Risk
High
Patch available
YES
Number of vulnerabilities
18
CVE-ID
CVE-2021-38005CVE-2021-38006CVE-2021-38007CVE-2021-38008CVE-2021-38009CVE-2021-38010CVE-2021-38011CVE-2021-38012CVE-2021-38013CVE-2021-38014CVE-2021-38015CVE-2021-38016CVE-2021-38017CVE-2021-38018CVE-2021-38019CVE-2021-38020CVE-2021-38021CVE-2021-38022
CWE-ID
CWE-416CWE-843CWE-358CWE-122CWE-787CWE-264
Exploitation vector
Network
Public exploit
N/A
Vulnerable softwareSubscribe
Arch LinuxOperating systems & Components / Operating system
Vendor
Arch Linux
Security Bulletin
This security bulletin contains information about 18 vulnerabilities.
1) Use-after-free
EUVDB-ID: #VU58159
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-38005
CWE-ID: CWE-416 - Use After Free
Exploit availability: No
Description
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the loader component in Google Chrome. A remote attacker can create a specially crafted web page, trick the victim into visiting it, ..
Support the originator by clicking the read the rest link below.