6.8
CVSSv2

CVE-2021-21109

Published: 08/01/2021 Updated: 28/01/2021
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 9.6 | Impact Score: 6 | Exploitability Score: 2.8
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Use after free in payments in Google Chrome before 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

fedoraproject fedora 32

fedoraproject fedora 33

debian debian linux 10.0

Vendor Advisories

A use after free security issue has been found in the payments component of the Chromium browser before version 8704280141 ...
Debian Bug report logs - #979533 chromium: New 8704280141 (CVE-2020-15995 CVE-2020-16043 CVE-2021-21106 CVE-2021-21107 CVE-2021-21108 CVE-2021-21109 CVE-2021-21110 CVE-2021-21111 CVE-2021-21112 CVE-2021-21113 CVE-2021-21114 CVE-2021-21115 CVE-2021-21116) Package: src:chromium; Maintainer for src:chromium is Debian Chromium Team <ch ...
Multiple security issues were discovered in the Chromium web browser, which could result in the execution of arbitrary code, denial of service or information disclosure For the stable distribution (buster), these problems have been fixed in version 8704280141-01~deb10u1 We recommend that you upgrade your chromium packages For the detailed se ...
Arch Linux Security Advisory ASA-202101-6 ========================================= Severity: High Date : 2021-01-08 CVE-ID : CVE-2020-15995 CVE-2020-16043 CVE-2021-21106 CVE-2021-21107 CVE-2021-21108 CVE-2021-21109 CVE-2021-21110 CVE-2021-21111 CVE-2021-21112 CVE-2021-21113 CVE-2021-21114 CVE-2021-21115 CVE-2021- ...
Arch Linux Security Advisory ASA-202101-20 ========================================== Severity: High Date : 2021-01-12 CVE-ID : CVE-2020-15995 CVE-2020-16043 CVE-2021-21106 CVE-2021-21107 CVE-2021-21108 CVE-2021-21109 CVE-2021-21110 CVE-2021-21111 CVE-2021-21112 CVE-2021-21113 CVE-2021-21114 CVE-2021-21115 CVE-202 ...
The Stable channel has been updated to 8704280141 for Windows, Mac and Linux which will roll out over the coming days/weeksA full list of changes in this build is available in the log Interested in switching release channels?  Find out how here If you find a new issue, please let us know by filing a bug The community help forum is also a gr ...

Recent Articles

Bugs in Firefox, Chrome, Edge Allow Remote System Hijacking
Threatpost • Tom Spring • 08 Jan 2021

Makers of the Chrome, Firefox and Edge browsers are urging users to patch critical vulnerabilities that if exploited allow hackers to hijack systems running the software.
The Mozilla Firefox vulnerability (CVE-2020-16044) is separate from a bug reported in Google’s browser engine Chromium, which is used in the Google Chrome browser and Microsoft’s latest version of its Edge browser.
On Thursday, the Cybersecurity and Infrastructure Security Agency (CISA) urged users of Mozilla Fo...