VYPR

apk package

wolfi/chromium

pkg:apk/wolfi/chromium

Vulnerabilities (1,378)

  • CVE-2024-7973Aug 21, 2024
    affected < 128.0.6613.84-r0fixed 128.0.6613.84-r0

    Heap buffer overflow in PDFium in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. (Chromium security severity: Medium)

  • CVE-2024-7972Aug 21, 2024
    affected < 128.0.6613.84-r0fixed 128.0.6613.84-r0

    Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-7971KEVAug 21, 2024
    affected < 128.0.6613.84-r0fixed 128.0.6613.84-r0

    Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-7969Aug 21, 2024
    affected < 128.0.6613.84-r0fixed 128.0.6613.84-r0

    Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-7968Aug 21, 2024
    affected < 128.0.6613.84-r0fixed 128.0.6613.84-r0

    Use after free in Autofill in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-7967Aug 21, 2024
    affected < 128.0.6613.84-r0fixed 128.0.6613.84-r0

    Heap buffer overflow in Fonts in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-7966Aug 21, 2024
    affected < 128.0.6613.84-r0fixed 128.0.6613.84-r0

    Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-7965KEVAug 21, 2024
    affected < 128.0.6613.84-r0fixed 128.0.6613.84-r0

    Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-7964Aug 21, 2024
    affected < 128.0.6613.84-r0fixed 128.0.6613.84-r0

    Use after free in Passwords in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-7550Aug 6, 2024
    affected < 127.0.6533.119-r0fixed 127.0.6533.119-r0

    Type Confusion in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-7536Aug 6, 2024
    affected < 127.0.6533.119-r0fixed 127.0.6533.119-r0

    Use after free in WebAudio in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-7535Aug 6, 2024
    affected < 127.0.6533.119-r0fixed 127.0.6533.119-r0

    Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-7534Aug 6, 2024
    affected < 127.0.6533.119-r0fixed 127.0.6533.119-r0

    Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-7533Aug 6, 2024
    affected < 0fixed 0

    Use after free in Sharing in Google Chrome on iOS prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-7532Aug 6, 2024
    affected < 127.0.6533.119-r0fixed 127.0.6533.119-r0

    Out of bounds memory access in ANGLE in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2024-7003Aug 6, 2024
    affected < 127.0.6533.72-r0fixed 127.0.6533.72-r0

    Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2024-6999Aug 6, 2024
    affected < 127.0.6533.72-r0fixed 127.0.6533.72-r0

    Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-6998Aug 6, 2024
    affected < 127.0.6533.72-r0fixed 127.0.6533.72-r0

    Use after free in User Education in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-6997Aug 6, 2024
    affected < 127.0.6533.72-r0fixed 127.0.6533.72-r0

    Use after free in Tabs in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-6996Aug 6, 2024
    affected < 127.0.6533.72-r0fixed 127.0.6533.72-r0

    Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Page 63 of 69