4063\nhttps://security.archlinux.org/CVE-2021-4064\nhttps://security.archlinux.org/CVE-2021-4065\nhttps://security.archlinux.org/CVE-2021-4066\nhttps://security.archlinux.org/CVE-2021-4067\nhttps://security.archlinux.org/CVE-2021-4068", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-11T00:00:00", "type": "archlinux", "title": "[ASA-202112-6] chromium: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068"], "modified": "2021-12-11T00:00:00", "id": "ASA-202112-6", "href": "https://security.archlinux.org/ASA-202112-6", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-23T16:20:51", "description": "Arch Linux Security Advisory ASA-202112-7\n=========================================\n\nSeverity: High\nDate : 2021-12-11\nCVE-ID : CVE-2021-4052 CVE-2021-4053 CVE-2021-4054 CVE-2021-4055\nCVE-2021-4056 CVE-2021-4057 CVE-2021-4058 CVE-2021-4059\nCVE-2021-4061 CVE-2021-4062 CVE-2021-4063 CVE-2021-4064\nCVE-2021-4065 CVE-2021-4066 CVE-2021-4067 CVE-2021-4068\nPackage : vivaldi\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-2601\n\nSummary\n=======\n\nThe package vivaldi before version 5.0.2497.28-1 is vulnerable to\nmultiple issues including arbitrary code execution, content spoofing\nand insufficient validation.\n\nResolution\n==========\n\nUpgrade to 5.0.2497.28-1.\n\n# pacman -Syu \"vivaldi>=5.0.2497.28-1\"\n\nThe problems have been fixed upstream in version 5.0.2497.28.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-4052 (arbitrary code execution)\n\nA use after free security issue has been found in the web apps\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4053 (arbitrary code execution)\n\nA use after free security issue has been found in the UI component of\nthe Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4054 (content spoofing)\n\nAn incorrect security UI security issue has been found in the autofill\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4055 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the extensions\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4056 (arbitrary code execution)\n\nA type confusion security issue has been found in the loader component\nof the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4057 (arbitrary code execution)\n\nA use after free security issue has been found in the file API\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4058 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the ANGLE\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4059 (insufficient validation)\n\nAn insufficient data validation security issue has been found in the\nloader component of the Chromium browser engine before version\n96.0.4664.93.\n\n- CVE-2021-4061 (arbitrary code execution)\n\nA type confusion security issue has been found in the V8 component of\nthe Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4062 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the BFCache\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4063 (arbitrary code execution)\n\nA use after free security issue has been found in the developer tools\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4064 (arbitrary code execution)\n\nA use after free security issue has been found in the screen capture\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4065 (arbitrary code execution)\n\nA use after free security issue has been found in the autofill\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4066 (arbitrary code execution)\n\nAn integer underflow security issue has been found in the ANGLE\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4067 (arbitrary code execution)\n\nA use after free security issue has been found in the window manager\ncomponent of the Chromium browser engine before version 96.0.4664.93.\n\n- CVE-2021-4068 (insufficient validation)\n\nAn insufficient validation of untrusted input security issue has been\nfound in the new tab page component of the Chromium browser engine\nbefore version 96.0.4664.93.