ALT-PU-2025-9403-1

Обновление пакета chromium в ветке sisyphus_loongarch64

Версия138.0.7204.157-alt0.port

Задание#0

Опубликовано2025-07-17

Макс. серьёзностьHIGH

Серьёзность:

Закрытые проблемы (3)

HIGH8.8

Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Опубликовано: 2025-07-15Изменено: 2025-11-06

CVSS 3.xВЫСОКАЯ 8.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Ссылки

HIGH8.8

Integer overflow in V8 in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Опубликовано: 2025-07-15Изменено: 2025-07-16

CVSS 3.xВЫСОКАЯ 8.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Ссылки

HIGH8.8

Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Опубликовано: 2025-07-15Изменено: 2025-07-16

CVSS 3.xВЫСОКАЯ 8.8

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Ссылки