Search for packages
| purl | pkg:alpm/archlinux/chromium@88.0.4324.182-1 |
| Next non-vulnerable version | 89.0.4389.72-1 |
| Latest non-vulnerable version | 102.0.5005.61-1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1kfu-n9e4-q3ez
Aliases: CVE-2021-21169 |
Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-2k3c-518s-wkbj
Aliases: CVE-2021-21186 |
Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code. |
Affected by 0 other vulnerabilities. |
|
VCID-4329-zjq8-x3gq
Aliases: CVE-2021-21162 |
Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-57dx-wk5v-rube
Aliases: CVE-2021-21183 |
Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-6try-9m7m-cyf2
Aliases: CVE-2021-21182 |
Insufficient policy enforcement in navigations in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-734c-saez-tudk
Aliases: CVE-2021-21179 |
Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-9695-um8s-a3bn
Aliases: CVE-2021-21173 |
Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-9hxw-zdvr-6kdv
Aliases: CVE-2021-21163 |
Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server. |
Affected by 0 other vulnerabilities. |
|
VCID-9rbe-9db4-duc1
Aliases: CVE-2021-21180 |
Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-aczg-awnj-tqeg
Aliases: CVE-2021-21181 |
Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-anpg-fjv5-g7f4
Aliases: CVE-2021-21165 |
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-atmb-w8qs-83h8
Aliases: CVE-2021-21160 |
Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-b1g2-74yg-7fhs
Aliases: CVE-2021-21184 |
Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-bvsa-6ey4-zudq
Aliases: CVE-2021-21164 |
Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-e7xu-wceh-7qgu
Aliases: CVE-2021-21190 |
Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. |
Affected by 0 other vulnerabilities. |
|
VCID-e9tm-be66-67g1
Aliases: CVE-2021-21171 |
Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-fwat-e616-87d4
Aliases: CVE-2021-21172 |
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 89.0.4389.72 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-g5d9-faky-gqa9
Aliases: CVE-2021-21189 |
Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-g919-h6wc-pua3
Aliases: CVE-2021-21175 |
Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-ghnv-8w4d-hue2
Aliases: CVE-2021-21159 |
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-hjf6-x46y-t7bj
Aliases: CVE-2021-21174 |
Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-j4m7-mg48-2bh5
Aliases: CVE-2021-21188 |
Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-jyxz-sqx6-j3hh
Aliases: CVE-2021-21176 |
Inappropriate implementation in full screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-jzjf-jjcg-euak
Aliases: CVE-2020-27844 |
A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
Affected by 0 other vulnerabilities. |
|
VCID-ns21-tx1t-c7em
Aliases: CVE-2021-21185 |
Insufficient policy enforcement in extensions in Google Chrome prior to 89.0.4389.72 allowed an attacker who convinced a user to install a malicious extension to obtain sensitive information via a crafted Chrome Extension. |
Affected by 0 other vulnerabilities. |
|
VCID-p276-3a8y-cufb
Aliases: CVE-2021-21161 |
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-qqgy-jq6s-2fdx
Aliases: CVE-2021-21166 |
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-r61m-5sjk-bfc2
Aliases: CVE-2021-21168 |
Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-rx5t-5ddd-ffdh
Aliases: CVE-2021-21178 |
Inappropriate implementation in Compositing in Google Chrome on Linux and Windows prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-sw4y-j4hx-1qgn
Aliases: CVE-2021-21158 |
Rejected reason: Further investigation determines issue is not within scope of this CNA |
Affected by 0 other vulnerabilities. |
|
VCID-xbpa-kahw-nydn
Aliases: CVE-2021-21167 |
Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-xqba-epsv-gucr
Aliases: CVE-2021-21170 |
Incorrect security UI in Loader in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-yrs9-6e48-3kap
Aliases: CVE-2021-21177 |
Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. |
Affected by 0 other vulnerabilities. |
|
VCID-ys2m-rjtx-jba2
Aliases: CVE-2021-21187 |
Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1ztz-et4b-ykac | Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script. |
CVE-2021-21156
|
| VCID-418m-7z2s-pqhb | Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. |
CVE-2021-21151
|
| VCID-5rq3-mc2m-zkff | Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
CVE-2021-21155
|
| VCID-ad9h-kq98-1fhj | Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. |
CVE-2021-21153
|
| VCID-brb8-2nc5-2ua4 | Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
CVE-2021-21154
|
| VCID-e11f-mmd7-pket | Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
CVE-2021-21150
|
| VCID-f5gm-31bw-9bhh | Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
CVE-2021-21157
|
| VCID-pj12-wm8p-8qcf | Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
CVE-2021-21152
|
| VCID-ya42-nbx1-nfaf | Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. |
CVE-2021-21149
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-31T11:36:40.274942+00:00 | Arch Linux Importer | Affected by | VCID-sw4y-j4hx-1qgn | https://security.archlinux.org/AVG-1632 | 37.0.0 |
| 2025-07-31T11:36:40.248172+00:00 | Arch Linux Importer | Affected by | VCID-bvsa-6ey4-zudq | https://security.archlinux.org/AVG-1632 | 37.0.0 |
