FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-14 21:31:10 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
8cdd38c7-8ebb-11ee-86bb-a8a1599412c6	chromium -- multiple security fixes Chrome Releases reports: This update includes 7 security fixes: [1491459] High CVE-2023-6348: Type Confusion in Spellcheck. Reported by Mark Brand of Google Project Zero on 2023-10-10 [1494461] High CVE-2023-6347: Use after free in Mojo. Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2023-10-21 [1500856] High CVE-2023-6346: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-09 [1501766] High CVE-2023-6350: Out of bounds memory access in libavif. Reported by Fudan University on 2023-11-13 [1501770] High CVE-2023-6351: Use after free in libavif. Reported by Fudan University on 2023-11-13 [1505053] High CVE-2023-6345: Integer overflow in Skia. Reported by BenoÃÂ®t Sevens and ClÃÂ©ment Lecigne of Google's Threat Analysis Group on 2023-11-24 Discovery 2023-11-28 Entry 2023-11-29 chromium < 119.0.6045.199 ungoogled-chromium < 119.0.6045.199 qt5-webengine < 5.15.16.p5_2 qt6-webengine < 6.6.1_1 CVE-2023-6348 CVE-2023-6347 CVE-2023-6346 CVE-2023-6350 CVE-2023-6351 CVE-2023-6345 https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html

VuXML ID

Description

8cdd38c7-8ebb-11ee-86bb-a8a1599412c6

chromium -- multiple security fixes

Chrome Releases reports:

This update includes 7 security fixes:

[1491459] High CVE-2023-6348: Type Confusion in Spellcheck. Reported by Mark Brand of Google Project Zero on 2023-10-10

[1494461] High CVE-2023-6347: Use after free in Mojo. Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2023-10-21

[1500856] High CVE-2023-6346: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-09

[1501766] High CVE-2023-6350: Out of bounds memory access in libavif. Reported by Fudan University on 2023-11-13

[1501770] High CVE-2023-6351: Use after free in libavif. Reported by Fudan University on 2023-11-13

[1505053] High CVE-2023-6345: Integer overflow in Skia. Reported by BenoÃÂ®t Sevens and ClÃÂ©ment Lecigne of Google's Threat Analysis Group on 2023-11-24

Discovery 2023-11-28
Entry 2023-11-29
chromium

< 119.0.6045.199

ungoogled-chromium

< 119.0.6045.199

qt5-webengine

< 5.15.16.p5_2

qt6-webengine

< 6.6.1_1

CVE-2023-6348
CVE-2023-6347
CVE-2023-6346
CVE-2023-6350
CVE-2023-6351
CVE-2023-6345
https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html