Upstream information

CVE-2021-30571 at MITRE

Description

Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

No SUSE Bugzilla entries cross referenced.

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Package Hub 15 SP3
  • chromedriver >= 92.0.4515.131-bp153.2.19.1
  • chromium >= 92.0.4515.131-bp153.2.19.1
Patchnames:
openSUSE-2021-1144
openSUSE Leap 15.2
  • chromedriver >= 92.0.4515.131-lp152.2.116.1
  • chromium >= 92.0.4515.131-lp152.2.116.1
Patchnames:
openSUSE-2021-1131
openSUSE Leap 15.3
  • chromedriver >= 92.0.4515.131-bp153.2.19.1
  • chromium >= 92.0.4515.131-bp153.2.19.1
Patchnames:
openSUSE-2021-1144
openSUSE Leap 15.4
  • chromium >= 101.0.4951.64-bp154.1.2
Patchnames:
openSUSE Leap 15.4 GA chromium-101.0.4951.64-bp154.1.2
openSUSE Tumbleweed
  • chromedriver >= 93.0.4577.82-1.1
  • chromium >= 93.0.4577.82-1.1
  • ungoogled-chromium >= 113.0.5672.92-1.1
  • ungoogled-chromium-chromedriver >= 113.0.5672.92-1.1
Patchnames:
openSUSE-Tumbleweed-2024-10681
openSUSE-Tumbleweed-2024-12948


SUSE Timeline for this CVE

CVE page created: Wed Jul 21 23:02:53 2021
CVE page last modified: Tue Sep 3 19:20:25 2024