{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for chromium","title":"Title of the patch"},{"category":"description","text":"This update for chromium fixes the following issues:\n\nUpdate to 89.0.4389.72 (boo#1182358, boo#1182960):\n\n- CVE-2021-21159: Heap buffer overflow in TabStrip.\n- CVE-2021-21160: Heap buffer overflow in WebAudio.\n- CVE-2021-21161: Heap buffer overflow in TabStrip.\n- CVE-2021-21162: Use after free in WebRTC.\n- CVE-2021-21163: Insufficient data validation in Reader Mode.\n- CVE-2021-21164: Insufficient data validation in Chrome for iOS.\n- CVE-2021-21165: Object lifecycle issue in audio.\n- CVE-2021-21166: Object lifecycle issue in audio.\n- CVE-2021-21167: Use after free in bookmarks.\n- CVE-2021-21168: Insufficient policy enforcement in appcache.\n- CVE-2021-21169: Out of bounds memory access in V8.\n- CVE-2021-21170: Incorrect security UI in Loader.\n- CVE-2021-21171: Incorrect security UI in TabStrip and Navigation.\n- CVE-2021-21172: Insufficient policy enforcement in File System API.\n- CVE-2021-21173: Side-channel information leakage in Network Internals.\n- CVE-2021-21174: Inappropriate implementation in Referrer.\n- CVE-2021-21175: Inappropriate implementation in Site isolation.\n- CVE-2021-21176: Inappropriate implementation in full screen mode.\n- CVE-2021-21177: Insufficient policy enforcement in Autofill.\n- CVE-2021-21178: Inappropriate implementation in Compositing.\n- CVE-2021-21179: Use after free in Network Internals.\n- CVE-2021-21180: Use after free in tab search.\n- CVE-2020-27844: Heap buffer overflow in OpenJPEG.\n- CVE-2021-21181: Side-channel information leakage in autofill.\n- CVE-2021-21182: Insufficient policy enforcement in navigations.\n- CVE-2021-21183: Inappropriate implementation in performance APIs.\n- CVE-2021-21184: Inappropriate implementation in performance APIs.\n- CVE-2021-21185: Insufficient policy enforcement in extensions.\n- CVE-2021-21186: Insufficient policy enforcement in QR scanning.\n- CVE-2021-21187: Insufficient data validation in URL formatting.\n- CVE-2021-21188: Use after free in Blink.\n- CVE-2021-21189: Insufficient policy enforcement in payments.\n- CVE-2021-21190: Uninitialized Use in PDFium.\n- CVE-2021-21149: Stack overflow in Data Transfer.\n- CVE-2021-21150: Use after free in Downloads.\n- CVE-2021-21151: Use after free in Payments.\n- CVE-2021-21152: Heap buffer overflow in Media.\n- CVE-2021-21153: Stack overflow in GPU Process. \n- CVE-2021-21154: Heap buffer overflow in Tab Strip.\n- CVE-2021-21155: Heap buffer overflow in Tab Strip.\n- CVE-2021-21156: Heap buffer overflow in V8.\n- CVE-2021-21157: Use after free in Web Sockets.  \n- Fixed Sandbox with glibc 2.33 (boo#1182233)\n- Fixed an issue where chromium hangs on opening (boo#1182775).\n\nThis update was imported from the openSUSE:Leap:15.2:Update update project.","title":"Description of the patch"},{"category":"details","text":"openSUSE-2021-401","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0401-1.json"},{"category":"self","summary":"URL for openSUSE-SU-2021:0401-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/F5HQTB6OX4JN5OFGWK6KZIS4UD7TGBXF/"},{"category":"self","summary":"E-Mail link for openSUSE-SU-2021:0401-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/F5HQTB6OX4JN5OFGWK6KZIS4UD7TGBXF/"},{"category":"self","summary":"SUSE Bug 1182233","url":"https://bugzilla.suse.com/1182233"},{"category":"self","summary":"SUSE Bug 1182358","url":"https://bugzilla.suse.com/1182358"},{"category":"self","summary":"SUSE Bug 1182775","url":"https://bugzilla.suse.com/1182775"},{"category":"self","summary":"SUSE CVE CVE-2020-27844 page","url":"https://www.suse.com/security/cve/CVE-2020-27844/"},{"category":"self","summary":"SUSE CVE CVE-2021-21149 page","url":"https://www.suse.com/security/cve/CVE-2021-21149/"},{"category":"self","summary":"SUSE CVE CVE-2021-21150 page","url":"https://www.suse.com/security/cve/CVE-2021-21150/"},{"category":"self","summary":"SUSE CVE CVE-2021-21151 page","url":"https://www.suse.com/security/cve/CVE-2021-21151/"},{"category":"self","summary":"SUSE CVE CVE-2021-21152 page","url":"https://www.suse.com/security/cve/CVE-2021-21152/"},{"category":"self","summary":"SUSE CVE CVE-2021-21153 page","url":"https://www.suse.com/security/cve/CVE-2021-21153/"},{"category":"self","summary":"SUSE CVE CVE-2021-21154 page","url":"https://www.suse.com/security/cve/CVE-2021-21154/"},{"category":"self","summary":"SUSE CVE CVE-2021-21155 page","url":"https://www.suse.com/security/cve/CVE-2021-21155/"},{"category":"self","summary":"SUSE CVE CVE-2021-21156 page","url":"https://www.suse.com/security/cve/CVE-2021-21156/"},{"category":"self","summary":"SUSE CVE CVE-2021-21157 page","url":"https://www.suse.com/security/cve/CVE-2021-21157/"},{"category":"self","summary":"SUSE CVE CVE-2021-21159 page","url":"https://www.suse.com/security/cve/CVE-2021-21159/"},{"category":"self","summary":"SUSE CVE CVE-2021-21160 page","url":"https://www.suse.com/security/cve/CVE-2021-21160/"},{"category":"self","summary":"SUSE