AVG-2474 log

Package chromium
Status Fixed
Severity High
Type multiple issues
Affected 94.0.4606.81-1
Fixed 95.0.4638.54-1
Current 130.0.6723.116-1 [extra]
Ticket None
Created Tue Oct 19 19:47:49 2021
Issue Severity Remote Type Description
CVE-2021-37996 Medium Yes Insufficient validation
An insufficient validation of untrusted input security issue has been found in the Downloads component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37995 Low Yes Arbitrary code execution
An inappropriate implementation security issue has been found in the WebApp Installer component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37994 Low Yes Arbitrary code execution
An inappropriate implementation security issue has been found in the iFrame Sandbox component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37993 Medium Yes Arbitrary code execution
A use after free security issue has been found in the PDF Accessibility component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37992 Medium Yes Information disclosure
An out of bounds read security issue has been found in the WebAudio component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37991 Medium Yes Arbitrary code execution
A race security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37990 Medium Yes Arbitrary code execution
An inappropriate implementation security issue has been found in the WebView component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37989 Medium Yes Arbitrary code execution
An inappropriate implementation security issue has been found in the Blink component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37988 Medium Yes Arbitrary code execution
A use after free security issue has been found in the Profiles component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37987 Medium Yes Arbitrary code execution
A use after free security issue has been found in the Network APIs component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37986 Medium Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the Settings component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37985 High Yes Arbitrary code execution
A use after free security issue has been found in the V8 component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37984 High Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the PDFium component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37983 High Yes Arbitrary code execution
A use after free security issue has been found in the Dev Tools component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37982 High Yes Arbitrary code execution
A use after free security issue has been found in the Incognito component of the Chromium browser engine before version 95.0.4638.54.
CVE-2021-37981 High Yes Arbitrary code execution
A heap buffer overflow security issue has been found in the Skia component of the Chromium browser engine before version 95.0.4638.54.
Date Advisory Package Type
21 Oct 2021 ASA-202110-2 chromium multiple issues