AVG-1414 log

Package chromium
Status Fixed
Severity High
Type multiple issues
Affected 87.0.4280.88-3
Fixed 87.0.4280.141-1
Current 123.0.6312.86-1 [extra]
Ticket None
Created Thu Jan 7 09:33:42 2021
Issue Severity Remote Type Description
CVE-2021-21116 Medium Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the audio component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21115 High Yes Arbitrary code execution
A use after free security issue has been found in the safe browsing component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21114 High Yes Arbitrary code execution
A use after free security issue has been found in the audio component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21113 High Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the Skia component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21112 High Yes Arbitrary code execution
A use after free security issue has been found in the Blink component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21111 High Yes Access restriction bypass
An insufficient policy enforcement security issue has been found in the WebUI component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21110 High Yes Arbitrary code execution
A use after free security issue has been found in the safe browsing component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21109 High Yes Arbitrary code execution
A use after free security issue has been found in the payments component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21108 High Yes Arbitrary code execution
A use after free security issue has been found in the media component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21107 High Yes Arbitrary code execution
A use after free security issue has been found in the drag and drop component of the Chromium browser before version 87.0.4280.141.
CVE-2021-21106 High Yes Arbitrary code execution
A use after free security issue has been found in the autofill component of the Chromium browser before version 87.0.4280.141.
CVE-2020-16043 High Yes Insufficient validation
An insufficient data validation security issue has been found in the networking component of the Chromium browser before version 87.0.4280.141.
CVE-2020-15995 High Yes Arbitrary code execution
An out of bounds write security issue has been found in the V8 component of the Chromium browser before version 87.0.4280.141.
Date Advisory Package Type
08 Jan 2021 ASA-202101-6 chromium multiple issues
References
https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop.html