CVE CVE-2021-21161 page","url":"https://www.suse.com/security/cve/CVE-2021-21161/"},{"category":"self","summary":"SUSE CVE CVE-2021-21162 page","url":"https://www.suse.com/security/cve/CVE-2021-21162/"},{"category":"self","summary":"SUSE CVE CVE-2021-21163 page","url":"https://www.suse.com/security/cve/CVE-2021-21163/"},{"category":"self","summary":"SUSE CVE CVE-2021-21164 page","url":"https://www.suse.com/security/cve/CVE-2021-21164/"},{"category":"self","summary":"SUSE CVE CVE-2021-21165 page","url":"https://www.suse.com/security/cve/CVE-2021-21165/"},{"category":"self","summary":"SUSE CVE CVE-2021-21166 page","url":"https://www.suse.com/security/cve/CVE-2021-21166/"},{"category":"self","summary":"SUSE CVE CVE-2021-21167 page","url":"https://www.suse.com/security/cve/CVE-2021-21167/"},{"category":"self","summary":"SUSE CVE CVE-2021-21168 page","url":"https://www.suse.com/security/cve/CVE-2021-21168/"},{"category":"self","summary":"SUSE CVE CVE-2021-21169 page","url":"https://www.suse.com/security/cve/CVE-2021-21169/"},{"category":"self","summary":"SUSE CVE CVE-2021-21170 page","url":"https://www.suse.com/security/cve/CVE-2021-21170/"},{"category":"self","summary":"SUSE CVE CVE-2021-21171 page","url":"https://www.suse.com/security/cve/CVE-2021-21171/"},{"category":"self","summary":"SUSE CVE CVE-2021-21172 page","url":"https://www.suse.com/security/cve/CVE-2021-21172/"},{"category":"self","summary":"SUSE CVE CVE-2021-21173 page","url":"https://www.suse.com/security/cve/CVE-2021-21173/"},{"category":"self","summary":"SUSE CVE CVE-2021-21174 page","url":"https://www.suse.com/security/cve/CVE-2021-21174/"},{"category":"self","summary":"SUSE CVE CVE-2021-21175 page","url":"https://www.suse.com/security/cve/CVE-2021-21175/"},{"category":"self","summary":"SUSE CVE CVE-2021-21176 page","url":"https://www.suse.com/security/cve/CVE-2021-21176/"},{"category":"self","summary":"SUSE CVE CVE-2021-21177 page","url":"https://www.suse.com/security/cve/CVE-2021-21177/"},{"category":"self","summary":"SUSE CVE CVE-2021-21178 page","url":"https://www.suse.com/security/cve/CVE-2021-21178/"},{"category":"self","summary":"SUSE CVE CVE-2021-21179 page","url":"https://www.suse.com/security/cve/CVE-2021-21179/"},{"category":"self","summary":"SUSE CVE CVE-2021-21180 page","url":"https://www.suse.com/security/cve/CVE-2021-21180/"},{"category":"self","summary":"SUSE CVE CVE-2021-21181 page","url":"https://www.suse.com/security/cve/CVE-2021-21181/"},{"category":"self","summary":"SUSE CVE CVE-2021-21182 page","url":"https://www.suse.com/security/cve/CVE-2021-21182/"},{"category":"self","summary":"SUSE CVE CVE-2021-21183 page","url":"https://www.suse.com/security/cve/CVE-2021-21183/"},{"category":"self","summary":"SUSE CVE CVE-2021-21184 page","url":"https://www.suse.com/security/cve/CVE-2021-21184/"},{"category":"self","summary":"SUSE CVE CVE-2021-21185 page","url":"https://www.suse.com/security/cve/CVE-2021-21185/"},{"category":"self","summary":"SUSE CVE CVE-2021-21186 page","url":"https://www.suse.com/security/cve/CVE-2021-21186/"},{"category":"self","summary":"SUSE CVE CVE-2021-21187 page","url":"https://www.suse.com/security/cve/CVE-2021-21187/"},{"category":"self","summary":"SUSE CVE CVE-2021-21188 page","url":"https://www.suse.com/security/cve/CVE-2021-21188/"},{"category":"self","summary":"SUSE CVE CVE-2021-21189 page","url":"https://www.suse.com/security/cve/CVE-2021-21189/"},{"category":"self","summary":"SUSE CVE CVE-2021-21190 page","url":"https://www.suse.com/security/cve/CVE-2021-21190/"}],"title":"Security update for chromium","tracking":{"current_release_date":"2021-03-09T19:05:08Z","generator":{"date":"2021-03-09T19:05:08Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"openSUSE-SU-2021:0401-1","initial_release_date":"2021-03-09T19:05:08Z","revision_history":[{"date":"2021-03-09T19:05:08Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","product":{"name":"chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","product_id":"chromedriver-89.0.4389.72-bp152.2.62.1.aarch64"}},{"category":"product_version","name":"chromium-89.0.4389.72-bp152.2.62.1.aarch64","product":{"name":"chromium-89.0.4389.72-bp152.2.62.1.aarch64","product_id":"chromium-89.0.4389.72-bp152.2.62.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","product":{"name":"chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","product_id":"chromedriver-89.0.4389.72-bp152.2.62.1.x86_64"}},{"category":"product_version","name":"chromium-89.0.4389.72-bp152.2.62.1.x86_64","product":{"name":"chromium-89.0.4389.72-bp152.2.62.1.x86_64","product_id":"chromium-89.0.4389.72-bp152.2.62.