Lucene search

FreeBSDAA2B65E4-2F63-11EF-9CAB-4CCC6ADDA413

HistoryMay 31, 2024 - 12:00 a.m.

qt5-webengine -- Multiple vulnerabilities

2024-05-3100:00:00

vuxml.freebsd.org

backports

chromium

security bugs

qt5-webengine

use after free

quic

out of bounds read

fonts

type confusion

angle

unix

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.8%

JSON

Backports for 5 security bugs in Chromium:

CVE-2024-3837: Use after free in QUIC
CVE-2024-3839: Out of bounds read in Fonts
CVE-2024-3914: Use after free in V8
CVE-2024-4058: Type confusion in ANGLE
CVE-2024-4558: Use after free in ANGLE

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchqt5-webengine< 5.15.17.p2_1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	qt5-webengine	< 5.15.17.p2_1	UNKNOWN

References

code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=87-based

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.8%

JSON

Related for AA2B65E4-2F63-11EF-9CAB-4CCC6ADDA413