VYPR

apk package

wolfi/chromium

pkg:apk/wolfi/chromium

Vulnerabilities (1,459)

  • CVE-2024-3832HigApr 17, 2024
    affected < 124.0.6367.60-r0fixed 124.0.6367.60-r0

    Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-3516MedApr 10, 2024
    affected < 123.0.6312.122-r0fixed 123.0.6312.122-r0

    Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-3515MedApr 10, 2024
    affected < 123.0.6312.122-r0fixed 123.0.6312.122-r0

    Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-3157CriApr 10, 2024
    affected < 123.0.6312.122-r0fixed 123.0.6312.122-r0

    Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)

  • CVE-2024-3159HigApr 6, 2024
    affected < 123.0.6312.105-r0fixed 123.0.6312.105-r0

    Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-3158HigApr 6, 2024
    affected < 123.0.6312.105-r0fixed 123.0.6312.105-r0

    Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-3156HigApr 6, 2024
    affected < 123.0.6312.105-r0fixed 123.0.6312.105-r0

    Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-2887HigMar 26, 2024
    affected < 123.0.6312.86-r0fixed 123.0.6312.86-r0

    Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-2886HigMar 26, 2024
    affected < 123.0.6312.86-r0fixed 123.0.6312.86-r0

    Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-2631MedMar 20, 2024
    affected < 123.0.6312.58-r0fixed 123.0.6312.58-r0

    Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2024-2630MedMar 20, 2024
    affected < 123.0.6312.58-r0fixed 123.0.6312.58-r0

    Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-2629MedMar 20, 2024
    affected < 123.0.6312.58-r0fixed 123.0.6312.58-r0

    Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-2628MedMar 20, 2024
    affected < 123.0.6312.58-r0fixed 123.0.6312.58-r0

    Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted URL. (Chromium security severity: Medium)

  • CVE-2024-2627HigMar 20, 2024
    affected < 123.0.6312.58-r0fixed 123.0.6312.58-r0

    Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-2626MedMar 20, 2024
    affected < 123.0.6312.58-r0fixed 123.0.6312.58-r0

    Out of bounds read in Swiftshader in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-2625HigMar 20, 2024
    affected < 123.0.6312.58-r0fixed 123.0.6312.58-r0

    Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-2400HigMar 13, 2024
    affected < 122.0.6261.128-r0fixed 122.0.6261.128-r0

    Use after free in Performance Manager in Google Chrome prior to 122.0.6261.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-2176HigMar 6, 2024
    affected < 122.0.6261.128-r0fixed 122.0.6261.128-r0

    Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-2174HigMar 6, 2024
    affected < 122.0.6261.128-r0fixed 122.0.6261.128-r0

    Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-2173HigMar 6, 2024
    affected < 122.0.6261.128-r0fixed 122.0.6261.128-r0

    Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Page 72 of 73