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Package Hub 15 SP2","product":{"name":"SUSE Package Hub 15 SP2","product_id":"SUSE Package Hub 15 SP2"}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"chromedriver-89.0.4389.72-bp152.2.62.1.aarch64 as component of SUSE Package Hub 15 SP2","product_id":"SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64"},"product_reference":"chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","relates_to_product_reference":"SUSE Package Hub 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"chromedriver-89.0.4389.72-bp152.2.62.1.x86_64 as component of SUSE Package Hub 15 SP2","product_id":"SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64"},"product_reference":"chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"chromium-89.0.4389.72-bp152.2.62.1.aarch64 as component of SUSE Package Hub 15 SP2","product_id":"SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64"},"product_reference":"chromium-89.0.4389.72-bp152.2.62.1.aarch64","relates_to_product_reference":"SUSE Package Hub 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"chromium-89.0.4389.72-bp152.2.62.1.x86_64 as component of SUSE Package Hub 15 SP2","product_id":"SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"},"product_reference":"chromium-89.0.4389.72-bp152.2.62.1.x86_64","relates_to_product_reference":"SUSE Package Hub 15 SP2"}]},"vulnerabilities":[{"cve":"CVE-2020-27844","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-27844"}],"notes":[{"category":"general","text":"A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-27844","url":"https://www.suse.com/security/cve/CVE-2020-27844"},{"category":"external","summary":"SUSE Bug 1180045 for CVE-2020-27844","url":"https://bugzilla.suse.com/1180045"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2020-27844","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2020-27844","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.1,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2020-27844"},{"cve":"CVE-2021-21149","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21149"}],"notes":[{"category":"general","text":"Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21149","url":"https://www.suse.com/security/cve/CVE-2021-21149"},{"category":"external","summary":"SUSE Bug 1182358 for CVE-2021-21149","url":"https://bugzilla.suse.com/1182358"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21149"},{"cve":"CVE-2021-21150","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21150"}],"notes":[{"category":"general","text":"Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21150","url":"https://www.suse.com/security/cve/CVE-2021-21150"},{"category":"external","summary":"SUSE Bug 1182358 for CVE-2021-21150","url":"https://bugzilla.suse.com/1182358"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":9.6,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21150"},{"cve":"CVE-2021-21151","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21151"}],"notes":[{"category":"general","text":"Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21151","url":"https://www.suse.com/security/cve/CVE-2021-21151"},{"category":"external","summary":"SUSE Bug 1182358 for CVE-2021-21151","url":"https://bugzilla.suse.com/1182358"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":9.6,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21151"},{"cve":"CVE-2021-21152","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21152"}],"notes":[{"category":"general","text":"Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21152","url":"https://www.suse.com/security/cve/CVE-2021-21152"},{"category":"external","summary":"SUSE Bug 1182358 for CVE-2021-21152","url":"https://bugzilla.suse.com/1182358"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21152"},{"cve":"CVE-2021-21153","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21153"}],"notes":[{"category":"general","text":"Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21153","url":"https://www.suse.com/security/cve/CVE-2021-21153"},{"category":"external","summary":"SUSE Bug 1182358 for CVE-2021-21153","url":"https://bugzilla.suse.com/1182358"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21153"},{"cve":"CVE-2021-21154","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21154"}],"notes":[{"category":"general","text":"Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21154","url":"https://www.suse.com/security/cve/CVE-2021-21154"},{"category":"external","summary":"SUSE Bug 1182358 for CVE-2021-21154","url":"https://bugzilla.suse.com/1182358"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":9.6,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21154"},{"cve":"CVE-2021-21155","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21155"}],"notes":[{"category":"general","text":"Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21155","url":"https://www.suse.com/security/cve/CVE-2021-21155"},{"category":"external","summary":"SUSE Bug 1182358 for CVE-2021-21155","url":"https://bugzilla.suse.com/1182358"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":9.6,"baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21155"},{"cve":"CVE-2021-21156","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21156"}],"notes":[{"category":"general","text":"Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21156","url":"https://www.suse.com/security/cve/CVE-2021-21156"},{"category":"external","summary":"SUSE