\n\nImpact\n======\n\nA remote attacker could execute arbitrary code or spoof content through\ncrafted web content.\n\nReferences\n==========\n\nhttps://vivaldi.com/blog/desktop/further-updates-to-theme-sharing-vivaldi-browser-snapshot-2488-3/\nhttps://vivaldi.com/blog/desktop/minor-update-5-0/\nhttps://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html\nhttps://crbug.com/1267661\nhttps://crbug.com/1267791\nhttps://crbug.com/1239760\nhttps://crbug.com/1266510\nhttps://crbug.com/1260939\nhttps://crbug.com/1262183\nhttps://crbug.com/1267496\nhttps://crbug.com/1270990\nhttps://crbug.com/1271456\nhttps://crbug.com/1272403\nhttps://crbug.com/1273176\nhttps://crbug.com/1273197\nhttps://crbug.com/1273674\nhttps://crbug.com/1274499\nhttps://crbug.com/1274641\nhttps://crbug.com/1265197\nhttps://security.archlinux.org/CVE-2021-4052\nhttps://security.archlinux.org/CVE-2021-4053\nhttps://security.archlinux.org/CVE-2021-4054\nhttps://security.archlinux.org/CVE-2021-4055\nhttps://security.archlinux.org/CVE-2021-4056\nhttps://security.archlinux.org/CVE-2021-4057\nhttps://security.archlinux.org/CVE-2021-4058\nhttps://security.archlinux.org/CVE-2021-4059\nhttps://security.archlinux.org/CVE-2021-4061\nhttps://security.archlinux.org/CVE-2021-4062\nhttps://security.archlinux.org/CVE-2021-4063\nhttps://security.archlinux.org/CVE-2021-4064\nhttps://security.archlinux.org/CVE-2021-4065\nhttps://security.archlinux.org/CVE-2021-4066\nhttps://security.archlinux.org/CVE-2021-4067\nhttps://security.archlinux.org/CVE-2021-4068", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-12-11T00:00:00", "type": "archlinux", "title": "[ASA-202112-7] vivaldi: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068"], "modified": "2021-12-11T00:00:00", "id": "ASA-202112-7", "href": "https://security.archlinux.org/ASA-202112-7", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-23T16:20:51", "description": "Arch Linux Security Advisory ASA-202111-8\n=========================================\n\nSeverity: High\nDate : 2021-11-18\nCVE-ID : CVE-2021-37997 CVE-2021-37998 CVE-2021-37999 CVE-2021-38000\nCVE-2021-38001 CVE-2021-38002 CVE-2021-38003 CVE-2021-38004\nPackage : opera\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-2525\n\nSummary\n=======\n\nThe package opera before version 81.0.4196.54-1 is vulnerable to\nmultiple issues including arbitrary code execution, insufficient\nvalidation and access restriction bypass.\n\nResolution\n==========\n\nUpgrade to 81.0.4196.54-1.\n\n# pacman -Syu \"opera>=81.0.4196.54-1\"\n\nThe problems have been fixed upstream in version 81.0.4196.54.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-37997 (arbitrary code execution)\n\nA use after free security issue has been found in the Sign-In component\nof the Chromium browser engine before version 95.0.4638.69.\n\n- CVE-2021-37998 (arbitrary code execution)\n\nA use after free security issue has been found in the Garbage\nCollection component of the Chromium browser engine before version\n95.0.4638.69.\n\n- CVE-2021-37999 (insufficient validation)\n\nAn insufficient data validation security issue has been found in the\nNew Tab Page component of the Chromium browser engine before version\n95.0.4638.69.\n\n- CVE-2021-38000 (insufficient validation)\n\nAn insufficient validation of untrusted input security issue has been\nfound in the Intents component of the Chromium browser engine before\nversion 95.0.4638.69. Google is aware that an exploit for\nCVE-2021-38000 exists in the wild.\n\n- CVE-2021-38001 (arbitrary code execution)\n\nA type confusion security issue has been found in the V8 component of\nthe Chromium browser engine before version 95.0.4638.69.\n\n- CVE-2021-38002 (arbitrary code execution)\n\nA use after free security issue has been found in the Web Transport\ncomponent of the Chromium browser engine before version 95.0.4638.69.\n\n- CVE-2021-38003 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the V8\ncomponent of the Chromium browser engine before version 95.0.4638.69.\nGoogle is aware that an exploit for CVE-2021-38003 exists in the wild.\n\n- CVE-2021-38004 (access restriction bypass)\n\nAn insufficient policy enforcement security issue has been found in the\nAutofill component of the Chromium browser engine before version\n95.0.4638.69.\n\nImpact\n======\n\nA remote attacker could execute arbitrary code through crafted web\ncontent. Google is aware that exploits for two of the security issues\nexist in the wild.\n\nReferences\n==========\n\nhttps://blogs.opera.com/desktop/changelog-for-81/\nhttps://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html\nhttps://crbug.com/1259864\nhttps://crbug.com/1259587\nhttps://crbug.com/1251541\nhttps://crbug.com/1249962\nhttps://crbug.com/1260577\nhttps://crbug.com/1260940\nhttps://crbug.com/1263462\nhttps://crbug.com/1227170\nhttps://security.archlinux.org/CVE-2021-37997\nhttps://security.archlinux.org/CVE-2021-37998\nhttps://security.archlinux.org/CVE-2021-37999\nhttps://security.archlinux.org/CVE-2021-38000\nhttps://security.archlinux.org/CVE-2021-38001\nhttps://security.archlinux.org/CVE-2021-38002\nhttps://security.archlinux.org/CVE-2021-38003\nhttps://security.archlinux.org/CVE-2021-38004", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-11-18T00:00:00", "type": "archlinux", "title": "[ASA-202111-8] opera: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37997", "CVE-2021-37998", "CVE-2021-37999", "CVE-2021-38000", "CVE-2021-38001", "CVE-2021-38002", "CVE-2021-38003", "CVE-2021-38004"], "modified": "2021-11-18T00:00:00", "id": "ASA-202111-8", "href": "https://security.archlinux.org/ASA-202111-8", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-23T16:20:53", "description": "Arch Linux Security Advisory ASA-202110-7\n=========================================\n\nSeverity: High\nDate : 2021-10-29\nCVE-ID : CVE-2021-37997 CVE-2021-37998 CVE-2021-37999 CVE-2021-38000\nCVE-2021-38001 CVE-2021-38002 CVE-2021-38003\nPackage : chromium\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-2504\n\nSummary\n=======\n\nThe package chromium before version 95.0.4638.69-1 is vulnerable to\nmultiple issues including arbitrary code execution and insufficient\nvalidation.\n\nResolution\n==========\n\nUpgrade to 95.0.4638.69-1.\n\n# pacman -Syu \"chromium>=95.0.4638.69-1\"\n\nThe problems have been fixed upstream in version 95.0.4638.69.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-37997 (arbitrary code execution)\n\nA use after free security issue has been found in the Sign-In component\nof the Chromium browser engine before version 95.0.4638.69.\n\n- CVE-2021-37998 (arbitrary code execution)\n\nA use after free security issue has been found in the Garbage\nCollection component of the Chromium browser engine before version\n95.0.4638.69.\n\n- CVE-2021-37999 (insufficient validation)\n\nAn insufficient data validation security issue has been found in the\nNew Tab Page component of the Chromium browser engine before version\n95.0.4638.69.\n\n- CVE-2021-38000 (insufficient validation)\n\nAn insufficient validation of untrusted input security issue has been\nfound in the Intents component of the Chromium browser engine before\nversion 95.0.4638.69. Google is aware that an exploit for\nCVE-2021-38000 exists in the wild.\n\n- CVE-2021-38001 (arbitrary code execution)\n\nA type confusion security issue has been found in the V8 component of\nthe Chromium browser engine before version 95.0.4638.69.\n\n- CVE-2021-38002 (arbitrary code execution)\n\nA use after free security issue has been found in the Web Transport\ncomponent of the Chromium browser engine before version 95.0.4638.69.