Lucene search
SuseOPENSUSE-SU-2021:1074-1HistoryJul 22, 2021 - 12:00 a.m.
Security update for chromium (important)
2021-07-2200:00:00
lists.opensuse.org
207
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
An update that fixes 7 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium 91.0.4472.164 (boo#1188373)
- CVE-2021-30559: Out of bounds write in ANGLE
- CVE-2021-30541: Use after free in V8
- CVE-2021-30560: Use after free in Blink XSLT
- CVE-2021-30561: Type Confusion in V8
- CVE-2021-30562: Use after free in WebSerial
- CVE-2021-30563: Type Confusion in V8
- CVE-2021-30564: Heap buffer overflow in WebXR
- Various fixes from internal audits, fuzzing and other initiatives
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or βzypper patchβ.
Alternatively you can run the command listed for your product:
-
openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2021-1074=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Backports SLE | 15-SP3 | aarch64 | - opensuse backports sle | <Β 15-SP3 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 x86_64):.aarch64.rpm |
| openSUSE Backports SLE | 15-SP3 | x86_64 | - opensuse backports sle | <Β 15-SP3 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 x86_64):.x86_64.rpm |
Related
suse
suse
Security update for chromium (important)
2021-07-22 00:00:00
Security update for opera (important)
2021-08-05 00:00:00
Security update for opera (important)
2021-08-05 00:00:00
nessus
nessus
openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1074-1)
2021-07-22 00:00:00
Google Chrome < 91.0.4472.164 Multiple Vulnerabilities
2021-07-15 00:00:00
kaspersky
kaspersky
KLA12235 Multiple vulnerabilities in Microsoft Browser
2021-07-19 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2021-07-15 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: chromium-91.0.4472.164-1.fc33
2021-07-26 01:02:49
[SECURITY] Fedora 34 Update: chromium-91.0.4472.164-1.fc34
2021-07-19 01:13:48
[SECURITY] Fedora 34 Update: qt5-qtwebengine-5.15.8-2.fc34
2022-02-04 01:23:18
archlinux
archlinux
[ASA-202107-31] vivaldi: arbitrary code execution
2021-07-16 00:00:00
[ASA-202107-30] chromium: arbitrary code execution
2021-07-16 00:00:00
[ASA-202107-46] opera: arbitrary code execution
2021-07-21 00:00:00
gentoo
gentoo
Chromium, Google Chrome: Multiple vulnerabilities
2021-07-22 00:00:00
libxslt: Multiple Vulnerabilities
2023-10-31 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2021-07-15 00:00:00
cve
cve
cnvd
cnvd
Google Chrome WebSerial use-after-release vulnerability
2021-07-20 00:00:00
Google Chrome V8 Type Obfuscation Vulnerability (CNVD-2021-60535)
2021-07-20 00:00:00
Google Chrome Type Obfuscation Vulnerability (CNVD-2021-62171)
2021-07-19 00:00:00
alpinelinux
alpinelinux
packetstorm
packetstorm
Chrome JS WasmJs::InstallConditionalFeatures Object Corruption
2021-08-16 00:00:00
mscve
mscve
Chromium: CVE-2021-30561 Type Confusion in V8
2021-07-19 07:00:00
Chromium: CVE-2021-30562 Use after free in WebSerial
2021-07-19 07:00:00
Chromium: CVE-2021-30563 Type Confusion in V8
2021-07-19 07:00:00
prion
prion
Design/Logic Flaw
2021-08-03 19:15:00
Type confusion
2021-08-03 19:15:00
Type confusion
2021-08-03 19:15:00
ubuntucve
ubuntucve
debiancve
debiancve
attackerkb
attackerkb
CVE-2021-30563
2021-08-03 00:00:00
redhatcve
redhatcve
CVE-2021-30563
2022-05-20 23:23:53
checkpoint_advisories
checkpoint_advisories
Google Chrome Browser V8 Remote Code Execution (CVE-2021-30563)
2022-01-17 00:00:00
cisa
cisa
Google Releases Security Updates for Chrome
2021-07-16 00:00:00
veracode
veracode
Arbitrary Code Execution
2021-07-16 17:48:19
photon
photon
Important Photon OS Security Update - PHSA-2022-0398
2022-05-30 00:00:00
Important Photon OS Security Update - PHSA-2022-0485
2022-06-17 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0398
2022-05-30 00:00:00
osv
osv
libxslt - security update
2022-08-24 00:00:00
Nokogiri has vulnerable dependencies on libxml2 and libxslt
2022-05-24 19:09:47
CVE-2021-30560
2021-08-03 19:15:08
slackware
slackware
[slackware-security] libxslt
2022-03-01 05:14:54
cisa_kev
cisa_kev
Google Chromium V8 Type Confusion Vulnerability
2021-11-03 00:00:00
github
github
Nokogiri has vulnerable dependencies on libxml2 and libxslt
2022-05-24 19:09:47
Vulnerable dependencies in Nokogiri
2022-02-25 20:32:09
cbl_mariner
cbl_mariner
CVE-2021-30560 affecting package libxslt 1.1.34-6
2022-06-03 17:54:00
CVE-2021-30560 affecting package libxslt 1.1.34-2
2022-06-15 17:03:07
mageia
mageia
Updated libxslt packages fix security vulnerability
2022-09-21 21:15:27
debian
debian
[SECURITY] [DSA 5216-1] libxslt security update
2022-08-24 15:04:29
[SECURITY] [DLA 3101-1] libxslt security update
2022-09-09 13:08:41
cloudfoundry
cloudfoundry
USN-5575-1: Libxslt vulnerabilities | Cloud Foundry
2022-09-29 00:00:00
ubuntu
ubuntu
Libxslt vulnerabilities
2022-08-22 00:00:00
Libxslt vulnerabilities
2022-08-22 00:00:00
rubygems
rubygems
Update packaged libxml2 (2.9.12 β 2.9.13) and libxslt (1.1.34 β 1.1.35)
2022-02-20 21:00:00
thn
thn
Update Your Chrome Browser to Patch New ZeroβDay Bug Exploited in the Wild
2021-07-16 05:08:00
Update Google Chrome to Patch 2 New Zero-Day Flaws Under Attack
2021-09-14 04:08:00
malwarebytes
malwarebytes
Update now! Google Chrome fixes two in-the-wild zero-days
2021-09-14 16:28:47
threatpost
threatpost
Google Chrome Bug Actively Exploited as Zero-Day
2022-03-30 16:14:30
Pair of Google Chrome Zero-Day Bugs Actively Exploited
2021-09-14 15:03:41
Chrome Zero-Day Under Active Attack: Patch ASAP
2022-02-15 18:33:28
avleonov
avleonov
securelist
securelist
IT threat evolution in Q3 2021. PC statistics
2021-11-26 12:00:36
ibm
ibm
googleprojectzero
googleprojectzero
The More You Know, The More You Know You Donβt Know
2022-04-19 00:00:00
qualysblog
qualysblog
Qualys Response to CISA Alert: Binding Operational Directive 22-01
2021-11-09 06:15:01
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related for OPENSUSE-SU-2021:1074-1