| 2025-07-31T11:36:40.226274+00:00 | Arch Linux Importer | Fixing | VCID-ya42-nbx1-nfaf | https://security.archlinux.org/AVG-1584 | 37.0.0 |
| 2025-07-31T11:36:40.199956+00:00 | Arch Linux Importer | Fixing | VCID-e11f-mmd7-pket | https://security.archlinux.org/AVG-1584 | 37.0.0 |
| 2025-07-31T11:36:40.172899+00:00 | Arch Linux Importer | Fixing | VCID-418m-7z2s-pqhb | https://security.archlinux.org/AVG-1584 | 37.0.0 |
| 2025-07-31T11:36:40.146404+00:00 | Arch Linux Importer | Fixing | VCID-pj12-wm8p-8qcf | https://security.archlinux.org/AVG-1584 | 37.0.0 |
| 2025-07-31T11:36:40.118583+00:00 | Arch Linux Importer | Fixing | VCID-ad9h-kq98-1fhj | https://security.archlinux.org/AVG-1584 | 37.0.0 |
| 2025-07-31T11:36:40.092621+00:00 | Arch Linux Importer | Fixing | VCID-brb8-2nc5-2ua4 | https://security.archlinux.org/AVG-1584 | 37.0.0 |
| 2025-07-31T11:36:40.064818+00:00 | Arch Linux Importer | Fixing | VCID-5rq3-mc2m-zkff | https://security.archlinux.org/AVG-1584 | 37.0.0 |
| 2025-07-31T11:36:40.038888+00:00 | Arch Linux Importer | Fixing | VCID-1ztz-et4b-ykac | https://security.archlinux.org/AVG-1584 | 37.0.0 |
| 2025-07-31T11:36:40.013689+00:00 | Arch Linux Importer | Fixing | VCID-f5gm-31bw-9bhh | https://security.archlinux.org/AVG-1584 | 37.0.0 |
| 2025-07-31T11:36:39.254967+00:00 | Arch Linux Importer | Affected by | VCID-jzjf-jjcg-euak | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:39.226605+00:00 | Arch Linux Importer | Affected by | VCID-ghnv-8w4d-hue2 | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:39.201927+00:00 | Arch Linux Importer | Affected by | VCID-atmb-w8qs-83h8 | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:39.177241+00:00 | Arch Linux Importer | Affected by | VCID-p276-3a8y-cufb | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:39.149570+00:00 | Arch Linux Importer | Affected by | VCID-4329-zjq8-x3gq | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:39.124882+00:00 | Arch Linux Importer | Affected by | VCID-9hxw-zdvr-6kdv | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:39.099602+00:00 | Arch Linux Importer | Affected by | VCID-anpg-fjv5-g7f4 | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:39.074456+00:00 | Arch Linux Importer | Affected by | VCID-qqgy-jq6s-2fdx | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:39.048453+00:00 | Arch Linux Importer | Affected by | VCID-xbpa-kahw-nydn | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:39.022919+00:00 | Arch Linux Importer | Affected by | VCID-r61m-5sjk-bfc2 | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.995167+00:00 | Arch Linux Importer | Affected by | VCID-1kfu-n9e4-q3ez | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.968455+00:00 | Arch Linux Importer | Affected by | VCID-xqba-epsv-gucr | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.941820+00:00 | Arch Linux Importer | Affected by | VCID-e9tm-be66-67g1 | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.915242+00:00 | Arch Linux Importer | Affected by | VCID-fwat-e616-87d4 | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.888684+00:00 | Arch Linux Importer | Affected by | VCID-9695-um8s-a3bn | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.861566+00:00 | Arch Linux Importer | Affected by | VCID-hjf6-x46y-t7bj | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.834343+00:00 | Arch Linux Importer | Affected by | VCID-g919-h6wc-pua3 | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.805142+00:00 | Arch Linux Importer | Affected by | VCID-jyxz-sqx6-j3hh | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.779223+00:00 | Arch Linux Importer | Affected by | VCID-yrs9-6e48-3kap | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.753429+00:00 | Arch Linux Importer | Affected by | VCID-rx5t-5ddd-ffdh | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.727759+00:00 | Arch Linux Importer | Affected by | VCID-734c-saez-tudk | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.701929+00:00 | Arch Linux Importer | Affected by | VCID-9rbe-9db4-duc1 | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.675781+00:00 | Arch Linux Importer | Affected by | VCID-aczg-awnj-tqeg | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.646623+00:00 | Arch Linux Importer | Affected by | VCID-6try-9m7m-cyf2 | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.619708+00:00 | Arch Linux Importer | Affected by | VCID-57dx-wk5v-rube | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.594852+00:00 | Arch Linux Importer | Affected by | VCID-b1g2-74yg-7fhs | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.567731+00:00 | Arch Linux Importer | Affected by | VCID-ns21-tx1t-c7em | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.542079+00:00 | Arch Linux Importer | Affected by | VCID-2k3c-518s-wkbj | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.517015+00:00 | Arch Linux Importer | Affected by | VCID-ys2m-rjtx-jba2 | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.491818+00:00 | Arch Linux Importer | Affected by | VCID-j4m7-mg48-2bh5 | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.466058+00:00 | Arch Linux Importer | Affected by | VCID-g5d9-faky-gqa9 | https://security.archlinux.org/AVG-1631 | 37.0.0 |
| 2025-07-31T11:36:38.438859+00:00 | Arch Linux Importer | Affected by | VCID-e7xu-wceh-7qgu | https://security.archlinux.org/AVG-1631 | 37.0.0 |