Google Chrome < 127.0.6533.72 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 127.0.6533.72. It is, therefore, affected by multiple vulnerabilities as referenced in the 202407stable-channel-update-for-desktop23 advisory. - Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a...

Stable Channel Update for Desktop

The Stable channel has been updated to 127.0.6533.72/73 for Windows, Mac and 127.0.6533.72 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept restricte...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 22 security fixes: 349198731 High CVE-2024-6988: Use after free in Downloads. Reported by lime@limeSec from TIANGONG Team of Legendsec at QI-ANXIN Group on 2024-06-25 349342289 High CVE-2024-6989: Use after free in Loader. Reported by Anonymous on...

openSUSE 15 Security Update : chromium (openSUSE-SU-2024:0204-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0204-1 advisory. Chromium 126.0.6478.126 boo1226504, boo1226205, boo1226933 CVE-2024-6290: Use after free in Dawn CVE-2024-6291: Use after free in Swiftshader...

CVE-2024-5500

Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-5500

Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-3174

Inappropriate implementation in V8 in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-6772

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

CVE-2024-5500

Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-5500

Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-5500

Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-7013

Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-7011

Inappropriate implementation in Picture in Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-7011

Inappropriate implementation in Picture in Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

Fedora 39 : chromium (2024-dd14eefb0e)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-dd14eefb0e advisory. update to 126.0.6478.114 High CVE-2024-6100: Type Confusion in V8 High CVE-2024-6101: Inappropriate implementation in WebAssembly High CVE-2024-6102...

MGASA-2024-0230 Updated chromium-browser-stable packages fix security vulnerabilities

The chromium-browser-stable package has been updated to the 126.0.6478.61 release. It includes 21 security fixes. Some of them are: High CVE-2024-5830: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2024-05-24 High CVE-2024-5831: Use after free in Dawn. Reported by wgslfuz...

DEBIAN-CVE-2024-6101

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

CVE-2024-6101

CVE-2024-6101 affects Google Chrome components (V8/WebAssembly) with an out-of-bounds memory access vulnerability caused by an inappropriate implementation. According to multiple sources, including Chromium blog updates and Debian security advisories, the issue was fixed in Chrome 126.0.6478.114 ...

CVE-2024-6101

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

Stable Channel Update for Desktop

The Stable channel has been updated to 126.0.6478.114/115 for Windows, Mac and 126.0.6478.114 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...