\n\n- CVE-2021-38003 (arbitrary code execution)\n\nAn inappropriate implementation security issue has been found in the V8\ncomponent of the Chromium browser engine before version 95.0.4638.69.\nGoogle is aware that an exploit for CVE-2021-38003 exists in the wild.\n\nImpact\n======\n\nA remote attacker could execute arbitrary code through crafted web\ncontent. Google is aware that exploits for two of the security issues\nexist in the wild.\n\nReferences\n==========\n\nhttps://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_28.html\nhttps://crbug.com/1259864\nhttps://crbug.com/1259587\nhttps://crbug.com/1251541\nhttps://crbug.com/1249962\nhttps://crbug.com/1260577\nhttps://crbug.com/1260940\nhttps://crbug.com/1263462\nhttps://security.archlinux.org/CVE-2021-37997\nhttps://security.archlinux.org/CVE-2021-37998\nhttps://security.archlinux.org/CVE-2021-37999\nhttps://security.archlinux.org/CVE-2021-38000\nhttps://security.archlinux.org/CVE-2021-38001\nhttps://security.archlinux.org/CVE-2021-38002\nhttps://security.archlinux.org/CVE-2021-38003", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-10-29T00:00:00", "type": "archlinux", "title": "[ASA-202110-7] chromium: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37997", "CVE-2021-37998", "CVE-2021-37999", "CVE-2021-38000", "CVE-2021-38001", "CVE-2021-38002", "CVE-2021-38003"], "modified": "2021-10-29T00:00:00", "id": "ASA-202110-7", "href": "https://security.archlinux.org/ASA-202110-7", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-23T16:20:52", "description": "Arch Linux Security Advisory ASA-202110-8\n=========================================\n\nSeverity: High\nDate : 2021-10-29\nCVE-ID : CVE-2021-37977 CVE-2021-37978 CVE-2021-37979 CVE-2021-37980\nPackage : opera\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-2444\n\nSummary\n=======\n\nThe package opera before version 80.0.4170.63-1 is vulnerable to\nmultiple issues including arbitrary code execution and sandbox escape.\n\nResolution\n==========\n\nUpgrade to 80.0.4170.63-1.\n\n# pacman -Syu \"opera>=80.0.4170.63-1\"\n\nThe problems have been fixed upstream in version 80.0.4170.63.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-37977 (arbitrary code execution)\n\nA use after free security issue has been found in the Garbage\nCollection component of the Chromium browser engine before version\n94.0.4606.81.\n\n- CVE-2021-37978 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the Blink\ncomponent of the Chromium browser engine before version 94.0.4606.81.\n\n- CVE-2021-37979 (arbitrary code execution)\n\nA heap buffer overflow security issue has been found in the WebRTC\ncomponent of the Chromium browser engine before version 94.0.4606.81.\n\n- CVE-2021-37980 (sandbox escape)\n\nAn inappropriate implementation security issue has been found in the\nSandbox component of the Chromium browser engine before version\n94.0.4606.81.\n\nImpact\n======\n\nA remote attacker could execute arbitrary code or disclose sensitive\ninformation through crafted web content.\n\nReferences\n==========\n\nhttps://blogs.opera.com/desktop/changelog-for-80/\nhttps://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop.html\nhttps://crbug.com/1252878\nhttps://crbug.com/1236318\nhttps://crbug.com/1247260\nhttps://crbug.com/1254631\nhttps://security.archlinux.org/CVE-2021-37977\nhttps://security.archlinux.org/CVE-2021-37978\nhttps://security.archlinux.org/CVE-2021-37979\nhttps://security.archlinux.org/CVE-2021-37980", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-10-29T00:00:00", "type": "archlinux", "title": "[ASA-202110-8] opera: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980"], "modified": "2021-10-29T00:00:00", "id": "ASA-202110-8", "href": "https://security.archlinux.org/ASA-202110-8", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2022-11-10T08:09:55", "description": "An update that fixes 36 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n - Ensure newer libs and LLVM is used on Leap (boo#1192310)\n - Explicitly BuildRequire python3-six.