Chrome Releases reports:
This release includes 16 security fixes, including:
- [1148749] High CVE-2021-21106: Use after free in autofill.
Reported by Weipeng Jiang (@Krace) from Codesafe Team of
Legendsec at Qi'anxin Group on 2020-11-13
- [1153595] High CVE-2021-21107: Use after free in drag and
drop. Reported by Leecraso and Guang Gong of 360 Alpha Lab on
2020-11-30
- [1155426] High CVE-2021-21108: Use after free in media.
Reported by Leecraso and Guang Gong of 360 Alpha Lab on
2020-12-04
- [1152334] High CVE-2021-21109: Use after free in payments.
Reported by Rong Jian and Guang Gong of 360 Alpha Lab on
2020-11-24
- [1152451] High CVE-2021-21110: Use after free in safe
browsing. Reported by Anonymous on 2020-11-24
- [1149125] High CVE-2021-21111: Insufficient policy enforcement
in WebUI. Reported by Alesandro Ortiz on 2020-11-15
- [1151298] High CVE-2021-21112: Use after free in Blink.
Reported by YoungJoo Lee(@ashuu_lee) of Raon Whitehat on
2020-11-20
- [1155178] High CVE-2021-21113: Heap buffer overflow in Skia.
Reported by tsubmunu on 2020-12-03
- [1148309] High CVE-2020-16043: Insufficient data validation in
networking. Reported by Samy Kamkar, Ben Seri at Armis, Gregory
Vishnepolsky at Armis on 2020-11-12
- [1150065] High CVE-2021-21114: Use after free in audio.
Reported by Man Yue Mo of GitHub Security Lab on 2020-11-17
- [1157790] High CVE-2020-15995: Out of bounds write in V8.
Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu
Lab on 2020-12-11
- [1157814] High CVE-2021-21115: Use after free in safe browsing.
Reported by Leecraso and Guang Gong of 360 Alpha Lab on
2020-12-11
- [1151069] Medium CVE-2021-21116: Heap buffer overflow in audio.
Reported by Alison Huffman, Microsoft Browser Vulnerability
Research on 2020-11-19