All errata/sisyphus/ALT-PU-2026-10155-2
ALT-PU-2026-10155-2

Package update chromium in branch sisyphus

Version149.0.7827.200-alt1
Published2026-06-29
Max severityHIGH
Severity:

Closed issues (3)

CVE-2026-13281
HIGH8.3

Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)

Published: 2026-06-25Modified: 2026-06-27
CVSS 3.xHIGH 8.3
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVE-2026-13282
MEDIUM6.8

Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via physical access to the device. (Chromium security severity: High)

Published: 2026-06-25Modified: 2026-06-26
CVSS 3.xMEDIUM 6.8
CVSS:3.x/CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2026-13283
HIGH7.5

Use after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Published: 2026-06-25Modified: 2026-06-27
CVSS 3.xHIGH 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H