[FREEBSD:88754D55-521A-11EE-8290-A8A1599412C6] chromium -- multiple vulnerabilities
Severity
High
Affected Packages
2
CVEs
11
Chrome Releases reports:
This update includes 16 security fixes:
[1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP. Reported by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Torontoʼs Munk School on 2023-09-06
[1430867] Medium CVE-2023-4900: Inappropriate implementation in Custom Tabs. Reported by Levit Nudi from Kenya on 2023-04-06
[1459281] Medium CVE-2023-4901: Inappropriate implementation in Prompts. Reported by Kang Ali on 2023-06-29
[1454515] Medium CVE-2023-4902: Inappropriate implementation in Input. Reported by Axel Chong on 2023-06-14
[1446709] Medium CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs. Reported by Ahmed ElMasry on 2023-05-18
[1453501] Medium CVE-2023-4904: Insufficient policy enforcement in Downloads. Reported by Tudor Enache @tudorhacks on 2023-06-09
[1441228] Medium CVE-2023-4905: Inappropriate implementation in Prompts. Reported by Hafiizh on 2023-04-29
[1449874] Low CVE-2023-4906: Insufficient policy enforcement in Autofill. Reported by Ahmed ElMasry on 2023-05-30
[1462104] Low CVE-2023-4907: Inappropriate implementation in Intents. Reported by Mohit Raj (shadow2639) on 2023-07-04
[1451543] Low CVE-2023-4908: Inappropriate implementation in Picture in Picture. Reported by Axel Chong on 2023-06-06
[1463293] Low CVE-2023-4909: Inappropriate implementation in Interstitials. Reported by Axel Chong on 2023-07-09
Package | Affected Version |
---|---|
pkg:freebsd/ungoogled-chromium | < 117.0.5938.62 |
pkg:freebsd/chromium | < 117.0.5938.62 |
- ID
- FREEBSD:88754D55-521A-11EE-8290-A8A1599412C6
- Severity
- high
- Severity from
- CVE-2023-4863
- URL
- http://vuxml.freebsd.org/freebsd/88754d55-521a-11ee-8290-a8a1599412c6.html
- Published
-
2023-09-12T00:00:00
(12 months ago) - Modified
-
2023-09-13T00:00:00
(12 months ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
- ALAS2-2023-2290
- ALAS2-2023-2291
- ALAS2-2023-2337
- ALPINE:CVE-2023-4863
- ALSA-2023:5184
- ALSA-2023:5200
- ALSA-2023:5201
- ALSA-2023:5214
- ALSA-2023:5224
- ALSA-2023:5309
- CISA-2023:0913
- DSA-5496-1
- DSA-5497-1
- DSA-5497-2
- DSA-5498-1
- DSA-5499-1
- ELSA-2023-5184
- ELSA-2023-5191
- ELSA-2023-5197
- ELSA-2023-5200
- ELSA-2023-5201
- ELSA-2023-5214
- ELSA-2023-5224
- ELSA-2023-5309
- FEDORA-2023-3388038193
- FEDORA-2023-3bfb63f6d2
- FEDORA-2023-6bdc468df7
- FEDORA-2023-b427f54e68
- FEDORA-2023-c4fa8a204d
- FEDORA-2023-c890266d3f
- FEDORA-2023-f8319bd876
- FREEBSD:3693ECA5-F0D3-453C-9558-2353150495BB
- FREEBSD:4FD7A2FC-5860-11EE-A1B3-DCA632DAF43B
- FREEBSD:58A738D4-57AF-11EE-8C58-B42E991FC52E
- FREEBSD:773CE35B-EABB-47E0-98CA-669B2B98107A
- GLSA-202309-05
- GLSA-202401-10
- GLSA-202401-34
- MFSA-2023-40
- MS:CVE-2023-4863
- MS:CVE-2023-4900
- MS:CVE-2023-4901
- MS:CVE-2023-4902
- MS:CVE-2023-4903
- MS:CVE-2023-4904
- MS:CVE-2023-4905
- MS:CVE-2023-4906
- MS:CVE-2023-4907
- MS:CVE-2023-4908
- MS:CVE-2023-4909
- NPM:GHSA-J7HP-H8JX-5PPR
- openSUSE-SU-2023:0246-1
- openSUSE-SU-2023:0247-1
- openSUSE-SU-2023:0249-1
- openSUSE-SU-2023:0278-1
- RHSA-2023:5184
- RHSA-2023:5191
- RHSA-2023:5197
- RHSA-2023:5200
- RHSA-2023:5201
- RHSA-2023:5214
- RHSA-2023:5224
- RHSA-2023:5309
- RLSA-2023:5184
- RLSA-2023:5201
- RLSA-2023:5214
- RLSA-2023:5309
- RUSTSEC-2023-0060
- RUSTSEC-2023-0061
- SSA:2023-256-04
- SSA:2023-257-01
- SSA:2023-264-03
- SUSE-SU-2023:3609-1
- SUSE-SU-2023:3610-1
- SUSE-SU-2023:3626-1
- SUSE-SU-2023:3634-1
- SUSE-SU-2023:3664-1
- SUSE-SU-2023:3794-1
- SUSE-SU-2023:3829-1
- USN-6367-1
- USN-6368-1
- USN-6369-1
- USN-6369-2
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/ungoogled-chromium | ungoogled-chromium | < 117.0.5938.62 | ||||
Affected | pkg:freebsd/chromium | chromium | < 117.0.5938.62 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |