Vulmon Recent Vulnerabilities Trends Blog About Contact
6.8
CVSSv2

CVE-2021-21112

Published: 08/01/2021 Updated: 17/01/2021
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Google

Vulnerability Summary

Use after free in Blink in Google Chrome before 87.0.4280.141 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

Vendor Advisories

Arch Linux Issues:
A use after free security issue has been found in the Blink component of the Chromium browser before version 8704280141 ...
Debian CVElist Bug Report Logs: chromium: New 87.0.4280.141 (CVE-2020-15995 CVE-2020-16043 CVE-2021-21106 CVE-2021-21107 CVE-2021-21108 CVE-2021-21109 CVE-2021-21110 CVE-2021-21111 CVE-2021-21112 CVE-2021-21113 CVE-2021-21114 CVE-2021-21115 CVE-2021-21116)
Debian Bug report logs - #979533 chromium: New 8704280141 (CVE-2020-15995 CVE-2020-16043 CVE-2021-21106 CVE-2021-21107 CVE-2021-21108 CVE-2021-21109 CVE-2021-21110 CVE-2021-21111 CVE-2021-21112 CVE-2021-21113 CVE-2021-21114 CVE-2021-21115 CVE-2021-21116) Package: src:chromium; Maintainer for src:chromium is Debian Chromium Team <ch ...
Arch Linux Advisories: [ASA-202101-6] chromium: multiple issues
Arch Linux Security Advisory ASA-202101-6 ========================================= Severity: High Date : 2021-01-08 CVE-ID : CVE-2020-15995 CVE-2020-16043 CVE-2021-21106 CVE-2021-21107 CVE-2021-21108 CVE-2021-21109 CVE-2021-21110 CVE-2021-21111 CVE-2021-21112 CVE-2021-21113 CVE-2021-21114 CVE-2021-21115 CVE-2021- ...
Google Chrome: Stable Channel Update for Desktop
The Stable channel has been updated to 8704280141 for Windows, Mac and Linux which will roll out over the coming days/weeksA full list of changes in this build is available in the log Interested in switching release channels?  Find out how here If you find a new issue, please let us know by filing a bug The community help forum is also a gr ...

Recent Articles

Bugs in Firefox, Chrome, Edge Allow Remote System Hijacking
Threatpost • Tom Spring • 08 Jan 2021

Makers of the Chrome, Firefox and Edge browsers are urging users to patch critical vulnerabilities that if exploited allow hackers to hijack systems running the software.
The Mozilla Firefox vulnerability (CVE-2020-16044) is separate from a bug reported in Google’s browser engine Chromium, which is used in the Google Chrome browser and Microsoft’s latest version of its Edge browser.
On Thursday, the Cybersecurity and Infrastructure Security Agency (CISA) urged users of Mozilla Fo...

Read more...

References

CWE-416https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop.htmlhttps://crbug.com/1151298https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VVUWIJKZTZTG6G475OR6PP4WPQBVM6PS/https://security.gentoo.org/glsa/202101-05https://www.debian.org/security/2021/dsa-4832https://nvd.nist.govhttps://exchange.xforce.ibmcloud.com/vulnerabilities/194363https://threatpost.com/firefox-chrome-edge-bugs-system-hijacking/162873/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-6207CVE-2020-11143CVE-2021-3129CVE-2020-11138CVE-2020-11225man-in-the-middledeserializationfile uploadCVE-2020-26285