ALT-PU-2025-2640-1

Обновление пакета chromium в ветке sisyphus_loongarch64

Версия133.0.6943.53-alt0.port

Задание#0

Опубликовано2025-02-10

Макс. серьёзностьMEDIUM

Серьёзность:

Закрытые проблемы (3)

MEDIUM6.3

Use after free in Skia in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Опубликовано: 2025-02-04Изменено: 2025-04-08

CVSS 3.xСРЕДНЯЯ 6.3

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Ссылки

MEDIUM5.4

Use after free in V8 in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Опубликовано: 2025-02-04Изменено: 2025-04-08

CVSS 3.xСРЕДНЯЯ 5.4

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Ссылки

MEDIUM6.3

Inappropriate implementation in Extensions API in Google Chrome prior to 133.0.6943.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)

Опубликовано: 2025-02-04Изменено: 2025-04-08

CVSS 3.xСРЕДНЯЯ 6.3

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Ссылки