[FREEBSD:88754D55-521A-11EE-8290-A8A1599412C6] chromium -- multiple vulnerabilities
Severity
High
Affected Packages
2
CVEs
11
Chrome Releases reports:
This update includes 16 security fixes:
[1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP. Reported by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Torontoʼs Munk School on 2023-09-06
[1430867] Medium CVE-2023-4900: Inappropriate implementation in Custom Tabs. Reported by Levit Nudi from Kenya on 2023-04-06
[1459281] Medium CVE-2023-4901: Inappropriate implementation in Prompts. Reported by Kang Ali on 2023-06-29
[1454515] Medium CVE-2023-4902: Inappropriate implementation in Input. Reported by Axel Chong on 2023-06-14
[1446709] Medium CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs. Reported by Ahmed ElMasry on 2023-05-18
[1453501] Medium CVE-2023-4904: Insufficient policy enforcement in Downloads. Reported by Tudor Enache @tudorhacks on 2023-06-09
[1441228] Medium CVE-2023-4905: Inappropriate implementation in Prompts. Reported by Hafiizh on 2023-04-29
[1449874] Low CVE-2023-4906: Insufficient policy enforcement in Autofill. Reported by Ahmed ElMasry on 2023-05-30
[1462104] Low CVE-2023-4907: Inappropriate implementation in Intents. Reported by Mohit Raj (shadow2639) on 2023-07-04
[1451543] Low CVE-2023-4908: Inappropriate implementation in Picture in Picture. Reported by Axel Chong on 2023-06-06
[1463293] Low CVE-2023-4909: Inappropriate implementation in Interstitials. Reported by Axel Chong on 2023-07-09
| Package | Affected Version |
|---|---|
 pkg:freebsd/ungoogled-chromium
|
< 117.0.5938.62 |
|
pkg:freebsd/chromium
|
< 117.0.5938.62 |
- ID
- FREEBSD:88754D55-521A-11EE-8290-A8A1599412C6
- Severity
- high
- Severity from
- CVE-2023-4863
- URL
- http://vuxml.freebsd.org/freebsd/88754d55-521a-11ee-8290-a8a1599412c6.html
- Published
-
2023-09-12T00:00:00
(12 months ago) - Modified
-
2023-09-13T00:00:00
(12 months ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
-
ALAS2-2023-2290
-
ALAS2-2023-2291
-
ALAS2-2023-2337
-
ALPINE:CVE-2023-4863
-
ALSA-2023:5184
-
ALSA-2023:5200
-
ALSA-2023:5201
-
ALSA-2023:5214
-
ALSA-2023:5224
-
ALSA-2023:5309
-
CISA-2023:0913
-
DSA-5496-1
-
DSA-5497-1
-
DSA-5497-2
-
DSA-5498-1
-
DSA-5499-1
-
ELSA-2023-5184
-
ELSA-2023-5191
-
ELSA-2023-5197
-
ELSA-2023-5200
-
ELSA-2023-5201
-
ELSA-2023-5214
-
ELSA-2023-5224
-
ELSA-2023-5309
-
FEDORA-2023-3388038193
-
FEDORA-2023-3bfb63f6d2
-
FEDORA-2023-6bdc468df7
-
FEDORA-2023-b427f54e68
-
FEDORA-2023-c4fa8a204d
-
FEDORA-2023-c890266d3f
-
FEDORA-2023-f8319bd876
-
FREEBSD:3693ECA5-F0D3-453C-9558-2353150495BB
-
FREEBSD:4FD7A2FC-5860-11EE-A1B3-DCA632DAF43B
-
FREEBSD:58A738D4-57AF-11EE-8C58-B42E991FC52E
-
FREEBSD:773CE35B-EABB-47E0-98CA-669B2B98107A
-
GLSA-202309-05
-
GLSA-202401-10
-
GLSA-202401-34
-
MFSA-2023-40
-
MS:CVE-2023-4863
-
MS:CVE-2023-4900
-
MS:CVE-2023-4901
-
MS:CVE-2023-4902
-
MS:CVE-2023-4903
-
MS:CVE-2023-4904
-
MS:CVE-2023-4905
-
MS:CVE-2023-4906
-
MS:CVE-2023-4907
-
MS:CVE-2023-4908
-
MS:CVE-2023-4909
-
NPM:GHSA-J7HP-H8JX-5PPR
-
openSUSE-SU-2023:0246-1
-
openSUSE-SU-2023:0247-1
-
openSUSE-SU-2023:0249-1
-
openSUSE-SU-2023:0278-1
-
RHSA-2023:5184
-
RHSA-2023:5191
-
RHSA-2023:5197
-
RHSA-2023:5200
-
RHSA-2023:5201
-
RHSA-2023:5214
-
RHSA-2023:5224
-
RHSA-2023:5309
-
RLSA-2023:5184
-
RLSA-2023:5201
-
RLSA-2023:5214
-
RLSA-2023:5309
-
RUSTSEC-2023-0060
-
RUSTSEC-2023-0061
-
SSA:2023-256-04
-
SSA:2023-257-01
-
SSA:2023-264-03
-
SUSE-SU-2023:3609-1
-
SUSE-SU-2023:3610-1
-
SUSE-SU-2023:3626-1
-
SUSE-SU-2023:3634-1
-
SUSE-SU-2023:3664-1
-
SUSE-SU-2023:3794-1
-
SUSE-SU-2023:3829-1
-
USN-6367-1
-
USN-6368-1
-
USN-6369-1
-
USN-6369-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| FreeBSD VuXML |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:freebsd/ungoogled-chromium |
ungoogled-chromium
|
< 117.0.5938.62 | ||||
| Affected | pkg:freebsd/chromium |
chromium
|
< 117.0.5938.62 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |