rpm package
opensuse/chromium&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed
Vulnerabilities (4,053)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-5153 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Sep 11, 2016 | The Web Animations implementation in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, improperly relies on list iteration, which allows remote attackers to cause a denial of service (use-after-destruction) or possibly have | |
| CVE-2016-5152 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Sep 11, 2016 | Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to cause a denial of service (heap-based buffer overflow) or p | |
| CVE-2016-5151 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Sep 11, 2016 | PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux mishandles timers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk | |
| CVE-2016-5150 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Sep 11, 2016 | WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, has an Indexed Database (aka IndexedDB) API implementation that does not properly restrict key-path evaluation, w | |
| CVE-2016-5149 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Sep 11, 2016 | The extensions subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux relies on an IFRAME source URL to identify an associated extension, which allows remote attackers to conduct extension-bindings injection attacks by leveraging scrip | |
| CVE-2016-5148 | Med | 6.1 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Sep 11, 2016 | Cross-site scripting (XSS) vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML via vectors related to widget updates, aka "Universal XSS (UXSS)." | |
| CVE-2016-5147 | Med | 6.1 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Sep 11, 2016 | Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles deferred page loads, which allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)." | |
| CVE-2016-5146 | Cri | 9.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 7, 2016 | Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |
| CVE-2016-5145 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 7, 2016 | Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, which allows remote attackers to bypass the Same Origin Policy via crafted JavaSc | |
| CVE-2016-5144 | Cri | 9.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 7, 2016 | The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL | |
| CVE-2016-5143 | Cri | 9.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 7, 2016 | The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL | |
| CVE-2016-5142 | Cri | 9.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 7, 2016 | The Web Cryptography API (aka WebCrypto) implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted | |
| CVE-2016-5141 | Hig | 7.5 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 7, 2016 | Blink, as used in Google Chrome before 52.0.2743.116, allows remote attackers to spoof the address bar via vectors involving a provisional URL for an initially empty document, related to FrameLoader.cpp and ScopedPageLoadDeferrer.cpp. | |
| CVE-2016-5140 | Cri | 9.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 7, 2016 | Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JPEG 2000 data. | |
| CVE-2016-5139 | Hig | 7.6 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Aug 7, 2016 | Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG | |
| CVE-2016-5137 | Med | 4.3 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jul 23, 2016 | The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 52.0.2743.82, does not apply http :80 policies to https :443 URLs and does not apply ws :80 policies t | |
| CVE-2016-5136 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jul 23, 2016 | Use-after-free vulnerability in extensions/renderer/user_script_injector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to script deletion. | |
| CVE-2016-5135 | Med | 6.5 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jul 23, 2016 | WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy (CSP) | |
| CVE-2016-5134 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jul 23, 2016 | net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in Google Chrome before 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows remote attackers to discover credentials by operating a server with a PAC script, a | |
| CVE-2016-5133 | Med | 5.3 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jul 23, 2016 | Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect credential storage by modifying the client-server data stream. |
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The Web Animations implementation in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, improperly relies on list iteration, which allows remote attackers to cause a denial of service (use-after-destruction) or possibly have
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to cause a denial of service (heap-based buffer overflow) or p
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux mishandles timers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, has an Indexed Database (aka IndexedDB) API implementation that does not properly restrict key-path evaluation, w
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The extensions subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux relies on an IFRAME source URL to identify an associated extension, which allows remote attackers to conduct extension-bindings injection attacks by leveraging scrip
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Cross-site scripting (XSS) vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML via vectors related to widget updates, aka "Universal XSS (UXSS)."
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles deferred page loads, which allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)."
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, which allows remote attackers to bypass the Same Origin Policy via crafted JavaSc
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The Web Cryptography API (aka WebCrypto) implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Blink, as used in Google Chrome before 52.0.2743.116, allows remote attackers to spoof the address bar via vectors involving a provisional URL for an initially empty document, related to FrameLoader.cpp and ScopedPageLoadDeferrer.cpp.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JPEG 2000 data.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 52.0.2743.82, does not apply http :80 policies to https :443 URLs and does not apply ws :80 policies t
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in extensions/renderer/user_script_injector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to script deletion.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy (CSP)
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in Google Chrome before 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows remote attackers to discover credentials by operating a server with a PAC script, a
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect credential storage by modifying the client-server data stream.
Page 171 of 203