FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 21:13:12 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
fd3401a1-b6df-4577-917a-2c22fee99d34	chromium -- multiple security fixes Chrome Releases reports: This update includes 3 security fixes: [325893559] High CVE-2024-2173: Out of bounds memory access in V8. Reported by 5fceb6172bbf7e2c5a948183b53565b9 on 2024-02-19 [325866363] High CVE-2024-2174: Inappropriate implementation in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be8 on 2024-02-19 [325936438] High CVE-2024-2176: Use after free in FedCM. Reported by Anonymous on 2024-02-20 Discovery 2024-03-05 Entry 2024-03-06 chromium < 122.0.6261.111 ungoogled-chromium < 122.0.6261.111 CVE-2024-2173 CVE-2024-2174 CVE-2024-2176 https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html
814af1be-ec63-11ee-8e76-a8a1599412c6	chromium -- multiple security fixes Chrome Releases reports: This update includes 7 security fixes: [327807820] Critical CVE-2024-2883: Use after free in ANGLE. Reported by Cassidy Kim(@cassidy6564) on 2024-03-03 [328958020] High CVE-2024-2885: Use after free in Dawn. Reported by wgslfuzz on 2024-03-11 [330575496] High CVE-2024-2886: Use after free in WebCodecs. Reported by Seunghyun Lee (@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024 on 2024-03-21 [330588502] High CVE-2024-2887: Type Confusion in WebAssembly. Reported by Manfred Paul, via Pwn2Own 2024 on 2024-03-21 Discovery 2024-03-26 Entry 2024-03-27 chromium < 123.0.6312.86 ungoogled-chromium < 123.0.6312.86 CVE-2024-2883 CVE-2024-2885 CVE-2024-2886 CVE-2024-2887 https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html
80815c47-e84f-11ee-8e76-a8a1599412c6	chromium -- multiple security fixes Chrome Releases reports: This update includes 12 security fixes: [327740539] High CVE-2024-2625: Object lifecycle issue in V8. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2024-03-01 [40945098] Medium CVE-2024-2626: Out of bounds read in Swiftshader. Reported by Cassidy Kim(@cassidy6564) on 2023-11-22 [41493290] Medium CVE-2024-2627: Use after free in Canvas. Reported by Anonymous on 2024-01-21 [41487774] Medium CVE-2024-2628: Inappropriate implementation in Downloads. Reported by Ath3r1s on 2024-01-03 [41487721] Medium CVE-2024-2629: Incorrect security UI in iOS. Reported by Muneaki Nishimura (nishimunea) on 2024-01-02 [41481877] Medium CVE-2024-2630: Inappropriate implementation in iOS. Reported by James Lee (@Windowsrcer) on 2023-12-07 [41495878] Low CVE-2024-2631: Inappropriate implementation in iOS. Reported by Ramit Gangwar on 2024-01-29 Discovery 2024-03-19 Entry 2024-03-22 chromium < 123.0.6312.58 ungoogled-chromium < 123.0.6312.58 CVE-2024-2625 CVE-2024-2626 CVE-2024-2627 CVE-2024-2628 CVE-2024-2629 CVE-2024-2630 CVE-2024-2631 https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html

VuXML ID

Description

fd3401a1-b6df-4577-917a-2c22fee99d34

chromium -- multiple security fixes

Chrome Releases reports:

This update includes 3 security fixes:

[325893559] High CVE-2024-2173: Out of bounds memory access in V8. Reported by 5fceb6172bbf7e2c5a948183b53565b9 on 2024-02-19

[325866363] High CVE-2024-2174: Inappropriate implementation in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be8 on 2024-02-19

[325936438] High CVE-2024-2176: Use after free in FedCM. Reported by Anonymous on 2024-02-20

Discovery 2024-03-05
Entry 2024-03-06
chromium

< 122.0.6261.111

ungoogled-chromium

< 122.0.6261.111

CVE-2024-2173
CVE-2024-2174
CVE-2024-2176
https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html

814af1be-ec63-11ee-8e76-a8a1599412c6

chromium -- multiple security fixes

Chrome Releases reports:

This update includes 7 security fixes:

[327807820] Critical CVE-2024-2883: Use after free in ANGLE. Reported by Cassidy Kim(@cassidy6564) on 2024-03-03

[328958020] High CVE-2024-2885: Use after free in Dawn. Reported by wgslfuzz on 2024-03-11

[330575496] High CVE-2024-2886: Use after free in WebCodecs. Reported by Seunghyun Lee (@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024 on 2024-03-21

[330588502] High CVE-2024-2887: Type Confusion in WebAssembly. Reported by Manfred Paul, via Pwn2Own 2024 on 2024-03-21

Discovery 2024-03-26
Entry 2024-03-27
chromium

< 123.0.6312.86

ungoogled-chromium

< 123.0.6312.86

CVE-2024-2883
CVE-2024-2885
CVE-2024-2886
CVE-2024-2887
https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html

80815c47-e84f-11ee-8e76-a8a1599412c6

chromium -- multiple security fixes

Chrome Releases reports:

This update includes 12 security fixes:

[327740539] High CVE-2024-2625: Object lifecycle issue in V8. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2024-03-01

[40945098] Medium CVE-2024-2626: Out of bounds read in Swiftshader. Reported by Cassidy Kim(@cassidy6564) on 2023-11-22

[41493290] Medium CVE-2024-2627: Use after free in Canvas. Reported by Anonymous on 2024-01-21

[41487774] Medium CVE-2024-2628: Inappropriate implementation in Downloads. Reported by Ath3r1s on 2024-01-03

[41487721] Medium CVE-2024-2629: Incorrect security UI in iOS. Reported by Muneaki Nishimura (nishimunea) on 2024-01-02

[41481877] Medium CVE-2024-2630: Inappropriate implementation in iOS. Reported by James Lee (@Windowsrcer) on 2023-12-07

[41495878] Low CVE-2024-2631: Inappropriate implementation in iOS. Reported by Ramit Gangwar on 2024-01-29

Discovery 2024-03-19
Entry 2024-03-22
chromium

< 123.0.6312.58

ungoogled-chromium

< 123.0.6312.58

CVE-2024-2625
CVE-2024-2626
CVE-2024-2627
CVE-2024-2628
CVE-2024-2629
CVE-2024-2630
CVE-2024-2631
https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html