{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"87.0.4280.141-bp151.3.150.1","chromium":"87.0.4280.141-bp151.3.150.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP1","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"87.0.4280.141-bp151.3.150.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\n- Update to 87.0.4280.141 (boo#1180645)\n  - CVE-2021-21106: Use after free in autofill\n  - CVE-2021-21107: Use after free in drag and drop\n  - CVE-2021-21108: Use after free in media\n  - CVE-2021-21109: Use after free in payments\n  - CVE-2021-21110: Use after free in safe browsing\n  - CVE-2021-21111: Insufficient policy enforcement in WebUI\n  - CVE-2021-21112: Use after free in Blink\n  - CVE-2021-21113: Heap buffer overflow in Skia\n  - CVE-2020-16043: Insufficient data validation in networking\n  - CVE-2021-21114: Use after free in audio\n  - CVE-2020-15995: Out of bounds write in V8\n  - CVE-2021-21115: Use after free in safe browsing\n  - CVE-2021-21116: Heap buffer overflow in audio \n\n- Use main URLs instead of redirects in master preferences\n\nThis update was imported from the openSUSE:Leap:15.1:Update update project.","id":"openSUSE-SU-2021:0047-1","modified":"2021-01-11T13:24:56Z","published":"2021-01-11T13:24:56Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XRR7YCDCDGHTWIIOCJQ5NJ4K3G6W7TLQ/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1180645"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-15995"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-16043"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21106"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21107"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21108"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21109"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21110"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21111"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21112"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21113"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21114"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21115"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-21116"}],"related":["CVE-2020-15995","CVE-2020-16043","CVE-2021-21106","CVE-2021-21107","CVE-2021-21108","CVE-2021-21109","CVE-2021-21110","CVE-2021-21111","CVE-2021-21112","CVE-2021-21113","CVE-2021-21114","CVE-2021-21115","CVE-2021-21116"],"summary":"Security update for chromium","upstream":["CVE-2020-15995","CVE-2020-16043","CVE-2021-21106","CVE-2021-21107","CVE-2021-21108","CVE-2021-21109","CVE-2021-21110","CVE-2021-21111","CVE-2021-21112","CVE-2021-21113","CVE-2021-21114","CVE-2021-21115","CVE-2021-21116"]}