openSUSE Security Update : chromium (openSUSE-2021-392)

This update for chromium fixes the following issues : Update to 89.0.4389.72 boo1182358, boo1182960 : - CVE-2021-21159: Heap buffer overflow in TabStrip. - CVE-2021-21160: Heap buffer overflow in WebAudio. - CVE-2021-21161: Heap buffer overflow in TabStrip. - CVE-2021-21162: Use after free in...

OPENSUSE-SU-2021:0401-1 Security update for chromium

This update for chromium fixes the following issues: Update to 89.0.4389.72 boo1182358, boo1182960: - CVE-2021-21159: Heap buffer overflow in TabStrip. - CVE-2021-21160: Heap buffer overflow in WebAudio. - CVE-2021-21161: Heap buffer overflow in TabStrip. - CVE-2021-21162: Use after free in WebRT...

CVE-2021-21187

Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

CVE-2021-21164

Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2021-21164

Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2021-21163

Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server...

CVE-2021-21163

Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server...

Input validation

Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

Input validation

Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server...

Input validation

Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

CVE-2021-21164

Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2021-21163

Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server...

UBUNTU-CVE-2021-21164

Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2021-21187

Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

CVE-2021-21187

CVE-2021-21187 is a Chromium/Google Chrome URL formatting vulnerability caused by insufficient data validation in the URL formatting code. It allows a remote attacker to perform domain spoofing via IDN homographs when a crafted domain name is used, with impact described as spoofing and potential ...

CVE-2021-21187

Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

CVE-2021-21164

Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2021-21164

CVE-2021-21164 (Chrome on iOS) affects Google Chrome on iOS prior to version 89.0.4389.72, due to insufficient data validation that allows a remote attacker to leak cross-origin data via a crafted HTML page. The vulnerability is tied to Chrome’s handling on iOS, with the impact described as cross...

CVE-2021-21164

Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2021-21164

Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page...