rpm package
opensuse/chromium&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed
Vulnerabilities (4,053)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-1697 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via | |
| CVE-2016-1696 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | |
| CVE-2016-1695 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |
| CVE-2016-1694 | Med | 5.3 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP pins during cache clearing, which makes it easier for remote attackers to spoof web sites via a valid certificate from an arbitrary recognized Certification Authority. | |
| CVE-2016-1693 | Med | 5.3 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use the HTTPS service on dl.google.com to obtain the Software Removal Tool, which allows remote attackers to spoof the chrome_cleanup_tool.exe (aka CCT) file via a man-in-the-middle attack | |
| CVE-2016-1692 | Med | 5.3 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote attackers to bypass the Same | |
| CVE-2016-1691 | Hig | 7.5 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | Skia, as used in Google Chrome before 51.0.2704.63, mishandles coincidence runs, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted curves, related to SkOpCoincidence.cpp and SkPathOpsCommo | |
| CVE-2016-1690 | Hig | 7.5 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | The Autofill implementation in Google Chrome before 51.0.2704.63 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other imp | |
| CVE-2016-1689 | Med | 6.5 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | Heap-based buffer overflow in content/renderer/media/canvas_capture_handler.cc in Google Chrome before 51.0.2704.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site. | |
| CVE-2016-1688 | Med | 6.5 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted JavaScript code. | |
| CVE-2016-1687 | Med | 6.5 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | The renderer implementation in Google Chrome before 51.0.2704.63 does not properly restrict public exposure of classes, which allows remote attackers to obtain sensitive information via vectors related to extensions. | |
| CVE-2016-1686 | Med | 6.5 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | The CPDF_DIBSource::CreateDecoder function in core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, mishandles decoder-initialization failure, which allows remote attackers to cause a denial of service (out-of-bounds read) via | |
| CVE-2016-1685 | Med | 6.5 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | core/fxge/ge/fx_ge_text.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. | |
| CVE-2016-1684 | Hig | 7.5 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via | |
| CVE-2016-1683 | Hig | 7.5 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document. | |
| CVE-2016-1682 | Med | 6.1 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | The ServiceWorkerContainer::registerServiceWorkerImpl function in WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp in Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a | |
| CVE-2016-1681 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | Heap-based buffer overflow in the opj_j2k_read_SPCod_SPCoc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. | |
| CVE-2016-1680 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors. | |
| CVE-2016-1679 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecifi | |
| CVE-2016-1678 | Hig | 8.8 | < 55.0.2883.75-3.1 | 55.0.2883.75-3.1 | Jun 5, 2016 | objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted Ja |
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP pins during cache clearing, which makes it easier for remote attackers to spoof web sites via a valid certificate from an arbitrary recognized Certification Authority.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use the HTTPS service on dl.google.com to obtain the Software Removal Tool, which allows remote attackers to spoof the chrome_cleanup_tool.exe (aka CCT) file via a man-in-the-middle attack
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote attackers to bypass the Same
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Skia, as used in Google Chrome before 51.0.2704.63, mishandles coincidence runs, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted curves, related to SkOpCoincidence.cpp and SkPathOpsCommo
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The Autofill implementation in Google Chrome before 51.0.2704.63 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other imp
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Heap-based buffer overflow in content/renderer/media/canvas_capture_handler.cc in Google Chrome before 51.0.2704.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted JavaScript code.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The renderer implementation in Google Chrome before 51.0.2704.63 does not properly restrict public exposure of classes, which allows remote attackers to obtain sensitive information via vectors related to extensions.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The CPDF_DIBSource::CreateDecoder function in core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, mishandles decoder-initialization failure, which allows remote attackers to cause a denial of service (out-of-bounds read) via
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
core/fxge/ge/fx_ge_text.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The ServiceWorkerContainer::registerServiceWorkerImpl function in WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp in Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Heap-based buffer overflow in the opj_j2k_read_SPCod_SPCoc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors.
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecifi
- affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1
objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted Ja
Page 173 of 203