All errata/sisyphus/ALT-PU-2024-7311-3
ALT-PU-2024-7311-3

Package update chromium in branch sisyphus

Version124.0.6367.118-alt1
Task#347227
Published2026-02-04
Max severityHIGH
Severity:

Closed issues (4)

BDU:2024-03876
HIGH8.8

Уязвимость технологии Picture In Picture браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Published: 2024-05-20Modified: 2026-03-04
CVSS 3.xHIGH 8.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
BDU:2024-03877
HIGH8.8

Уязвимость компонента Dawn браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Published: 2024-05-20Modified: 2026-04-09
CVSS 3.xHIGH 8.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
CVE-2024-4331
HIGH8.8

Use after free in Picture In Picture in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: 2024-05-01Modified: 2024-12-20
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
CVE-2024-4368
HIGH8.8

Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: 2024-05-01Modified: 2025-03-13
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References