9 matches found
CVE-2025-30360 webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browser
webpack-dev-server allows users to use webpack with a development server that provides live reloading. Prior to version 5.2.1, webpack-dev-server users' source code may be stolen when you access a malicious web site with non-Chromium based browser. The Origin header is checked to prevent Cross-si...
MGASA-2025-0037 Updated chromium-browser-stable packages fix security vulnerability
Use after free in DevTools. CVE-2025-0762...
The vulnerability of Chromium, Firefox, and Safari browsers lies in errors during the processing of input data, allowing attackers to execute arbitrary code.
The vulnerability of the Chromium, Firefox, and Safari browsers’ software is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, provided that the user clicks on a specially crafted link...
Policy Bypass
chromium-browser is vulnerable to policy bypass. The vulnerability exists in service workers which allows an attacker to bypass policy...
Denial Of Service (DoS)
chromium-browser:bionic is vulnerable denial of service. It allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
chromium-browser: Insufficient policy enforcement in developer tools
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension...
chromium-browser: CSP bypass with blob URL
Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page...
Debian Security Advisory DSA 2930-1 (chromium-browser - security update)
Several vulnerabilties have been discovered in the chromium web browser. CVE-2014-1740 Collin Payne discovered a use-after-free issue in chromium's WebSockets implementation. CVE-2014-1741 John Butler discovered multiple integer overflow issues in the Blink/Webkit document object model...
MGASA-2013-0321 Updated chromium-browser-stable packages fix multiple vulnerabilities
Updated chromium-browser-stable packages fix security vulnerabilities: Atte Kettunen of OUSPG discover a use-after-free issue in Blink's XML HTTP request implementation CVE-2013-2925. cloudfuzzer discovered a use-after-free issue in the list indenting implementation CVE-2013-2926. cloudfuzzer...