ALT Linux Team

Package chromium update in sisyphus on 2015-09-29

ALT-PU-2015-1815-1

Package chromium updated to version 45.0.2454.101-alt1 for branch sisyphus in task 150519.

Closed vulnerabilities

Published: 2015-10-12

BDU:2015-11682

Уязвимость браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения доступа

Severity: HIGH (7.5)
References:
Published: 2015-10-12

BDU:2015-11683

Уязвимость браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения доступа

Severity: HIGH (7.5)
References:
Published: 2015-10-12
Modified: 2024-11-21

CVE-2015-1303

bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document containing an IFRAME element.

Severity: HIGH (7.5)
References:
Published: 2015-10-12
Modified: 2024-11-21

CVE-2015-1304

object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows remote attackers to bypass the Same Origin Policy via a (1) observe or (2) getNotifier call.

Severity: HIGH (7.5)
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top