Description
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface.
Below is a complete list of vulnerabilities:
- Use after free vulnerability in Media can be exploited to cause denial of service or execute arbitrary code.
- Uninitialized use vulnerability in USB can be exploited to bypass security restrictions.
- Implementation vulnerability in iframe sandbox can be exploited to potentially cause denial of service.
- Implementation vulnerability in Performace API can be exploited to potentially cause denial of service.
- Policy enforcement vulnerability in WebView can be exploited to bypass security restrictions.
- Policy enforcement vulnerability in File System API can be exploited to bypass security restrictions.
- Use after free vulnerability in Blink can be exploited to cause denial of service or execute arbitrary code.
- Security UI vulnerability in Page Info can be exploited to spoof user interface.
- Policy enforcement vulnerability in extensions can be exploited to bypass security restrictions.
- Implementation vulnerability in DevTools can be exploited to potentially cause denial of service.
- Heap buffer overflow vulnerability in Blink can be exploited to cause denial of service.
- Use after free vulnerability in WebSQL can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in DevTools can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in Speech Recognizer can be exploited to cause denial of service or execute arbitrary code.
- Policy enforcement vulnerability in Cryptohome can be exploited to bypass security restrictions.
- Data validation vulnerability in File System API can be exploited to bypass security restrictions.
- Use after free vulnerability in Omnibox can be exploited to cause denial of service or execute arbitrary code.
- Use after free vulnerability in WebRTC can be exploited to cause denial of service or execute arbitrary code.
- Policy enforcement vulnerability in Downloads can be exploited to bypass security restrictions.
- Data validation vulnerability in V8 can be exploited to bypass security restrictions.
Original advisories
Related products
CVE list
- CVE-2020-16044 critical
- CVE-2021-21119 critical
- CVE-2021-21140 high
- CVE-2021-21139 high
- CVE-2021-21135 high
- CVE-2021-21136 high
- CVE-2021-21129 high
- CVE-2021-21130 high
- CVE-2021-21122 critical
- CVE-2021-21134 high
- CVE-2021-21125 critical
- CVE-2021-21131 high
- CVE-2021-21126 high
- CVE-2021-21132 critical
- CVE-2021-21128 critical
- CVE-2021-21120 critical
- CVE-2021-21138 critical
- CVE-2021-21137 high
- CVE-2021-21124 critical
- CVE-2021-21117 critical
- CVE-2021-21123 high
- CVE-2021-21127 critical
- CVE-2021-21141 high
- CVE-2021-21121 critical
- CVE-2021-21133 high
- CVE-2021-21118 critical
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!