Saturday, February 6, 2021

FreeBSD: VID-479FDFDA-6659-11EB-83E2-E09467587C17 (CVE-2021-21147): www/chromium -- multiple vulnerabilities

Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From VID-479FDFDA-6659-11EB-83E2-E09467587C17: Chrome Releases reports: This update include 6 security fixes: 1169317] Critical CVE-2021-21142: Use after free in Payments. Reported by Khalil Zhani on 2021-01-21 [1163504] High CVE-2021-21143: Heap buffer overflow in Extensions. Reported by Allen Parker and Alex Morgan of MU on 2021-01-06 [1163845] High CVE-2021-21144: Heap buffer overflow in Tab Groups. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-01-07 [1154965] High CVE-2021-21145: Use after free in Fonts. Reported by Anonymous on 2020-12-03 [1161705] High CVE-2021-21146: Use after free in Navigation. Reported by Alison Huffman and Choongwoo Han of Microsoft Browser Vulnerability Research on 2020-12-24 [1162942] Medium CVE-2021-21147: Inappropriate implementation in Skia. Reported by Roman Starkov on 2021-01-04
Solution(s)
  • freebsd-upgrade-package-chromium


  • References
  • CVE-2021-21147




  •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore