CVE-2021-30523 (GCVE-0-2021-30523)
Vulnerability from
Published
2021-06-07 19:25
Modified
2024-08-03 22:32
Severity ?
EPSS score ?
Summary
Use after free in WebRTC in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html | x_refsource_MISC | |
| https://crbug.com/1187797 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/202107-06 | vendor-advisory, x_refsource_GENTOO | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:32:41.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://crbug.com/1187797"
},
{
"name": "GLSA-202107-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-06"
},
{
"name": "FEDORA-2021-f94dadff78",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/"
},
{
"name": "FEDORA-2021-ca58c57bdf",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "91.0.4472.77",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use after free in WebRTC in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use after free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-18T02:06:49",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://crbug.com/1187797"
},
{
"name": "GLSA-202107-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-06"
},
{
"name": "FEDORA-2021-f94dadff78",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/"
},
{
"name": "FEDORA-2021-ca58c57bdf",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "chrome-cve-admin@google.com",
"ID": "CVE-2021-30523",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "91.0.4472.77"
}
]
}
}
]
},
"vendor_name": "Google"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use after free in WebRTC in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2021/05/stable-channel-update-for-desktop_25.html"
},
{
"name": "https://crbug.com/1187797",
"refsource": "MISC",
"url": "https://crbug.com/1187797"
},
{
"name": "GLSA-202107-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-06"
},
{
"name": "FEDORA-2021-f94dadff78",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/"
},
{
"name": "FEDORA-2021-ca58c57bdf",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2021-30523",
"datePublished": "2021-06-07T19:25:41",
"dateReserved": "2021-04-13T00:00:00",
"dateUpdated": "2024-08-03T22:32:41.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15403 (GCVE-0-2017-15403)
Vulnerability from
Published
2019-01-09 19:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
Insufficient data validation in crosh could lead to a command injection under chronos privileges in Networking in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to execute arbitrary code via a crafted HTML page.
References
| ▼ | URL | Tags |
|---|---|---|
| https://crbug.com/766271 | x_refsource_MISC | |
| https://chromereleases.googleblog.com/2017/10/stable-channel-updates-for-chrome-os.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:25.836Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://crbug.com/766271"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://chromereleases.googleblog.com/2017/10/stable-channel-updates-for-chrome-os.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "61.0.3163.113",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Insufficient data validation in crosh could lead to a command injection under chronos privileges in Networking in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to execute arbitrary code via a crafted HTML page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Script injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T18:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://crbug.com/766271"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://chromereleases.googleblog.com/2017/10/stable-channel-updates-for-chrome-os.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2017-15403",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "61.0.3163.113"
}
]
}
}
]
},
"vendor_name": "Google"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient data validation in crosh could lead to a command injection under chronos privileges in Networking in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to execute arbitrary code via a crafted HTML page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Script injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://crbug.com/766271",
"refsource": "MISC",
"url": "https://crbug.com/766271"
},
{
"name": "https://chromereleases.googleblog.com/2017/10/stable-channel-updates-for-chrome-os.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2017/10/stable-channel-updates-for-chrome-os.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2017-15403",
"datePublished": "2019-01-09T19:00:00",
"dateReserved": "2017-10-17T00:00:00",
"dateUpdated": "2024-08-05T19:57:25.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0468 (GCVE-0-2022-0468)
Vulnerability from
Published
2022-04-05 00:51
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
References
| ▼ | URL | Tags |
|---|---|---|
| https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html | x_refsource_MISC | |
| https://crbug.com/1252716 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:44.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://crbug.com/1252716"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "98.0.4758.80",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use after free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-05T00:51:36",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://crbug.com/1252716"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "chrome-cve-admin@google.com",
"ID": "CVE-2022-0468",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "98.0.4758.80"
}
]
}
}
]
},
"vendor_name": "Google"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html"
},
{
"name": "https://crbug.com/1252716",
"refsource": "MISC",
"url": "https://crbug.com/1252716"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2022-0468",
"datePublished": "2022-04-05T00:51:36",
"dateReserved": "2022-02-01T00:00:00",
"dateUpdated": "2024-08-02T23:32:44.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-6777 (GCVE-0-2015-6777)
Vulnerability from
Published
2015-12-06 01:00
Modified
2024-08-06 07:29
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions.
References
| ▼ | URL | Tags |
|---|---|---|
| http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html | x_refsource_CONFIRM | |
| http://www.ubuntu.com/usn/USN-2825-1 | vendor-advisory, x_refsource_UBUNTU | |
| https://codereview.chromium.org/1420653003/ | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html | vendor-advisory, x_refsource_SUSE | |
| https://code.google.com/p/chromium/issues/detail?id=544020 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201603-09 | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/78416 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2015/dsa-3415 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securitytracker.com/id/1034298 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:29:24.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"
},
{
"name": "USN-2825-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2825-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1420653003/"
},
{
"name": "openSUSE-SU-2015:2290",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=544020"
},
{
"name": "GLSA-201603-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name": "78416",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/78416"
},
{
"name": "DSA-3415",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3415"
},
{
"name": "openSUSE-SU-2015:2291",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"
},
{
"name": "1034298",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034298"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-13T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"
},
{
"name": "USN-2825-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2825-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1420653003/"
},
{
"name": "openSUSE-SU-2015:2290",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=544020"
},
{
"name": "GLSA-201603-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name": "78416",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/78416"
},
{
"name": "DSA-3415",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3415"
},
{
"name": "openSUSE-SU-2015:2291",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"
},
{
"name": "1034298",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034298"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-6777",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"
},
{
"name": "USN-2825-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2825-1"
},
{
"name": "https://codereview.chromium.org/1420653003/",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1420653003/"
},
{
"name": "openSUSE-SU-2015:2290",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=544020",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=544020"
},
{
"name": "GLSA-201603-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name": "78416",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78416"
},
{
"name": "DSA-3415",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3415"
},
{
"name": "openSUSE-SU-2015:2291",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"
},
{
"name": "1034298",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034298"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2015-6777",
"datePublished": "2015-12-06T01:00:00",
"dateReserved": "2015-08-31T00:00:00",
"dateUpdated": "2024-08-06T07:29:24.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1677 (GCVE-0-2016-1677)
Vulnerability from
Published
2016-06-05 23:00
Modified
2024-08-05 23:02
Severity ?
EPSS score ?
Summary
uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion."
References
| ▼ | URL | Tags |
|---|---|---|
| https://crbug.com/602970 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/90876 | vdb-entry, x_refsource_BID | |
| https://codereview.chromium.org/1936083002 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securitytracker.com/id/1035981 | vdb-entry, x_refsource_SECTRACK | |
| http://www.debian.org/security/2016/dsa-3590 | vendor-advisory, x_refsource_DEBIAN | |
| http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html | x_refsource_CONFIRM | |
| http://www.ubuntu.com/usn/USN-2992-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html | vendor-advisory, x_refsource_SUSE | |
| https://access.redhat.com/errata/RHSA-2016:1190 | vendor-advisory, x_refsource_REDHAT | |
| https://security.gentoo.org/glsa/201607-07 | vendor-advisory, x_refsource_GENTOO | |
| http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:13.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/602970"
},
{
"name": "90876",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90876"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1936083002"
},
{
"name": "openSUSE-SU-2016:1496",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html"
},
{
"name": "1035981",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035981"
},
{
"name": "DSA-3590",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3590"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html"
},
{
"name": "USN-2992-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2992-1"
},
{
"name": "openSUSE-SU-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html"
},
{
"name": "RHSA-2016:1190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1190"
},
{
"name": "GLSA-201607-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201607-07"
},
{
"name": "openSUSE-SU-2016:1433",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging \"type confusion.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/602970"
},
{
"name": "90876",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90876"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1936083002"
},
{
"name": "openSUSE-SU-2016:1496",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html"
},
{
"name": "1035981",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035981"
},
{
"name": "DSA-3590",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3590"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html"
},
{
"name": "USN-2992-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2992-1"
},
{
"name": "openSUSE-SU-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html"
},
{
"name": "RHSA-2016:1190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1190"
},
{
"name": "GLSA-201607-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201607-07"
},
{
"name": "openSUSE-SU-2016:1433",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging \"type confusion.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://crbug.com/602970",
"refsource": "CONFIRM",
"url": "https://crbug.com/602970"
},
{
"name": "90876",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90876"
},
{
"name": "https://codereview.chromium.org/1936083002",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1936083002"
},
{
"name": "openSUSE-SU-2016:1496",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html"
},
{
"name": "1035981",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035981"
},
{
"name": "DSA-3590",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3590"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html"
},
{
"name": "USN-2992-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2992-1"
},
{
"name": "openSUSE-SU-2016:1430",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html"
},
{
"name": "RHSA-2016:1190",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1190"
},
{
"name": "GLSA-201607-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-07"
},
{
"name": "openSUSE-SU-2016:1433",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1677",
"datePublished": "2016-06-05T23:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:13.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1295 (GCVE-0-2015-1295)
Vulnerability from
Published
2015-09-03 22:00
Modified
2024-08-06 04:40
Severity ?
EPSS score ?
