CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
96.9%
Severity: Critical
Date : 2021-06-15
CVE-ID : CVE-2021-30544 CVE-2021-30545 CVE-2021-30546 CVE-2021-30547
CVE-2021-30548 CVE-2021-30549 CVE-2021-30550 CVE-2021-30551
CVE-2021-30552 CVE-2021-30553
Package : chromium
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-2057
The package chromium before version 91.0.4472.101-1 is vulnerable to
multiple issues including arbitrary code execution and incorrect
calculation.
Upgrade to 91.0.4472.101-1.
The problems have been fixed upstream in version 91.0.4472.101.
None.
A use after free security issue has been found in the BFCache component
of the Chromium browser before version 91.0.4472.101.
A use after free security issue has been found in the Extensions
component of the Chromium browser before version 91.0.4472.101.
A use after free security issue has been found in the Autofill
component of the Chromium browser before version 91.0.4472.101.
An out of bounds write security issue has been found in the ANGLE
component of the Chromium browser before version 91.0.4472.101.
A use after free security issue has been found in the Loader component
of the Chromium browser before version 91.0.4472.101.
A use after free security issue has been found in the Spell check
component of the Chromium browser before version 91.0.4472.101.
A use after free security issue has been found in the Accessibility
component of the Chromium browser before version 91.0.4472.101.
A type confusion security issue has been found in the V8 component of
the Chromium browser before version 91.0.4472.101. Google is aware that
an exploit for CVE-2021-30551 exists in the wild.
A use after free security issue has been found in the Extensions
component of the Chromium browser before version 91.0.4472.101.
A use after free security issue has been found in the Network service
component of the Chromium browser before version 91.0.4472.101.
A remote attacker could execute arbitrary code through a crafted web
page or extension. Google is aware that an exploit for one of the
security issues exists in the wild.
https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html
https://crbug.com/1212618
https://crbug.com/1201031
https://crbug.com/1206911
https://crbug.com/1210414
https://crbug.com/1210487
https://crbug.com/1212498
https://crbug.com/1212500
https://crbug.com/1216437
https://crbug.com/1200679
https://crbug.com/1209769
https://security.archlinux.org/CVE-2021-30544
https://security.archlinux.org/CVE-2021-30545
https://security.archlinux.org/CVE-2021-30546
https://security.archlinux.org/CVE-2021-30547
https://security.archlinux.org/CVE-2021-30548
https://security.archlinux.org/CVE-2021-30549
https://security.archlinux.org/CVE-2021-30550
https://security.archlinux.org/CVE-2021-30551
https://security.archlinux.org/CVE-2021-30552
https://security.archlinux.org/CVE-2021-30553
chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html
crbug.com/1200679
crbug.com/1201031
crbug.com/1206911
crbug.com/1209769
crbug.com/1210414
crbug.com/1210487
crbug.com/1212498
crbug.com/1212500
crbug.com/1212618
crbug.com/1216437
security.archlinux.org/AVG-2057
security.archlinux.org/CVE-2021-30544
security.archlinux.org/CVE-2021-30545
security.archlinux.org/CVE-2021-30546
security.archlinux.org/CVE-2021-30547
security.archlinux.org/CVE-2021-30548
security.archlinux.org/CVE-2021-30549
security.archlinux.org/CVE-2021-30550
security.archlinux.org/CVE-2021-30551
security.archlinux.org/CVE-2021-30552
security.archlinux.org/CVE-2021-30553
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
96.9%