\n\n Chromium 96.0.4664.93 (boo#1193519):\n\n * CVE-2021-4052: Use after free in web apps\n * CVE-2021-4053: Use after free in UI\n * CVE-2021-4079: Out of bounds write in WebRTC\n * CVE-2021-4054: Incorrect security UI in autofill\n * CVE-2021-4078: Type confusion in V8\n * CVE-2021-4055: Heap buffer overflow in extensions\n * CVE-2021-4056: Type Confusion in loader\n * CVE-2021-4057: Use after free in file API\n * CVE-2021-4058: Heap buffer overflow in ANGLE\n * CVE-2021-4059: Insufficient data validation in loader\n * CVE-2021-4061: Type Confusion in V8\n * CVE-2021-4062: Heap buffer overflow in BFCache\n * CVE-2021-4063: Use after free in developer tools\n * CVE-2021-4064: Use after free in screen capture\n * CVE-2021-4065: Use after free in autofill\n * CVE-2021-4066: Integer underflow in ANGLE\n * CVE-2021-4067: Use after free in window manager\n * CVE-2021-4068: Insufficient validation of untrusted input in new tab page\n\n Chromium 96.0.4664.45 (boo#1192734):\n\n * CVE-2021-38007: Type Confusion in V8\n * CVE-2021-38008: Use after free in media\n * CVE-2021-38009: Inappropriate implementation in cache\n * CVE-2021-38006: Use after free in storage foundation\n * CVE-2021-38005: Use after free in loader\n * CVE-2021-38010: Inappropriate implementation in service workers\n * CVE-2021-38011: Use after free in storage foundation\n * CVE-2021-38012: Type Confusion in V8\n * CVE-2021-38013: Heap buffer overflow in fingerprint recognition\n * CVE-2021-38014: Out of bounds write in Swiftshader\n * CVE-2021-38015: Inappropriate implementation in input\n * CVE-2021-38016: Insufficient policy enforcement in background fetch\n * CVE-2021-38017: Insufficient policy enforcement in iframe sandbox\n * CVE-2021-38018: Inappropriate implementation in navigation\n * CVE-2021-38019: Insufficient policy enforcement in CORS\n * CVE-2021-38020: Insufficient policy enforcement in contacts picker\n * CVE-2021-38021: Inappropriate implementation in referrer\n * CVE-2021-38022: Inappropriate implementation in WebAuthentication\n\n Lord of the Browsers: The Two Compilers:\n\n * Go back to GCC Lord of the Browsers: The Two Compilers:\n\n * Go back to GCC\n * GCC: LTO removes needed assembly symbols\n * Clang: issues with libstdc++\n\n * GCC: LTO removes needed assembly symbols\n * Clang: issues with libstdc++\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP3:\n\n zypper in -t patch openSUSE-2021-1582=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-12-14T00:00:00", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022", "CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068", "CVE-2021-4078", "CVE-2021-4079"], "modified": "2021-12-14T00:00:00", "id": "OPENSUSE-SU-2021:1582-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2H3B3VUHNFAXDEK6YLKWJWLKWC4NOIPM/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-18T12:39:59", "description": "An update that fixes 25 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n Chromium 94.0.4606.81 (boo#1191463):\n\n * CVE-2021-37977: Use after free in Garbage Collection\n * CVE-2021-37978: Heap buffer overflow in Blink\n * CVE-2021-37979: Heap buffer overflow in WebRTC\n * CVE-2021-37980: Inappropriate implementation in Sandbox\n\n Chromium 94.0.4606.54 (boo#1190765):\n\n * CVE-2021-37956: Use after free in Offline use\n * CVE-2021-37957: Use after free in WebGPU\n * CVE-2021-37958: Inappropriate implementation in Navigation\n * CVE-2021-37959: Use after free in Task Manager\n * CVE-2021-37960: Inappropriate implementation in Blink graphics\n * CVE-2021-37961: Use after free in Tab Strip\n * CVE-2021-37962: Use after free in Performance Manager\n * CVE-2021-37963: Side-channel information leakage in DevTools\n * CVE-2021-37964: Inappropriate implementation in ChromeOS