FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
555af074-22b9-11e8-9799-54ee754af08e	chromium -- vulnerability Google Chrome Releases reports: 45 security fixes in this release: [758848] High CVE-2017-11215: Use after free in Flash. Reported by JieZeng of Tencent Zhanlu Lab on 2017-08-25 [758863] High CVE-2017-11225: Use after free in Flash. Reported by JieZeng of Tencent Zhanlu Lab on 2017-08-25 [780919] High CVE-2018-6060: Use after free in Blink. Reported by Omair on 2017-11-02 [794091] High CVE-2018-6061: Race condition in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2017-12-12 [780104] High CVE-2018-6062: Heap buffer overflow in Skia. Reported by Anonymous on 2017-10-31 [789959] High CVE-2018-6057: Incorrect permissions on shared memory. Reported by Gal Beniamini of Google Project Zero on 2017-11-30 [792900] High CVE-2018-6063: Incorrect permissions on shared memory. Reported by Gal Beniamini of Google Project Zero on 2017-12-07 [798644] High CVE-2018-6064: Type confusion in V8. Reported by lokihardt of Google Project Zero on 2018-01-03 [808192] High CVE-2018-6065: Integer overflow in V8. Reported by Mark Brand of Google Project Zero on 2018-02-01 [799477] Medium CVE-2018-6066: Same Origin Bypass via canvas. Reported by Masato Kinugawa on 2018-01-05 [779428] Medium CVE-2018-6067: Buffer overflow in Skia. Reported by Ned Williamson on 2017-10-30 [779428] Medium CVE-2018-6067: Buffer overflow in Skia. Reported by Ned Williamson on 2017-10-30 [799918] Medium CVE-2018-6069: Stack buffer overflow in Skia. Reported by Wanglu and Yangkang(@dnpushme) of Qihoo360 Qex Team on 2018-01-08 [668645] Medium CVE-2018-6070: CSP bypass through extensions. Reported by Rob Wu on 2016-11-25 [777318] Medium CVE-2018-6071: Heap bufffer overflow in Skia. Reported by Anonymous on 2017-10-23 [791048] Medium CVE-2018-6072: Integer overflow in PDFium. Reported by Atte Kettunen of OUSPG on 2017-12-01 [804118] Medium CVE-2018-6073: Heap bufffer overflow in WebGL. Reported by Omair on 2018-01-20 [809759] Medium CVE-2018-6074: Mark-of-the-Web bypass. Reported by Abdulrahman Alqabandi (@qab) on 2018-02-06 [608669] Medium CVE-2018-6075: Overly permissive cross origin downloads. Reported by Inti De Ceukelaire (intigriti.com) on 2016-05-03 [758523] Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. Reported by Mateusz Krzeszowiec on 2017-08-24 [778506] Medium CVE-2018-6077: Timing attack using SVG filters. Reported by Khalil Zhani on 2017-10-26 [793628] Medium CVE-2018-6078: URL Spoof in OmniBox. Reported by Khalil Zhani on 2017-12-10 [788448] Medium CVE-2018-6079: Information disclosure via texture data in WebGL. Reported by Ivars Atteka on 2017-11-24 [792028] Medium CVE-2018-6080: Information disclosure in IPC call. Reported by Gal Beniamini of Google Project Zero on 2017-12-05 [797525] Low CVE-2018-6081: XSS in interstitials. Reported by Rob Wu on 2017-12-24 [767354] Low CVE-2018-6082: Circumvention of port blocking. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-09-21 [771709] Low CVE-2018-6083: Incorrect processing of AppManifests. Reported by Jun Kokatsu (@shhnjk) on 2017-10-04 Discovery 2016-05-03 Entry 2018-03-08 chromium < 65.0.3325.146 CVE-2017-11215 CVE-2017-11225 CVE-2018-6060 CVE-2018-6061 CVE-2018-6060 CVE-2018-6061 CVE-2018-6062 CVE-2018-6057 CVE-2018-6063 CVE-2018-6064 CVE-2018-6065 CVE-2018-6066 CVE-2018-6067 CVE-2018-6069 CVE-2018-6070 CVE-2018-6071 CVE-2018-6072 CVE-2018-6073 CVE-2018-6074 CVE-2018-6075 CVE-2018-6076 CVE-2018-6077 CVE-2018-6078 CVE-2018-6079 CVE-2018-6080 CVE-2018-6081 CVE-2018-6082 CVE-2018-6083 https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html