Bug 1182358 for CVE-2021-21156","url":"https://bugzilla.suse.com/1182358"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21156"},{"cve":"CVE-2021-21157","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21157"}],"notes":[{"category":"general","text":"Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21157","url":"https://www.suse.com/security/cve/CVE-2021-21157"},{"category":"external","summary":"SUSE Bug 1182358 for CVE-2021-21157","url":"https://bugzilla.suse.com/1182358"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21157"},{"cve":"CVE-2021-21159","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21159"}],"notes":[{"category":"general","text":"Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21159","url":"https://www.suse.com/security/cve/CVE-2021-21159"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21159","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21159","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21159"},{"cve":"CVE-2021-21160","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21160"}],"notes":[{"category":"general","text":"Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21160","url":"https://www.suse.com/security/cve/CVE-2021-21160"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21160","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21160","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21160"},{"cve":"CVE-2021-21161","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21161"}],"notes":[{"category":"general","text":"Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21161","url":"https://www.suse.com/security/cve/CVE-2021-21161"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21161","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21161","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21161"},{"cve":"CVE-2021-21162","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21162"}],"notes":[{"category":"general","text":"Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21162","url":"https://www.suse.com/security/cve/CVE-2021-21162"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21162","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21162","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21162"},{"cve":"CVE-2021-21163","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21163"}],"notes":[{"category":"general","text":"Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21163","url":"https://www.suse.com/security/cve/CVE-2021-21163"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21163","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21163","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21163"},{"cve":"CVE-2021-21164","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21164"}],"notes":[{"category":"general","text":"Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21164","url":"https://www.suse.com/security/cve/CVE-2021-21164"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21164","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21164","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"moderate"}],"title":"CVE-2021-21164"},{"cve":"CVE-2021-21165","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21165"}],"notes":[{"category":"general","text":"Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21165","url":"https://www.suse.com/security/cve/CVE-2021-21165"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21165","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21165","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21165"},{"cve":"CVE-2021-21166","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21166"}],"notes":[{"category":"general","text":"Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21166","url":"https://www.suse.com/security/cve/CVE-2021-21166"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21166","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21166","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21166"},{"cve":"CVE-2021-21167","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21167"}],"notes":[{"category":"general","text":"Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21167","url":"https://www.suse.com/security/cve/CVE-2021-21167"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21167","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21167","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21167"},{"cve":"CVE-2021-21168","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21168"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21168","url":"https://www.suse.com/security/cve/CVE-2021-21168"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21168","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21168","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21168"},{"cve":"CVE-2021-21169","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21169"}],"notes":[{"category":"general","text":"Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21169","url":"https://www.suse.com/security/cve/CVE-2021-21169"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21169","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21169","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21169"},{"cve":"CVE-2021-21170","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21170"}],"notes":[{"category":"general","text":"Incorrect