Lucene search

K
freebsdFreeBSDDC9E5237-C197-11EE-86BB-A8A1599412C6
HistoryJan 30, 2024 - 12:00 a.m.

chromium -- multiple security fixes

2024-01-3000:00:00
vuxml.freebsd.org
8
chromium
security fixes
canvas
webrtc
network
anonymous
cassidy kim
microsoft security research center
use after free

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.0%

Chrome Releases reports:

This update includes 4 security fixes:

[1511567] High CVE-2024-1060: Use after free in Canvas. Reported by Anonymous on 2023-12-14
[1514777] High CVE-2024-1059: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-12-29
[1511085] High CVE-2024-1077: Use after free in Network. Reported by Microsoft Security Research Center on 2023-12-13

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchchromium< 121.0.6167.139UNKNOWN
FreeBSDanynoarchungoogled-chromium< 121.0.6167.139UNKNOWN
FreeBSDanynoarchqt5-webengine< 5.15.16.p5_5UNKNOWN
FreeBSDanynoarchqt6-webengine< 6.6.1_5UNKNOWN

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.0%