Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2021:1016-1
HistoryJul 09, 2021 - 12:00 a.m.

Security update for libqt5-qtwebengine (important)

2021-07-0900:00:00
lists.opensuse.org
19

0.016 Low

EPSS

Percentile

87.6%

JSON

An update that fixes 29 vulnerabilities is now available.

Description:

This update for libqt5-qtwebengine fixes the following issues:

Update to version 5.15.3

CVE fixes backported in chromium updates:

  • CVE-2020-16044: Use after free in WebRTC
  • CVE-2021-21118: Heap buffer overflow in Blink
  • CVE-2021-21119: Use after free in Media
  • CVE-2021-21120: Use after free in WebSQL
  • CVE-2021-21121: Use after free in Omnibox
  • CVE-2021-21122: Use after free in Blink
  • CVE-2021-21123: Insufficient data validation in File System API
  • CVE-2021-21125: Insufficient policy enforcement in File System API
  • CVE-2021-21126: Insufficient policy enforcement in extensions
  • CVE-2021-21127: Insufficient policy enforcement in extensions
  • CVE-2021-21128: Heap buffer overflow in Blink
  • CVE-2021-21129: Insufficient policy enforcement in File System API
  • CVE-2021-21130: Insufficient policy enforcement in File System API
  • CVE-2021-21131: Insufficient policy enforcement in File System API
  • CVE-2021-21132: Inappropriate implementation in DevTools
  • CVE-2021-21135: Inappropriate implementation in Performance API
  • CVE-2021-21137: Inappropriate implementation in DevTools
  • CVE-2021-21140: Uninitialized Use in USB
  • CVE-2021-21141: Insufficient policy enforcement in File System API
  • CVE-2021-21145: Use after free in Fonts
  • CVE-2021-21146: Use after free in Navigation
  • CVE-2021-21147: Inappropriate implementation in Skia
  • CVE-2021-21148: Heap buffer overflow in V8
  • CVE-2021-21149: Stack overflow in Data Transfer
  • CVE-2021-21150: Use after free in Downloads
  • CVE-2021-21152: Heap buffer overflow in Media
  • CVE-2021-21153: Stack overflow in GPU Process
  • CVE-2021-21156: Heap buffer overflow in V8
  • CVE-2021-21157: Use after free in Web Sockets

This update was imported from the openSUSE:Leap:15.2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Backports SLE-15-SP2:

