VuXML ID | Description |
80815c47-e84f-11ee-8e76-a8a1599412c6 | chromium -- multiple security fixes
Chrome Releases reports:
This update includes 12 security fixes:
- [327740539] High CVE-2024-2625: Object lifecycle issue in V8. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2024-03-01
- [40945098] Medium CVE-2024-2626: Out of bounds read in Swiftshader. Reported by Cassidy Kim(@cassidy6564) on 2023-11-22
- [41493290] Medium CVE-2024-2627: Use after free in Canvas. Reported by Anonymous on 2024-01-21
- [41487774] Medium CVE-2024-2628: Inappropriate implementation in Downloads. Reported by Ath3r1s on 2024-01-03
- [41487721] Medium CVE-2024-2629: Incorrect security UI in iOS. Reported by Muneaki Nishimura (nishimunea) on 2024-01-02
- [41481877] Medium CVE-2024-2630: Inappropriate implementation in iOS. Reported by James Lee (@Windowsrcer) on 2023-12-07
- [41495878] Low CVE-2024-2631: Inappropriate implementation in iOS. Reported by Ramit Gangwar on 2024-01-29
Discovery 2024-03-19 Entry 2024-03-22 chromium
< 123.0.6312.58
ungoogled-chromium
< 123.0.6312.58
CVE-2024-2625
CVE-2024-2626
CVE-2024-2627
CVE-2024-2628
CVE-2024-2629
CVE-2024-2630
CVE-2024-2631
https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html
|
2a470712-d351-11ee-86bb-a8a1599412c6 | chromium -- multiple security fixes
Chrome Releases reports:
This update includes 12 security fixes:
- [41495060] High CVE-2024-1669: Out of bounds memory access in Blink. Reported by Anonymous on 2024-01-26
- [41481374] High CVE-2024-1670: Use after free in Mojo. Reported by Cassidy Kim(@cassidy6564) on 2023-12-06
- [41487933] Medium CVE-2024-1671: Inappropriate implementation in Site Isolation. Reported by Harry Chen on 2024-01-03
- [41485789] Medium CVE-2024-1672: Inappropriate implementation in Content Security Policy. Reported by Georg Felber (TU Wien) & Marco Squarcina (TU Wien) on 2023-12-19
- [41490491] Medium CVE-2024-1673: Use after free in Accessibility. Reported by Weipeng Jiang (@Krace) of VRI on 2024-01-11
- [40095183] Medium CVE-2024-1674: Inappropriate implementation in Navigation. Reported by David Erceg on 2019-05-27
- [41486208] Medium CVE-2024-1675: Insufficient policy enforcement in Download. Reported by BartÃ
Âomiej Wacko on 2023-12-21
- [40944847] Low CVE-2024-1676: Inappropriate implementation in Navigation. Reported by Khalil Zhani on 2023-11-21
Discovery 2024-02-20 Entry 2024-02-24 chromium
< 122.0.6261.57
ungoogled-chromium
< 122.0.6261.57
https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html
|
814af1be-ec63-11ee-8e76-a8a1599412c6 | chromium -- multiple security fixes
Chrome Releases reports:
This update includes 7 security fixes:
- [327807820] Critical CVE-2024-2883: Use after free in ANGLE. Reported by Cassidy Kim(@cassidy6564) on 2024-03-03
- [328958020] High CVE-2024-2885: Use after free in Dawn. Reported by wgslfuzz on 2024-03-11
- [330575496] High CVE-2024-2886: Use after free in WebCodecs. Reported by Seunghyun Lee (@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024 on 2024-03-21
- [330588502] High CVE-2024-2887: Type Confusion in WebAssembly. Reported by Manfred Paul, via Pwn2Own 2024 on 2024-03-21
Discovery 2024-03-26 Entry 2024-03-27 chromium
< 123.0.6312.86
ungoogled-chromium
< 123.0.6312.86
CVE-2024-2883
CVE-2024-2885
CVE-2024-2886
CVE-2024-2887
https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html
|
dc9e5237-c197-11ee-86bb-a8a1599412c6 | chromium -- multiple security fixes
Chrome Releases reports:
This update includes 4 security fixes:
- [1511567] High CVE-2024-1060: Use after free in Canvas. Reported by Anonymous on 2023-12-14
- [1514777] High CVE-2024-1059: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-12-29
- [1511085] High CVE-2024-1077: Use after free in Network. Reported by Microsoft Security Research Center on 2023-12-13
Discovery 2024-01-30 Entry 2024-02-02 chromium
< 121.0.6167.139
ungoogled-chromium
< 121.0.6167.139
qt5-webengine
< 5.15.16.p5_5
qt6-webengine
< 6.6.1_5
CVE-2024-1060
CVE-2024-1059
CVE-2024-1077
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html
|
fd3401a1-b6df-4577-917a-2c22fee99d34 | chromium -- multiple security fixes
Chrome Releases reports:
This update includes 3 security fixes:
- [325893559] High CVE-2024-2173: Out of bounds memory access in V8. Reported by 5fceb6172bbf7e2c5a948183b53565b9 on 2024-02-19
- [325866363] High CVE-2024-2174: Inappropriate implementation in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be8 on 2024-02-19
- [325936438] High CVE-2024-2176: Use after free in FedCM. Reported by Anonymous on 2024-02-20
Discovery 2024-03-05 Entry 2024-03-06 chromium
< 122.0.6261.111
ungoogled-chromium
< 122.0.6261.111
CVE-2024-2173
CVE-2024-2174
CVE-2024-2176
https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html
|
4edbea45-cb0c-11ee-86bb-a8a1599412c6 | chromium -- security fix
Chrome Releases reports:
This update includes 1 security fix.
Discovery 2024-02-13 Entry 2024-02-14 chromium
< 121.0.6167.184
ungoogled-chromium
< 121.0.6167.184
https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_13.html
|
19047673-c680-11ee-86bb-a8a1599412c6 | chromium -- multiple security fixes
Chrome Releases reports:
This update includes 3 security fixes:
- [41494539] High CVE-2024-1284: Use after free in Mojo. Reported by Anonymous on 2024-01-25
- [41494860] High CVE-2024-1283: Heap buffer overflow in Skia. Reported by Jorge Buzeti (@r3tr074) on 2024-01-25
Discovery 2024-02-06 Entry 2024-02-08 chromium
< 121.0.6167.160
ungoogled-chromium
< 121.0.6167.160
qt5-webengine
< 5.15.16.p5_5
qt6-webengine
< 6.6.1_5
CVE-2024-1284
CVE-2024-1283
https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html
|
31bb1b8d-d6dc-11ee-86bb-a8a1599412c6 | chromium -- multiple security fixes
Chrome Releases reports:
This update includes 4 security fixes:
- [324596281] High CVE-2024-1938: Type Confusion in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be8 on 2024-02-11
- [323694592] High CVE-2024-1939: Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2024-02-05
Discovery 2024-02-27 Entry 2024-02-29 chromium
< 122.0.6261.94
ungoogled-chromium
< 122.0.6261.94
CVE-2024-1938
CVE-2024-1939
https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_27.html
|