VuXML ID

Description

555af074-22b9-11e8-9799-54ee754af08e

chromium -- vulnerability

Google Chrome Releases reports:

45 security fixes in this release:

[758848] High CVE-2017-11215: Use after free in Flash. Reported by JieZeng of Tencent Zhanlu Lab on 2017-08-25

[758863] High CVE-2017-11225: Use after free in Flash. Reported by JieZeng of Tencent Zhanlu Lab on 2017-08-25

[780919] High CVE-2018-6060: Use after free in Blink. Reported by Omair on 2017-11-02

[794091] High CVE-2018-6061: Race condition in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2017-12-12

[780104] High CVE-2018-6062: Heap buffer overflow in Skia. Reported by Anonymous on 2017-10-31

[789959] High CVE-2018-6057: Incorrect permissions on shared memory. Reported by Gal Beniamini of Google Project Zero on 2017-11-30

[792900] High CVE-2018-6063: Incorrect permissions on shared memory. Reported by Gal Beniamini of Google Project Zero on 2017-12-07

[798644] High CVE-2018-6064: Type confusion in V8. Reported by lokihardt of Google Project Zero on 2018-01-03

[808192] High CVE-2018-6065: Integer overflow in V8. Reported by Mark Brand of Google Project Zero on 2018-02-01

[799477] Medium CVE-2018-6066: Same Origin Bypass via canvas. Reported by Masato Kinugawa on 2018-01-05

[779428] Medium CVE-2018-6067: Buffer overflow in Skia. Reported by Ned Williamson on 2017-10-30

[779428] Medium CVE-2018-6067: Buffer overflow in Skia. Reported by Ned Williamson on 2017-10-30

[799918] Medium CVE-2018-6069: Stack buffer overflow in Skia. Reported by Wanglu and Yangkang(@dnpushme) of Qihoo360 Qex Team on 2018-01-08

[668645] Medium CVE-2018-6070: CSP bypass through extensions. Reported by Rob Wu on 2016-11-25

[777318] Medium CVE-2018-6071: Heap bufffer overflow in Skia. Reported by Anonymous on 2017-10-23

[791048] Medium CVE-2018-6072: Integer overflow in PDFium. Reported by Atte Kettunen of OUSPG on 2017-12-01

[804118] Medium CVE-2018-6073: Heap bufffer overflow in WebGL. Reported by Omair on 2018-01-20

[809759] Medium CVE-2018-6074: Mark-of-the-Web bypass. Reported by Abdulrahman Alqabandi (@qab) on 2018-02-06

[608669] Medium CVE-2018-6075: Overly permissive cross origin downloads. Reported by Inti De Ceukelaire (intigriti.com) on 2016-05-03

[758523] Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. Reported by Mateusz Krzeszowiec on 2017-08-24

[778506] Medium CVE-2018-6077: Timing attack using SVG filters. Reported by Khalil Zhani on 2017-10-26

[793628] Medium CVE-2018-6078: URL Spoof in OmniBox. Reported by Khalil Zhani on 2017-12-10

[788448] Medium CVE-2018-6079: Information disclosure via texture data in WebGL. Reported by Ivars Atteka on 2017-11-24

[792028] Medium CVE-2018-6080: Information disclosure in IPC call. Reported by Gal Beniamini of Google Project Zero on 2017-12-05

[797525] Low CVE-2018-6081: XSS in interstitials. Reported by Rob Wu on 2017-12-24

[767354] Low CVE-2018-6082: Circumvention of port blocking. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-09-21

[771709] Low CVE-2018-6083: Incorrect processing of AppManifests. Reported by Jun Kokatsu (@shhnjk) on 2017-10-04

Discovery 2016-05-03
Entry 2018-03-08
chromium

< 65.0.3325.146

CVE-2017-11215
CVE-2017-11225
CVE-2018-6060
CVE-2018-6061
CVE-2018-6060
CVE-2018-6061
CVE-2018-6062
CVE-2018-6057
CVE-2018-6063
CVE-2018-6064
CVE-2018-6065
CVE-2018-6066
CVE-2018-6067
CVE-2018-6069
CVE-2018-6070
CVE-2018-6071
CVE-2018-6072
CVE-2018-6073
CVE-2018-6074
CVE-2018-6075
CVE-2018-6076
CVE-2018-6077
CVE-2018-6078
CVE-2018-6079
CVE-2018-6080
CVE-2018-6081
CVE-2018-6082
CVE-2018-6083
https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html