[ GLSA 202107-06 ] Chromium, Google Chrome

[GLSA]

Gentoo Linux Security Advisory

Title: Chromium, Google Chrome: Multiple vulnerabilities (GLSA 202107-06)
Severity: high
Exploitable: remote
Date: 2021-07-06
Bug(s): #789420, #792084, #795204, #796338, #796521
ID: 202107-06

Synopsis

Multiple vulnerabillities have been found in Chromium and Google
Chrome, the worst of which could allow remote attackers to execute
arbitrary code.


Background

Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web.
Google Chrome is one fast, simple, and secure browser for all your
devices.


Affected Packages

Package: www-client/google-chrome
Vulnerable: < 91.0.4472.114
Unaffected: >= 91.0.4472.114
Architectures: All supported architectures

Package: www-client/chromium
Vulnerable: < 91.0.4472.114
Unaffected: >= 91.0.4472.114
Architectures: All supported architectures


Description

Multiple vulnerabilities have been discovered in Chromium and Google
Chrome. Please review the CVE identifiers referenced below for details.


Impact

A remote attacker could execute arbitrary code, escalate privileges,
obtain sensitive information, spoof a URL or cause a Denial of Service
condition.


Workaround

There is no known workaround at this time.

Resolution

All Google Chrome users should upgrade to the latest version: