CVE-2021-21197

Beschreibung:
Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CWE: CWE-787 CWE-400

CVSS-Bewertung
CVSS 2: MEDIUM – 6.8 (Version: 2.0)
CVSS 3: HIGH – 8.8 (Version: 3.1)

Links:

NVD – CVE-2021-21197
CVE – CVE-2021-21197

Link (max. 20) Quelle Tags
https://crbug.com/1173903 MISC Permissions Required Vendor Advisory Vendor Advisory
https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html MISC Release Notes Vendor Advisory Third Party Advisory
GLSA-202104-08 GENTOO Mailing List Vendor Advisory
FEDORA-2021-c3754414e7 FEDORA Mailing List Vendor Advisory
FEDORA-2021-ff893e12c5 FEDORA Mailing List Vendor Advisory
[pulsar-commits] 20210420 [GitHub] [pulsar] merlimat merged pull request #10287: [Security] Upgrade commons-io to address CVE-2021-29425 MLIST Mailing List Vendor Advisory
[creadur-dev] 20210427 [jira] [Created] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity MLIST Mailing List Vendor Advisory
[creadur-dev] 20210427 [jira] [Commented] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity MLIST Mailing List Vendor Advisory
[creadur-dev] 20210427 [jira] [Closed] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity MLIST Mailing List Vendor Advisory
[creadur-dev] 20210427 [jira] [Updated] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity MLIST Mailing List Vendor Advisory
[pulsar-commits] 20210429 [pulsar] branch branch-2.7 updated: [Security] Upgrade commons-io to address CVE-2021-29425 (#10287) MLIST Mailing List Third Party Advisory
[myfaces-dev] 20210504 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #808: build: CVE fix MLIST Mailing List Third Party Advisory Vendor Advisory

Quelle: NVD – CVE-2021-21197
Datum Veröffentlichung: 2021-04-09T22:15Z, Datum letzte Änderung: 2021-05-12T08:15Z