VYPR

rpm package

opensuse/chromium&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed

Vulnerabilities (4,053)

  • CVE-2011-3069Apr 5, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes.

  • CVE-2011-3068Apr 5, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes.

  • CVE-2011-3067Apr 5, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements.

  • CVE-2011-3066Apr 5, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

  • CVE-2011-3065Mar 30, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

  • CVE-2011-3064Mar 30, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.

  • CVE-2011-3063Mar 30, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 18.0.1025.142 does not properly validate the renderer's navigation requests, which has unspecified impact and remote attack vectors.

  • CVE-2011-3062Mar 30, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.

  • CVE-2011-3061Mar 30, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 18.0.1025.142 does not properly check X.509 certificates before use of a SPDY proxy, which might allow man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate.

  • CVE-2011-3060Mar 30, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

  • CVE-2011-3059Mar 30, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

  • CVE-2011-3058Mar 30, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

  • CVE-2011-3049Mar 23, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which allows remote attackers to cause a denial of service (disrupted system requests) via a crafted extension.

  • CVE-2011-3057Mar 22, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation.

  • CVE-2011-3056Mar 22, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."

  • CVE-2011-3055Mar 22, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension.

  • CVE-2011-3054Mar 22, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

  • CVE-2011-3053Mar 22, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.

  • CVE-2011-3052Mar 22, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

  • CVE-2011-3051Mar 22, 2012
    affected < 55.0.2883.75-3.1fixed 55.0.2883.75-3.1

    Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function.

Page 199 of 203