Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP2 package libqt5-qtwebengine, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (29)
CVE-2021-21146 — CVSS 9.6 (critical): Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to…
CVE-2021-21132 — CVSS 9.6 (critical): Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox…
CVE-2021-21121 — CVSS 9.6 (critical): Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape…
CVE-2021-21150 — CVSS 9.6 (critical): Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer…
CVE-2021-21122 — CVSS 8.8 (high): Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21127 — CVSS 8.8 (high): Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security…
CVE-2021-21128 — CVSS 8.8 (high): Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21157 — CVSS 8.8 (high): Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap…
CVE-2021-21118 — CVSS 8.8 (high): Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds…
CVE-2021-21119 — CVSS 8.8 (high): Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to…
CVE-2021-21120 — CVSS 8.8 (high): Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21145 — CVSS 8.8 (high): Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21149 — CVSS 8.8 (high): Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds…
CVE-2021-21152 — CVSS 8.8 (high): Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap…
CVE-2021-21153 — CVSS 8.8 (high): Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out…
CVE-2021-21156 — CVSS 8.8 (high): Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2020-16044 — CVSS 8.8 (high): Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a…
CVE-2021-21125 — CVSS 8.1 (high): Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass…
CVE-2021-21140 — CVSS 6.8 (medium): Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access…
CVE-2021-21129 — CVSS 6.5 (medium): Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem…
CVE-2021-21141 — CVSS 6.5 (medium): Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file…
CVE-2021-21131 — CVSS 6.5 (medium): Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem…
CVE-2021-21126 — CVSS 6.5 (medium): Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via…
CVE-2021-21135 — CVSS 6.5 (medium): Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data…
CVE-2021-21137 — CVSS 6.5 (medium): Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive…
CVE-2021-21130 — CVSS 6.5 (medium): Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem…
CVE-2021-21123 — CVSS 6.5 (medium): Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem…
CVE-2021-21147 — CVSS 4.3 (medium): Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox…