Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
altlinuxHttps://packages.altlinux.org/en/sisyphus/security/FB1E7CD6E855BA1B20237B2CD8BE0A03
HistoryApr 11, 2023 - 12:00 a.m.

Security fix for the ALT Linux 10 package yandex-browser-stable version 23.3.1.916-alt1

2023-04-1100:00:00
https://packages.altlinux.org/en/sisyphus/security/
packages.altlinux.org
12

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.013 Low

EPSS

Percentile

84.1%

JSON

April 11, 2023 Yandex Browser Team 23.3.1.916-alt1

- Browser updated to 23.3.1
  + Critical CVE-2023-0941: Use after free in Prompts.
  + High CVE-2023-0927: Use after free in Web Payments API.
  + High CVE-2023-0928: Use after free in SwiftShader.
  + High CVE-2023-0929: Use after free in Vulkan.
  + High CVE-2023-0930: Heap buffer overflow in Video.
  + High CVE-2023-0931: Use after free in Video.
  + High CVE-2023-0932: Use after free in WebRTC.
  + Medium CVE-2023-0933: Integer overflow in PDF.
  + High CVE-2023-0696: Type Confusion in V8.
  + High CVE-2023-0697: Inappropriate implementation in Full screen mode.
  + High CVE-2023-0698: Out of bounds read in WebRTC.
  + Medium CVE-2023-0699: Use after free in GPU.
  + Medium CVE-2023-0700: Inappropriate implementation in Download.
  + Medium CVE-2023-0701: Heap buffer overflow in WebUI.
  + Medium CVE-2023-0702: Type Confusion in Data Transfer.
  + Medium CVE-2023-0703: Type Confusion in DevTools.
  + Low CVE-2023-0704: Insufficient policy enforcement in DevTools.
  + Low CVE-2023-0705: Integer overflow in Core.
  + High CVE-2023-0471: Use after free in WebTransport.
  + High CVE-2023-0472: Use after free in WebRTC.
  + Medium CVE-2023-0473: Type Confusion in ServiceWorker API.
  + Medium CVE-2023-0474: Use after free in GuestView.
  + High CVE-2023-0128: Use after free in Overview Mode.
  + High CVE-2023-0129: Heap buffer overflow in Network Service.
  + Medium CVE-2023-0130: Inappropriate implementation in Fullscreen API.
  + Medium CVE-2023-0131: Inappropriate implementation in iframe Sandbox.
  + Medium CVE-2023-0132: Inappropriate implementation in Permission prompts.
  + Medium CVE-2023-0133: Inappropriate implementation in Permission prompts.
  + Medium CVE-2023-0134: Use after free in Cart.
  + Medium CVE-2023-0135: Use after free in Cart.
  + Medium CVE-2023-0136: Inappropriate implementation in Fullscreen API.
  + Medium CVE-2023-0137: Heap buffer overflow in Platform Apps.
  + Low CVE-2023-0138: Heap buffer overflow in libphonenumber.
  + Low CVE-2023-0139: Insufficient validation of untrusted input in Downloads.
  + Low CVE-2023-0140: Inappropriate implementation in File System API.
  + Low CVE-2023-0141: Insufficient policy enforcement in CORS.
- Set provides webclient (closes: [#43564](<https://bugzilla.altlinux.org/43564>))

Related

chrome 5
openvas 66
nessus 37
debian 4
osv 5
kaspersky 10
freebsd 5
mageia 3
ubuntu 1
fedora 40
gentoo 1
mscve 5
debiancve 3
prion 5
ubuntucve 3
cve 3
veracode 1
cnvd 2
chrome
chrome
Stable Channel Update for Desktop
2023-01-10 00:00:00
Stable Channel Update for Desktop
2023-02-07 00:00:00
Stable Channel Desktop Update
2023-02-22 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5317-1)
2023-01-15 00:00:00
Google Chrome Security Update (stable-channel-update-for-desktop-2023-01) - Mac OS X
2023-01-11 00:00:00
Mageia: Security Advisory (MGASA-2023-0016)
2023-03-28 00:00:00
nessus
nessus
FreeBSD : chromium -- multiple vulnerabilities (7b929503-911d-11ed-a925-3065ec8fd3ec)
2023-01-10 00:00:00
Debian DSA-5317-1 : chromium - security update
2023-01-14 00:00:00
Google Chrome < 109.0.5414.87 Multiple Vulnerabilities
2023-01-10 00:00:00
debian
debian
[SECURITY] [DSA 5317-1] chromium security update
2023-01-13 19:18:06
[SECURITY] [DSA 5345-1] chromium security update
2023-02-08 19:13:01
[SECURITY] [DSA 5359-1] chromium security update
2023-02-23 22:02:55
osv
osv
chromium - security update
2023-01-13 00:00:00
chromium-browser vulnerabilities
2023-02-21 15:53:57
chromium - security update
2023-02-08 00:00:00
kaspersky
kaspersky
KLA20150 Multiple vulnerabilities in Google Chrome
2023-01-10 00:00:00
KLA40222 Multiple vulnerabilities in Opera
2023-02-22 00:00:00
KLA20220 Multiple vulnerabilities in Google Chrome
2023-02-07 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2023-01-10 00:00:00
chromium -- multiple vulnerabilities
2023-02-07 00:00:00
chromium -- multiple vulnerabilities
2023-02-22 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2023-01-24 10:58:25
Updated chromium-browser-stable packages fix security vulnerability
2023-03-02 00:14:31
Updated chromium-browser-stable packages fix security vulnerability
2023-02-15 01:43:23
ubuntu
ubuntu
Chromium vulnerabilities
2023-02-21 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: chromium-110.0.5481.177-1.fc38
2023-03-11 03:43:26
[SECURITY] Fedora 36 Update: chromium-110.0.5481.77-1.fc36
2023-02-13 01:26:42
[SECURITY] Fedora 37 Update: chromium-109.0.5414.119-1.fc37
2023-02-03 01:29:14
gentoo
gentoo
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
2023-09-30 00:00:00
mscve
mscve
Chromium:CVE-2023-0140: Inappropriate implementation in File System API
2023-01-12 20:43:55
Chromium:CVE-2023-0134: Use after free in Cart
2023-01-12 20:43:39
Chromium: CVE-2023-0700 Inappropriate implementation in Download
2023-02-09 20:57:29
debiancve
debiancve
CVE-2023-0134
2023-01-10 20:15:11
CVE-2023-0130
2023-01-10 20:15:10
CVE-2023-0139
2023-01-10 20:15:11
prion
prion
Design/Logic Flaw
2023-01-10 20:15:00
Design/Logic Flaw
2023-02-07 21:15:00
Design/Logic Flaw
2023-01-10 20:15:00
ubuntucve
ubuntucve
CVE-2023-0699
2023-02-07 00:00:00
CVE-2023-0697
2023-02-07 00:00:00
CVE-2023-0140
2023-01-10 00:00:00
cve
cve
CVE-2023-0699
2023-02-07 21:15:09
CVE-2023-0700
2023-02-07 21:15:09
CVE-2023-0140
2023-01-10 20:15:11
veracode
veracode
Spoofing Attack
2023-03-12 20:33:55
cnvd
cnvd
Google Chrome Input Validation Error Vulnerability (CNVD-2023-12024)
2023-01-12 00:00:00
Google Chrome Information Disclosure Vulnerability (CNVD-2023-12025)
2023-01-12 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.013 Low

EPSS

Percentile

84.1%

JSON
Related for FB1E7CD6E855BA1B20237B2CD8BE0A03
chrome5openvas66nessus37debian4osv5kaspersky10freebsd5mageia3ubuntu1fedora40gentoo1mscve5debiancve3prion5ubuntucve3cve3veracode1cnvd2