security UI in Loader in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21170","url":"https://www.suse.com/security/cve/CVE-2021-21170"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21170","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21170","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21170"},{"cve":"CVE-2021-21171","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21171"}],"notes":[{"category":"general","text":"Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21171","url":"https://www.suse.com/security/cve/CVE-2021-21171"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21171","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21171","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21171"},{"cve":"CVE-2021-21172","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21172"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 89.0.4389.72 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21172","url":"https://www.suse.com/security/cve/CVE-2021-21172"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21172","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21172","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.1,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21172"},{"cve":"CVE-2021-21173","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21173"}],"notes":[{"category":"general","text":"Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21173","url":"https://www.suse.com/security/cve/CVE-2021-21173"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21173","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21173","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21173"},{"cve":"CVE-2021-21174","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21174"}],"notes":[{"category":"general","text":"Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21174","url":"https://www.suse.com/security/cve/CVE-2021-21174"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21174","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21174","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21174"},{"cve":"CVE-2021-21175","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21175"}],"notes":[{"category":"general","text":"Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21175","url":"https://www.suse.com/security/cve/CVE-2021-21175"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21175","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21175","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21175"},{"cve":"CVE-2021-21176","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21176"}],"notes":[{"category":"general","text":"Inappropriate implementation in full screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21176","url":"https://www.suse.com/security/cve/CVE-2021-21176"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21176","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21176","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21176"},{"cve":"CVE-2021-21177","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21177"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21177","url":"https://www.suse.com/security/cve/CVE-2021-21177"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21177","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21177","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21177"},{"cve":"CVE-2021-21178","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21178"}],"notes":[{"category":"general","text":"Inappropriate implementation in Compositing in Google Chrome on Linux and Windows prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21178","url":"https://www.suse.com/security/cve/CVE-2021-21178"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21178","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21178","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21178"},{"cve":"CVE-2021-21179","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21179"}],"notes":[{"category":"general","text":"Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21179","url":"https://www.suse.com/security/cve/CVE-2021-21179"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21179","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21179","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21179"},{"cve":"CVE-2021-21180","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21180"}],"notes":[{"category":"general","text":"Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21180","url":"https://www.suse.com/security/cve/CVE-2021-21180"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21180","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21180","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21180"},{"cve":"CVE-2021-21181","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21181"}],"notes":[{"category":"general","text":"Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21181","url":"https://www.suse.com/security/cve/CVE-2021-21181"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21181","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21181","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21181"},{"cve":"CVE-2021-21182","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21182"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in navigations in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21182","url":"https://www.suse.com/security/cve/CVE-2021-21182"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21182","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21182","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21182"},{"cve":"CVE-2021-21183","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21183"}],"notes":[{"category":"general","text":"Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21183","url":"https://www.suse.com/security/cve/CVE-2021-21183"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21183","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21183","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21183"},{"cve":"CVE-2021-21184","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21184"}],"notes":[{"category":"general","text":"Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21184","url":"https://www.suse.com/security/cve/CVE-2021-21184"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21184","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21184","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21184"},{"cve":"CVE-2021-21185","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21185"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in extensions in Google Chrome prior to 89.0.4389.72 allowed an attacker who convinced a user to install a malicious extension to obtain sensitive information via a crafted Chrome Extension.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21185","url":"https://www.suse.com/security/cve/CVE-2021-21185"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21185","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21185","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21185"},{"cve":"CVE-2021-21186","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21186"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21186","url":"https://www.suse.com/security/cve/CVE-2021-21186"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21186","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21186","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21186"},{"cve":"CVE-2021-21187","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21187"}],"notes":[{"category":"general","text":"Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21187","url":"https://www.suse.com/security/cve/CVE-2021-21187"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21187","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21187","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21187"},{"cve":"CVE-2021-21188","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21188"}],"notes":[{"category":"general","text":"Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21188","url":"https://www.suse.com/security/cve/CVE-2021-21188"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21188","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21188","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21188"},{"cve":"CVE-2021-21189","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21189"}],"notes":[{"category":"general","text":"Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21189","url":"https://www.suse.com/security/cve/CVE-2021-21189"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21189","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21189","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21189"},{"cve":"CVE-2021-21190","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-21190"}],"notes":[{"category":"general","text":"Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.","title":"CVE description"}],"product_status":{"recommended":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-21190","url":"https://www.suse.com/security/cve/CVE-2021-21190"},{"category":"external","summary":"SUSE Bug 1182960 for CVE-2021-21190","url":"https://bugzilla.suse.com/1182960"},{"category":"external","summary":"SUSE Bug 1183514 for CVE-2021-21190","url":"https://bugzilla.suse.com/1183514"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromedriver-89.0.4389.72-bp152.2.62.1.x86_64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.aarch64","SUSE Package Hub 15 SP2:chromium-89.0.4389.72-bp152.2.62.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-03-09T19:05:08Z","details":"important"}],"title":"CVE-2021-21190"}]}