Networking\n * CVE-2021-37965: Inappropriate implementation in Background Fetch API\n * CVE-2021-37966: Inappropriate implementation in Compositing\n * CVE-2021-37967: Inappropriate implementation in Background Fetch API\n * CVE-2021-37968: Inappropriate implementation in Background Fetch API\n * CVE-2021-37969: Inappropriate implementation in Google Updater\n * CVE-2021-37970: Use after free in File System API\n * CVE-2021-37971: Incorrect security UI in Web Browser UI\n * CVE-2021-37972: Out of bounds read in libjpeg-turbo\n\n Chromium 94.0.4606.61 (boo#1191166):\n\n * CVE-2021-37973: Use after free in Portals\n\n Chromium 94.0.4606.71 (boo#1191204):\n\n * CVE-2021-37974 : Use after free in Safe Browsing\n * CVE-2021-37975 : Use after free in V8\n * CVE-2021-37976 : Information leak in core\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2021-1350=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-10-12T00:00:00", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37956", "CVE-2021-37957", "CVE-2021-37958", "CVE-2021-37959", "CVE-2021-37960", "CVE-2021-37961", "CVE-2021-37962", "CVE-2021-37963", "CVE-2021-37964", "CVE-2021-37965", "CVE-2021-37966", "CVE-2021-37967", "CVE-2021-37968", "CVE-2021-37969", "CVE-2021-37970", "CVE-2021-37971", "CVE-2021-37972", "CVE-2021-37973", "CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980"], "modified": "2021-10-12T00:00:00", "id": "OPENSUSE-SU-2021:1350-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FGCILKKE7TLKATFOFTDHZ573UHODPDOM/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-18T12:39:52", "description": "An update that fixes 41 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n Chromium 96.0.4664.110 (boo#1193713):\n\n * CVE-2021-4098: Insufficient data validation in Mojo\n * CVE-2021-4099: Use after free in Swiftshader\n * CVE-2021-4100: Object lifecycle issue in ANGLE\n * CVE-2021-4101: Heap buffer overflow in Swiftshader\n * CVE-2021-4102: Use after free in V8\n\n Lord of the Browsers: The Two Compilers:\n\n * Go back to GCC\n * GCC: LTO removes needed assembly symbols\n * Clang: issues with libstdc++\n\n Chromium 96.0.4664.93 (boo#1193519):\n\n * CVE-2021-4052: Use after free in web apps\n * CVE-2021-4053: Use after free in UI\n * CVE-2021-4079: Out of bounds write in WebRTC\n * CVE-2021-4054: Incorrect security UI in autofill\n * CVE-2021-4078: Type confusion in V8\n * CVE-2021-4055: Heap buffer overflow in extensions\n * CVE-2021-4056: Type Confusion in loader\n * CVE-2021-4057: Use after free in file API\n * CVE-2021-4058: Heap buffer overflow in ANGLE\n * CVE-2021-4059: Insufficient data validation in loader\n * CVE-2021-4061: Type Confusion in V8\n * CVE-2021-4062: Heap buffer overflow in BFCache\n * CVE-2021-4063: Use after free in developer tools\n * CVE-2021-4064: Use after free in screen capture\n * CVE-2021-4065: Use after free in autofill\n * CVE-2021-4066: Integer underflow in ANGLE\n * CVE-2021-4067: Use after free in window manager\n * CVE-2021-4068: Insufficient validation of untrusted input in new tab page\n\n Chromium 96.0.4664.45 (boo#1192734):\n\n * CVE-2021-38007: Type Confusion in V8\n * CVE-2021-38008: Use after free in media\n * CVE-2021-38009: Inappropriate implementation in cache\n * CVE-2021-38006: Use after free in storage foundation\n * CVE-2021-38005: Use after free in loader\n * CVE-2021-38010: Inappropriate implementation in service workers\n * CVE-2021-38011: Use after free in storage foundation\n * CVE-2021-38012: Type Confusion in V8\n * CVE-2021-38013: Heap buffer overflow in fingerprint recognition\n * CVE-2021-38014: Out of bounds write in Swiftshader\n * CVE-2021-38015: Inappropriate implementation in input\n * CVE-2021-38016: Insufficient policy enforcement in background fetch\n * CVE-2021-38017: Insufficient policy enforcement in iframe sandbox\n * CVE-2021-38018: Inappropriate implementation in navigation\n * CVE-2021-38019: Insufficient policy enforcement in CORS\n * CVE-2021-38020: Insufficient policy enforcement in contacts picker\n * CVE-2021-38021: Inappropriate implementation in referrer\n * CVE-2021-38022: Inappropriate implementation in WebAuthentication\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2021-1632=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-12-28T00:00:00", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38018", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022", "CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068", "CVE-2021-4078", "CVE-2021-4079", "CVE-2021-4098", "CVE-2021-4099", "CVE-2021-4100", "CVE-2021-4101", "CVE-2021-4102"], "modified": "2021-12-28T00:00:00", "id": "OPENSUSE-SU-2021:1632-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DUJZLITO4GTLR5FP75FBCLDYZMUY2AFI/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-18T12:39:59", "description": "An update that fixes 21 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n Chromium 94.0.4606.54 (boo#1190765):\n\n * CVE-2021-37956: Use after free in Offline use\n * CVE-2021-37957: Use after free in WebGPU\n * CVE-2021-37958: Inappropriate implementation in Navigation\n * CVE-2021-37959: Use after free in Task Manager\n * CVE-2021-37960: Inappropriate implementation in Blink graphics\n * CVE-2021-37961: Use after free in Tab Strip\n * CVE-2021-37962: Use after free in Performance Manager\n * CVE-2021-37963: Side-channel information leakage in DevTools\n * CVE-2021-37964: Inappropriate implementation in ChromeOS Networking\n * CVE-2021-37965: Inappropriate implementation in Background Fetch API\n * CVE-2021-37966: Inappropriate implementation in Compositing\n * CVE-2021-37967: Inappropriate implementation in Background Fetch API\n * CVE-2021-37968: Inappropriate implementation in Background Fetch API\n * CVE-2021-37969: Inappropriate implementation in Google Updater\n * CVE-2021-37970: Use after free in File System API\n * CVE-2021-37971: Incorrect security UI in Web Browser UI\n * CVE-2021-37972: Out of bounds read in libjpeg-turbo\n\n Chromium 94.0.4606.61 (boo#1191166):\n\n * CVE-2021-37973: Use after free in Portals\n\n Chromium 94.0.4606.71 (boo#1191204):\n\n * CVE-2021-37974 : Use after free in Safe Browsing\n * CVE-2021-37975 : Use after free in V8\n * CVE-2021-37976 : Information leak in core\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP3:\n\n zypper in -t patch openSUSE-2021-1339=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-10-11T00:00:00", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37956", "CVE-2021-37957", "CVE-2021-37958", "CVE-2021-37959", "CVE-2021-37960", "CVE-2021-37961", "CVE-2021-37962", "CVE-2021-37963", "CVE-2021-37964", "CVE-2021-37965", "CVE-2021-37966", "CVE-2021-37967", "CVE-2021-37968", "CVE-2021-37969", "CVE-2021-37970", "CVE-2021-37971", "CVE-2021-37972", "CVE-2021-37973", "CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976"], "modified": "2021-10-11T00:00:00", "id": "OPENSUSE-SU-2021:1339-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GDJ2M5H37726GXT3YZBJRSXV3JYGN7CL/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-18T12:39:56", "description": "An update that fixes 16 vulnerabilities is now available.\n\nDescription:\n\n This update for opera fixes the following issues:\n\n Opera was updated to version 81.0.4196.31\n - DNA-95733 Implement the \ufffd\ufffd\ufffdManage\ufffd\ufffd\ufffd menu in card details view\n - DNA-95736 Update UI for paused card\n - DNA-95791 Crash at base::operator<\n - DNA-95794 Sometimes the sidebar UI fails to load\n - DNA-95812 Retrieve cards info when showing autofill\n - DNA-96035 Cannot create virtual card on Sandbox environment\n - DNA-96147 \ufffd\ufffd\ufffdBuy\ufffd\ufffd\ufffd button does not work\n - DNA-96168 Update contributors list\n - DNA-96211 Enable #fast-tab-tooltip on all streams\n - DNA-96231 Promote O81 to stable\n - Complete Opera 80.1 changelog at:\n\n https://blogs.opera.com/desktop/changelog-for-81/\n\n Update to version 81.0.4196.27\n\n - CHR-8623 Update chromium on desktop-stable-95-4196 to 95.0.4638.54\n - DNA-92384 Better segmenting of hint users\n - DNA-95523 Allow sorting in multi-card view\n - DNA-95659 Flow of Lastcard on first login\n - DNA-95735 Implement the button that reveals full card details\n - DNA-95747 Better way to handle expired funding card\n - DNA-95949 [Mac Retina] Clicking active tab should scroll to the top\n - DNA-95993 Update icon used for Yat in address bar dropdown\n - DNA-96021 Cleared download item view is never deleted\n - DNA-96036 Occupation field in 'Account \ufffd\ufffd\ufffd Edit' is shown twice\n - DNA-96127 Upgrade plan button does nothing\n - DNA-96138 \"Add Card\" button does not change to \"Upgrade Plan\" after\n adding card\n - The update to chromium 95.0.4638.54 fixes following issues:\n CVE-2021-37981, CVE-2021-37982, CVE-2021-37983, CVE-2021-37984,\n CVE-2021-37985, CVE-2021-37986, CVE-2021-37987, CVE-2021-37988,\n CVE-2021-37989, CVE-2021-37990, CVE-2021-37991, CVE-2021-37992,\n CVE-2021-37993, CVE-2021-37994, CVE-2021-37995, CVE-2021-37996\n\n Update to version 80.0.4170.72\n\n - DNA-95522 Change card view to show all types of cards\n - DNA-95523 Allow sorting in multi-card view\n - DNA-95524 Allow searching for cards by name\n - DNA-95658 Allow user to add a card\n - DNA-95659 Flow of Lastcard on first login\n - DNA-95660 Implement editing card details\n - DNA-95699 Add card details view\n - DNA-95733 Implement the \ufffd\ufffd\ufffdManage\ufffd\ufffd\ufffd menu in card details view\n - DNA-95735 Implement the button that reveals full card details\n - DNA-95736 Update UI for paused card\n - DNA-95747 Better way to handle expired funding card\n - DNA-95794 Sometimes the sidebar UI fails to load\n - DNA-95812 Retrieve cards info when showing autofill\n - DNA-96036 Occupation field in \ufffd\ufffd\ufffdAccount \ufffd\ufffd\ufffd Edit\ufffd\ufffd\ufffd is shown twice\n - DNA-96127 Upgrade plan button does nothing\n - DNA-96138 \ufffd\ufffd\ufffdAdd Card\ufffd\ufffd\ufffd button does not change to \ufffd\ufffd\ufffdUpgrade Plan\ufffd\ufffd\ufffd\n after adding card\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:NonFree:\n\n zypper in -t patch openSUSE-2021-1488=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-11-19T00:00:00", "type": "suse", "title": "Security update for opera (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996"], "modified": "2021-11-19T00:00:00", "id": "OPENSUSE-SU-2021:1488-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2KPG5DWW4SNUCP3CCQ2LC7L3RKCFTIAA/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-18T12:39:59", "description": "An update that fixes 16 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n Chromium 95.0.4638.54 (boo#1191844):\n\n * CVE-2021-37981: Heap buffer overflow in Skia\n * CVE-2021-37982: Use after free in Incognito\n * CVE-2021-37983: Use after free in Dev Tools\n * CVE-2021-37984: Heap buffer overflow in PDFium\n * CVE-2021-37985: Use after free in V8\n * CVE-2021-37986: Heap buffer overflow in Settings\n * CVE-2021-37987: Use after free in Network APIs\n * CVE-2021-37988: Use after free in Profiles\n * CVE-2021-37989: Inappropriate implementation in Blink\n * CVE-2021-37990: Inappropriate implementation in WebView\n * CVE-2021-37991: Race in V8\n * CVE-2021-37992: Out of bounds read in WebAudio\n * CVE-2021-37993: Use after free in PDF Accessibility\n * CVE-2021-37996: Insufficient validation of untrusted input in Downloads\n * CVE-2021-37994: Inappropriate implementation in iFrame Sandbox\n * CVE-2021-37995: Inappropriate implementation in WebApp Installer\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n

chromium - security update

Description

Affected Software

Related