FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a692bffe-b6ad-11e7-a1c2-e8e0b747a45a	chromium -- multiple vulnerabilities Google Chrome Releases reports: 35 security fixes in this release, including: [762930] High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07 [749147] High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26 [760455] High CVE-2017-5126: Use after free in PDFium. Reported by Luat Nguyen on KeenLab, Tencent on 2017-08-30 [765384] High CVE-2017-5127: Use after free in PDFium. Reported by Luat Nguyen on KeenLab, Tencent on 2017-09-14 [765469] High CVE-2017-5128: Heap overflow in WebGL. Reported by Omair on 2017-09-14 [765495] High CVE-2017-5129: Use after free in WebAudio. Reported by Omair on 2017-09-15 [718858] High CVE-2017-5132: Incorrect stack manipulation in WebAssembly. Reported by Gaurav Dewan of Adobe Systems India Pvt. Ltd. on 2017-05-05 [722079] High CVE-2017-5130: Heap overflow in libxml2. Reported by Pranjal Jumde on 2017-05-14 [744109] Medium CVE-2017-5131: Out of bounds write in Skia. Reported by Anonymous on 2017-07-16 [762106] Medium CVE-2017-5133: Out of bounds write in Skia. Reported by Aleksandar Nikolic of Cisco Talos on 2017-09-05 [752003] Medium CVE-2017-15386: UI spoofing in Blink. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-08-03 [756040] Medium CVE-2017-15387: Content security bypass. Reported by Jun Kokatsu on 2017-08-16 [756563] Medium CVE-2017-15388: Out of bounds read in Skia. Reported by Kushal Arvind Shah of Fortinet's FortiGuard Labs on 2017-08-17 [739621] Medium CVE-2017-15389: URL spoofing in Omnibox. Reported by xisigr of Tencent's Xuanwu Lab on 2017-07-06 [750239] Medium CVE-2017-15390: URL spoofing in Omnibox. Reported by Haosheng Wang on 2017-07-28 [598265] Low CVE-2017-15391: Extension limitation bypass in Extensions. Reported by Joao Lucas Melo Brasio on 2016-03-28 [714401] Low CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. Reported by Xiaoyin Liu on 2017-04-22 [732751] Low CVE-2017-15393: Referrer leak in Devtools. Reported by Svyat Mitin on 2017-06-13 [745580] Low CVE-2017-15394: URL spoofing in extensions UI. Reported by Sam on 2017-07-18 [759457] Low CVE-2017-15395: Null pointer dereference in ImageCapture. Reported by Johannes Bergman on 2017-08-28 [775550] Various fixes from internal audits, fuzzing and other initiatives Discovery 2017-10-17 Entry 2017-10-21 chromium < 62.0.3202.62 CVE-2017-5124 CVE-2017-5125 CVE-2017-5126 CVE-2017-5127 CVE-2017-5128 CVE-2017-5129 CVE-2017-5132 CVE-2017-5130 CVE-2017-5131 CVE-2017-5133 CVE-2017-15386 CVE-2017-15387 CVE-2017-15388 CVE-2017-15389 CVE-2017-15390 CVE-2017-15391 CVE-2017-15392 CVE-2017-15393 CVE-2017-15394 CVE-2017-15395 https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html

VuXML ID

Description

a692bffe-b6ad-11e7-a1c2-e8e0b747a45a

chromium -- multiple vulnerabilities

Google Chrome Releases reports:

35 security fixes in this release, including:

[762930] High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07

[749147] High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26

[760455] High CVE-2017-5126: Use after free in PDFium. Reported by Luat Nguyen on KeenLab, Tencent on 2017-08-30

[765384] High CVE-2017-5127: Use after free in PDFium. Reported by Luat Nguyen on KeenLab, Tencent on 2017-09-14

[765469] High CVE-2017-5128: Heap overflow in WebGL. Reported by Omair on 2017-09-14

[765495] High CVE-2017-5129: Use after free in WebAudio. Reported by Omair on 2017-09-15

[718858] High CVE-2017-5132: Incorrect stack manipulation in WebAssembly. Reported by Gaurav Dewan of Adobe Systems India Pvt. Ltd. on 2017-05-05

[722079] High CVE-2017-5130: Heap overflow in libxml2. Reported by Pranjal Jumde on 2017-05-14

[744109] Medium CVE-2017-5131: Out of bounds write in Skia. Reported by Anonymous on 2017-07-16

[762106] Medium CVE-2017-5133: Out of bounds write in Skia. Reported by Aleksandar Nikolic of Cisco Talos on 2017-09-05

[752003] Medium CVE-2017-15386: UI spoofing in Blink. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-08-03

[756040] Medium CVE-2017-15387: Content security bypass. Reported by Jun Kokatsu on 2017-08-16

[756563] Medium CVE-2017-15388: Out of bounds read in Skia. Reported by Kushal Arvind Shah of Fortinet's FortiGuard Labs on 2017-08-17

[739621] Medium CVE-2017-15389: URL spoofing in Omnibox. Reported by xisigr of Tencent's Xuanwu Lab on 2017-07-06

[750239] Medium CVE-2017-15390: URL spoofing in Omnibox. Reported by Haosheng Wang on 2017-07-28

[598265] Low CVE-2017-15391: Extension limitation bypass in Extensions. Reported by Joao Lucas Melo Brasio on 2016-03-28

[714401] Low CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. Reported by Xiaoyin Liu on 2017-04-22

[732751] Low CVE-2017-15393: Referrer leak in Devtools. Reported by Svyat Mitin on 2017-06-13

[745580] Low CVE-2017-15394: URL spoofing in extensions UI. Reported by Sam on 2017-07-18

[759457] Low CVE-2017-15395: Null pointer dereference in ImageCapture. Reported by Johannes Bergman on 2017-08-28

[775550] Various fixes from internal audits, fuzzing and other initiatives

Discovery 2017-10-17
Entry 2017-10-21
chromium

< 62.0.3202.62

CVE-2017-5124
CVE-2017-5125
CVE-2017-5126
CVE-2017-5127
CVE-2017-5128
CVE-2017-5129
CVE-2017-5132
CVE-2017-5130
CVE-2017-5131
CVE-2017-5133
CVE-2017-15386
CVE-2017-15387
CVE-2017-15388
CVE-2017-15389
CVE-2017-15390
CVE-2017-15391
CVE-2017-15392
CVE-2017-15393
CVE-2017-15394
CVE-2017-15395
https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html