ALT-PU-2024-9390-3

BDU:2024-05053

HIGH8.8

Уязвимость компонента Dawn браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код

Published: 2024-07-05Modified: 2024-11-11

CVSS 3.xHIGH 8.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2024-6293

BDU:2024-05054

HIGH8.8

Уязвимость компонента Dawn браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код

Published: 2024-07-05Modified: 2024-11-11

CVSS 3.xHIGH 8.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2024-6290

BDU:2024-05055

HIGH8.8

Уязвимость компонента Dawn браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код

Published: 2024-07-05Modified: 2024-11-11

CVSS 3.xHIGH 8.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2024-6292

BDU:2024-05056

HIGH8.8

Уязвимость библиотеки SwiftShader браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код

Published: 2024-07-05Modified: 2024-11-11

CVSS 3.xHIGH 8.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2024-6291

BDU:2024-08569

HIGH8.8

Уязвимость модуля WebAssembly (wasm) браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Published: 2024-10-28Modified: 2024-11-19

CVSS 3.xHIGH 8.8

CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS 2.0CRITICAL 10.0

CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2024-9859

CVE-2024-6290

HIGH8.8

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: 2024-06-24Modified: 2024-12-26

CVSS 3.xHIGH 8.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2024-6291

HIGH8.8

Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: 2024-06-24Modified: 2024-12-26

CVSS 3.xHIGH 8.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2024-6292

HIGH8.8

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: 2024-06-24Modified: 2024-12-26

CVSS 3.xHIGH 8.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2024-6293

HIGH8.8

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: 2024-06-24Modified: 2024-12-26

CVSS 3.xHIGH 8.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

CVE-2024-9859

HIGH8.8

Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Published: 2024-10-11Modified: 2025-01-02

CVSS 3.xHIGH 8.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

https://issues.chromium.org/issues/346197738

Package update chromium in branch sisyphus

Closed issues (10)

Уязвимость компонента Dawn браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код

Уязвимость компонента Dawn браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код

Уязвимость компонента Dawn браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код

Уязвимость библиотеки SwiftShader браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю выполнить произвольный код

Уязвимость модуля WebAssembly (wasm) браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)