FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-16 19:33:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
fd5f305d-2d3d-11e4-aa3d-00262d5ed8ee	chromium -- multiple vulnerabilities Google Chrome Releases reports: 50 security fixes in this release, including: [386988] Critical CVE-2014-3176, CVE-2014-3177: A special reward to lokihardt@asrt for a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox. [369860] High CVE-2014-3168: Use-after-free in SVG. Credit to cloudfuzzer. [387389] High CVE-2014-3169: Use-after-free in DOM. Credit to Andrzej Dyjak. [390624] High CVE-2014-3170: Extension permission dialog spoofing. Credit to Rob Wu. [390928] High CVE-2014-3171: Use-after-free in bindings. Credit to cloudfuzzer. [367567] Medium CVE-2014-3172: Issue related to extension debugging. Credit to Eli Grey. [376951] Medium CVE-2014-3173: Uninitialized memory read in WebGL. Credit to jmuizelaar. [389219] Medium CVE-2014-3174: Uninitialized memory read in Web Audio. Credit to Atte Kettunen from OUSPG. [406143] CVE-2014-3175: Various fixes from internal audits, fuzzing and other initiatives (Chrome 37). Discovery 2014-08-26 Entry 2014-08-26 chromium < 37.0.2062.94 CVE-2014-3168 CVE-2014-3169 CVE-2014-3170 CVE-2014-3171 CVE-2014-3172 CVE-2014-3173 CVE-2014-3174 CVE-2014-3175 CVE-2014-3176 CVE-2014-3177 http://googlechromereleases.blogspot.nl/

VuXML ID

Description

fd5f305d-2d3d-11e4-aa3d-00262d5ed8ee

chromium -- multiple vulnerabilities

Google Chrome Releases reports:

50 security fixes in this release, including:

[386988] Critical CVE-2014-3176, CVE-2014-3177: A special reward to lokihardt@asrt for a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox.

[369860] High CVE-2014-3168: Use-after-free in SVG. Credit to cloudfuzzer.

[387389] High CVE-2014-3169: Use-after-free in DOM. Credit to Andrzej Dyjak.

[390624] High CVE-2014-3170: Extension permission dialog spoofing. Credit to Rob Wu.

[390928] High CVE-2014-3171: Use-after-free in bindings. Credit to cloudfuzzer.

[367567] Medium CVE-2014-3172: Issue related to extension debugging. Credit to Eli Grey.

[376951] Medium CVE-2014-3173: Uninitialized memory read in WebGL. Credit to jmuizelaar.

[389219] Medium CVE-2014-3174: Uninitialized memory read in Web Audio. Credit to Atte Kettunen from OUSPG.

[406143] CVE-2014-3175: Various fixes from internal audits, fuzzing and other initiatives (Chrome 37).

Discovery 2014-08-26
Entry 2014-08-26
chromium

< 37.0.2062.94

CVE-2014-3168
CVE-2014-3169
CVE-2014-3170
CVE-2014-3171
CVE-2014-3172
CVE-2014-3173
CVE-2014-3174
CVE-2014-3175
CVE-2014-3176
CVE-2014-3177
http://googlechromereleases.blogspot.nl/