Google releases Chrome stable channel 91.0.4472.77 update to fix several high-severity vulnerabilities
Hello everyone,
Chrome stable channel has been updated to 91.0.4472.77 for Windows, macOS, and Linux. This update comes with fixes for several high severity vulnerabilities. The details of the vulnerabilities fixed are as follows:
| CVE ID | Vulnerability | Severity |
| CVE-2021-30521 | Heap buffer overflow in Autofill | High |
| CVE-2021-30522 | Use after free in WebAudio | High |
| CVE-2021-30523 | Use after free in WebRTC | High |
| CVE-2021-30524 | Use after free in TabStrip | High |
| CVE-2021-30525 | Use after free in TabGroups | High |
| CVE-2021-30526 | Out of bounds write in TabStrip | High |
| CVE-2021-30527 | Use after free in WebUI | High |
| CVE-2021-30528 | Use after free in WebAuthentication | High |
| CVE-2021-30529 | Use after free in Bookmarks | Medium |
| CVE-2021-30530 | Out of bounds memory access in WebAudio | Medium |
| CVE-2021-30531 | Insufficient policy enforcement in Content Security Policy | Medium |
| CVE-2021-30532 | Insufficient policy enforcement in Content Security Policy | Medium |
| CVE-2021-30533 | Insufficient policy enforcement in PopupBlocker | Medium |
| CVE-2021-30534 | Insufficient policy enforcement in iFrameSandbox | Medium |
| CVE-2021-30535 | Double free in ICU | Medium |
| CVE-2021-30536 | Out of bounds read in V8 | Low |
| CVE-2021-30537 | Insufficient policy enforcement in cookies | Low |
| CVE-2021-30538 | Insufficient policy enforcement in content security policy | Low |
| CVE-2021-30539 | Insufficient policy enforcement in content security policy | Low |
| CVE-2021-30540 | Incorrect security UI in payments | Low |
| CVE-2021-21212 | Insufficient data validation in networking | Medium |
| Patch ID | Bulletin ID | Patch Description |
| 319762 | TU-017 | Google Chrome (91.0.4472.77) |
| 319763 | TU-017 | Google Chrome (x64) (91.0.4472.77) |
Cheers,
The ManageEngine Team