    zypper in -t patch openSUSE-2021-1016=1

Related

mageia 1
openvas 21
suse 9
fedora 5
kaspersky 9
nessus 24
gentoo 1
archlinux 4
chrome 3
osv 2
freebsd 4
debian 3
cve 13
prion 11
cvelist 12
debiancve 14
nvd 14
alpinelinux 11
mscve 14
ubuntucve 13
veracode 11
mageia
mageia
Updated qtwebengine5 packages fix security vulnerabilities
2021-08-15 11:38:04
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0406)
2022-01-28 00:00:00
openSUSE: Security Advisory for libqt5-qtwebengine (openSUSE-SU-2021:0973-1)
2021-07-13 00:00:00
openSUSE: Security Advisory for chromium (openSUSE-SU-2021:0173-1)
2021-04-16 00:00:00
suse
suse
Security update for libqt5-qtwebengine (important)
2021-07-06 00:00:00
Security update for chromium (important)
2021-01-29 00:00:00
Security update for chromium (important)
2021-01-27 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: chromium-88.0.4324.96-1.fc33
2021-01-24 01:30:29
[SECURITY] Fedora 32 Update: chromium-88.0.4324.96-1.fc32
2021-01-31 01:10:19
[SECURITY] Fedora 33 Update: chromium-88.0.4324.182-1.fc33
2021-02-28 17:27:09
kaspersky
kaspersky
KLA12049 Multiple vulnerabilities in Microsoft Browsers
2021-01-21 00:00:00
KLA12178 Multiple vulnerabilities in Opera
2021-02-03 00:00:00
KLA12048 Multiple vulnerabilities in Google Chrome
2021-01-19 00:00:00
nessus
nessus
Fedora 32 : chromium (2021-b7cc24375b)
2021-02-01 00:00:00
FreeBSD : chromium -- multiple vulnerabilities (4ed0e43c-5cef-11eb-bafd-3065ec8fd3ec)
2021-01-25 00:00:00
GLSA-202101-13 : Chromium, Google Chrome: Multiple vulnerabilities
2021-01-25 00:00:00
gentoo
gentoo
Chromium, Google Chrome: Multiple vulnerabilities
2021-01-22 00:00:00
archlinux
archlinux
[ASA-202102-5] opera: multiple issues
2021-02-06 00:00:00
[ASA-202102-4] vivaldi: multiple issues
2021-02-06 00:00:00
[ASA-202103-8] opera: arbitrary code execution
2021-03-13 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2021-01-19 00:00:00
Stable Channel Update for Desktop
2021-02-16 00:00:00
Stable Channel Update for Desktop
2021-02-02 00:00:00
osv
osv
chromium - security update
2021-02-07 00:00:00
chromium - security update
2021-02-19 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2021-01-19 00:00:00
chromium -- multiple vulnerabilities
2021-02-16 00:00:00
www/chromium -- multiple vulnerabilities
2021-02-02 00:00:00
debian
debian
[SECURITY] [DSA 4846-1] chromium security update
2021-02-07 19:07:28
[SECURITY] [DSA 4846-1] chromium security update
2021-02-07 19:07:28
[SECURITY] [DSA 4858-1] chromium security update
2021-02-20 02:29:52
cve
cve
CVE-2021-21130
2021-02-09 14:15:16
CVE-2021-21129
2021-02-09 14:15:16
CVE-2021-21118
2021-02-09 14:15:15
prion
prion
Design/Logic Flaw
2021-02-09 14:15:00
Double free
2021-02-09 15:15:00
Design/Logic Flaw
2021-02-09 14:15:00
cvelist
cvelist
CVE-2021-21126
2021-02-09 13:56:01
CVE-2021-21153
2021-02-22 21:20:35
CVE-2021-21129
2021-02-09 13:56:03
debiancve
debiancve
CVE-2021-21128
2021-02-09 14:15:16
CVE-2021-21135
2021-02-09 14:15:16
CVE-2021-21150
2021-02-22 22:15:12
nvd
nvd
CVE-2021-21135
2021-02-09 14:15:16
CVE-2021-21146
2021-02-09 15:15:13
CVE-2021-21147
2021-02-09 15:15:13
alpinelinux
alpinelinux
CVE-2021-21146
2021-02-09 15:15:13
CVE-2021-21119
2021-02-09 14:15:15
CVE-2021-21137
2021-02-09 14:15:16
mscve
mscve
Chromium CVE-2021-21119: Use after free in Media
2021-01-21 08:00:00
Chromium CVE-2021-21129: Insufficient policy enforcement in File System API
2021-01-21 08:00:00
Chromium: CVE-2021-21150 Use after free in Downloads
2021-02-17 23:31:00
ubuntucve
ubuntucve
CVE-2021-21119
2021-02-09 00:00:00
CVE-2021-21137
2021-02-09 00:00:00
CVE-2021-21156
2021-02-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2021-01-22 21:32:18
Inappropriate Implementation
2021-01-22 21:31:57
Arbitrary Code Execution
2021-02-10 05:23:19

0.016 Low

EPSS

Percentile

87.6%

JSON
Related for OPENSUSE-SU-2021:1016-1
mageia1openvas21suse9fedora5kaspersky9nessus24gentoo1archlinux4chrome3osv2freebsd4debian3cve13prion11cvelist12debiancve14nvd14alpinelinux11mscve14ubuntucve13veracode11