VulnerableCode Package Details - pkg:alpm/archlinux/chromium@89.0.4389.72-1

Search for packages

Package details: pkg:alpm/archlinux/chromium@89.0.4389.72-1

Essentials
History (34)

purl	pkg:alpm/archlinux/chromium@89.0.4389.72-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (34)

Vulnerability	Summary	Aliases
VCID-1kfu-n9e4-q3ez	Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.	CVE-2021-21169
VCID-2k3c-518s-wkbj	Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code.	CVE-2021-21186
VCID-4329-zjq8-x3gq	Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21162
VCID-57dx-wk5v-rube	Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	CVE-2021-21183
VCID-6try-9m7m-cyf2	Insufficient policy enforcement in navigations in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.	CVE-2021-21182
VCID-734c-saez-tudk	Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21179
VCID-9695-um8s-a3bn	Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	CVE-2021-21173
VCID-9hxw-zdvr-6kdv	Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server.	CVE-2021-21163
VCID-9rbe-9db4-duc1	Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21180
VCID-aczg-awnj-tqeg	Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.	CVE-2021-21181
VCID-anpg-fjv5-g7f4	Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21165
VCID-atmb-w8qs-83h8	Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21160
VCID-b1g2-74yg-7fhs	Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	CVE-2021-21184
VCID-bvsa-6ey4-zudq	Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	CVE-2021-21164
VCID-e7xu-wceh-7qgu	Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.	CVE-2021-21190
VCID-e9tm-be66-67g1	Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	CVE-2021-21171
VCID-fwat-e616-87d4	Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 89.0.4389.72 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.	CVE-2021-21172
VCID-g5d9-faky-gqa9	Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.	CVE-2021-21189
VCID-g919-h6wc-pua3	Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.	CVE-2021-21175
VCID-ghnv-8w4d-hue2	Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21159
VCID-hjf6-x46y-t7bj	Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.	CVE-2021-21174
VCID-j4m7-mg48-2bh5	Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21188
VCID-jyxz-sqx6-j3hh	Inappropriate implementation in full screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	CVE-2021-21176
VCID-jzjf-jjcg-euak	A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.	CVE-2020-27844
VCID-ns21-tx1t-c7em	Insufficient policy enforcement in extensions in Google Chrome prior to 89.0.4389.72 allowed an attacker who convinced a user to install a malicious extension to obtain sensitive information via a crafted Chrome Extension.	CVE-2021-21185
VCID-p276-3a8y-cufb	Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21161
VCID-qqgy-jq6s-2fdx	Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21166
VCID-r61m-5sjk-bfc2	Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.	CVE-2021-21168
VCID-rx5t-5ddd-ffdh	Inappropriate implementation in Compositing in Google Chrome on Linux and Windows prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	CVE-2021-21178
VCID-sw4y-j4hx-1qgn	Rejected reason: Further investigation determines issue is not within scope of this CNA	CVE-2021-21158
VCID-xbpa-kahw-nydn	Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-21167
VCID-xqba-epsv-gucr	Incorrect security UI in Loader in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.	CVE-2021-21170
VCID-yrs9-6e48-3kap	Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.	CVE-2021-21177
VCID-ys2m-rjtx-jba2	Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.	CVE-2021-21187

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-31T11:36:40.279583+00:00	Arch Linux Importer	Fixing	VCID-sw4y-j4hx-1qgn	https://security.archlinux.org/AVG-1632	37.0.0
2025-07-31T11:36:40.252762+00:00	Arch Linux Importer	Fixing	VCID-bvsa-6ey4-zudq	https://security.archlinux.org/AVG-1632	37.0.0
2025-07-31T11:36:39.259770+00:00	Arch Linux Importer	Fixing	VCID-jzjf-jjcg-euak	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:39.231519+00:00	Arch Linux Importer	Fixing	VCID-ghnv-8w4d-hue2	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:39.206644+00:00	Arch Linux Importer	Fixing	VCID-atmb-w8qs-83h8	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:39.182066+00:00	Arch Linux Importer	Fixing	VCID-p276-3a8y-cufb	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:39.154235+00:00	Arch Linux Importer	Fixing	VCID-4329-zjq8-x3gq	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:39.129423+00:00	Arch Linux Importer	Fixing	VCID-9hxw-zdvr-6kdv	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:39.104435+00:00	Arch Linux Importer	Fixing	VCID-anpg-fjv5-g7f4	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:39.079292+00:00	Arch Linux Importer	Fixing	VCID-qqgy-jq6s-2fdx	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:39.053251+00:00	Arch Linux Importer	Fixing	VCID-xbpa-kahw-nydn	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:39.027983+00:00	Arch Linux Importer	Fixing	VCID-r61m-5sjk-bfc2	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:39.000226+00:00	Arch Linux Importer	Fixing	VCID-1kfu-n9e4-q3ez	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.973496+00:00	Arch Linux Importer	Fixing	VCID-xqba-epsv-gucr	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.946916+00:00	Arch Linux Importer	Fixing	VCID-e9tm-be66-67g1	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.920241+00:00	Arch Linux Importer	Fixing	VCID-fwat-e616-87d4	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.893666+00:00	Arch Linux Importer	Fixing	VCID-9695-um8s-a3bn	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.866727+00:00	Arch Linux Importer	Fixing	VCID-hjf6-x46y-t7bj	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.839893+00:00	Arch Linux Importer	Fixing	VCID-g919-h6wc-pua3	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.810222+00:00	Arch Linux Importer	Fixing	VCID-jyxz-sqx6-j3hh	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.784265+00:00	Arch Linux Importer	Fixing	VCID-yrs9-6e48-3kap	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.758400+00:00	Arch Linux Importer	Fixing	VCID-rx5t-5ddd-ffdh	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.732696+00:00	Arch Linux Importer	Fixing	VCID-734c-saez-tudk	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.706648+00:00	Arch Linux Importer	Fixing	VCID-9rbe-9db4-duc1	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.680774+00:00	Arch Linux Importer	Fixing	VCID-aczg-awnj-tqeg	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.651587+00:00	Arch Linux Importer	Fixing	VCID-6try-9m7m-cyf2	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.624586+00:00	Arch Linux Importer	Fixing	VCID-57dx-wk5v-rube	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.599487+00:00	Arch Linux Importer	Fixing	VCID-b1g2-74yg-7fhs	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.572842+00:00	Arch Linux Importer	Fixing	VCID-ns21-tx1t-c7em	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.546750+00:00	Arch Linux Importer	Fixing	VCID-2k3c-518s-wkbj	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.521794+00:00	Arch Linux Importer	Fixing	VCID-ys2m-rjtx-jba2	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.496412+00:00	Arch Linux Importer	Fixing	VCID-j4m7-mg48-2bh5	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.470609+00:00	Arch Linux Importer	Fixing	VCID-g5d9-faky-gqa9	https://security.archlinux.org/AVG-1631	37.0.0
2025-07-31T11:36:38.444627+00:00	Arch Linux Importer	Fixing	VCID-e7xu-wceh-7qgu	https://security.archlinux.org/AVG-1631	37.0.0