Summary
Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/print_web_view_helper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact by triggering nested IPC messages during preparation for printing, as demonstrated by messages associated with PDF documents in conjunction with messages about printer capabilities.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.opensuse.org/opensuse-updates/2015-11/msg00013.html | vendor-advisory, x_refsource_SUSE | |
| http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html | x_refsource_CONFIRM | |
| http://rhn.redhat.com/errata/RHSA-2015-1712.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securitytracker.com/id/1033472 | vdb-entry, x_refsource_SECTRACK | |
| https://codereview.chromium.org/1228693002/ | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2015-09/msg00029.html | vendor-advisory, x_refsource_SUSE | |
| http://www.debian.org/security/2015/dsa-3351 | vendor-advisory, x_refsource_DEBIAN | |
| https://code.google.com/p/chromium/issues/detail?id=502562 | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201603-09 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2015:1873",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html"
},
{
"name": "RHSA-2015:1712",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1712.html"
},
{
"name": "1033472",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033472"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1228693002/"
},
{
"name": "openSUSE-SU-2015:1586",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00029.html"
},
{
"name": "DSA-3351",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3351"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=502562"
},
{
"name": "GLSA-201603-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-09"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-09-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/print_web_view_helper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact by triggering nested IPC messages during preparation for printing, as demonstrated by messages associated with PDF documents in conjunction with messages about printer capabilities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "openSUSE-SU-2015:1873",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html"
},
{
"name": "RHSA-2015:1712",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1712.html"
},
{
"name": "1033472",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033472"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1228693002/"
},
{
"name": "openSUSE-SU-2015:1586",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00029.html"
},
{
"name": "DSA-3351",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3351"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=502562"
},
{
"name": "GLSA-201603-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-09"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/print_web_view_helper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact by triggering nested IPC messages during preparation for printing, as demonstrated by messages associated with PDF documents in conjunction with messages about printer capabilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2015:1873",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00013.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html"
},
{
"name": "RHSA-2015:1712",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1712.html"
},
{
"name": "1033472",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033472"
},
{
"name": "https://codereview.chromium.org/1228693002/",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1228693002/"
},
{
"name": "openSUSE-SU-2015:1586",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00029.html"
},
{
"name": "DSA-3351",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3351"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=502562",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=502562"
},
{
"name": "GLSA-201603-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-09"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2015-1295",
"datePublished": "2015-09-03T22:00:00",
"dateReserved": "2015-01-21T00:00:00",
"dateUpdated": "2024-08-06T04:40:18.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4073 (GCVE-0-2023-4073)
Vulnerability from
Published
2023-08-03 00:27
Modified
2025-02-13 17:08
Severity ?
EPSS score ?
Summary
Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:17:12.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://crbug.com/1456243"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5467"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-11"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202312-07"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-34"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "115.0.5790.170",
"status": "affected",
"version": "115.0.5790.170",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of bounds memory access",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-31T17:09:54.995Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html"
},
{
"url": "https://crbug.com/1456243"
},
{
"url": "https://www.debian.org/security/2023/dsa-5467"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ/"
},
{
"url": "https://security.gentoo.org/glsa/202311-11"
},
{
"url": "https://security.gentoo.org/glsa/202312-07"
},
{
"url": "https://security.gentoo.org/glsa/202401-34"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2023-4073",
"datePublished": "2023-08-03T00:27:47.197Z",
"dateReserved": "2023-08-02T00:50:44.249Z",
"dateUpdated": "2025-02-13T17:08:42.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5135 (GCVE-0-2012-5135)
Vulnerability from
Published
2012-11-28 01:00
Modified
2024-08-06 20:58
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/80295 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/87886 | vdb-entry, x_refsource_OSVDB | |
| http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html | vendor-advisory, x_refsource_SUSE | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15768 | vdb-entry, signature, x_refsource_OVAL | |
| http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1027815 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/56684 | vdb-entry, x_refsource_BID | |
| https://code.google.com/p/chromium/issues/detail?id=159165 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:58:02.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "google-chrome-printing-code-exec(80295)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80295"
},
{
"name": "87886",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/87886"
},
{
"name": "openSUSE-SU-2012:1637",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html"
},
{
"name": "oval:org.mitre.oval:def:15768",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15768"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html"
},
{
"name": "1027815",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027815"
},
{
"name": "56684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56684"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=159165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "google-chrome-printing-code-exec(80295)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80295"
},
{
"name": "87886",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/87886"
},
{
"name": "openSUSE-SU-2012:1637",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html"
},
{
"name": "oval:org.mitre.oval:def:15768",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15768"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html"
},
{
"name": "1027815",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027815"
},
{
"name": "56684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56684"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=159165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2012-5135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "google-chrome-printing-code-exec(80295)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80295"
},
{
"name": "87886",
"refsource": "OSVDB",
"url": "http://osvdb.org/87886"
},
{
"name": "openSUSE-SU-2012:1637",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html"
},
{
"name": "oval:org.mitre.oval:def:15768",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15768"
},
{
"name": "http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html"
},
{
"name": "1027815",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027815"
},
{
"name": "56684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56684"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=159165",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=159165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2012-5135",
"datePublished": "2012-11-28T01:00:00",
"dateReserved": "2012-09-24T00:00:00",
"dateUpdated": "2024-08-06T20:58:02.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6517 (GCVE-0-2020-6517)
Vulnerability from
Published
2020-07-22 16:16
Modified
2024-08-04 09:02
Severity ?
EPSS score ?
Summary
Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:02:40.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://crbug.com/1095560"
},
{
"name": "openSUSE-SU-2020:1061",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html"
},
{
"name": "GLSA-202007-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202007-08"
},
{
"name": "FEDORA-2020-bf684961d9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTRPPTKZ2RKVH2XGQCWNFZ7FOGQ5LLCA/"
},
{
"name": "FEDORA-2020-84d87cbd50",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYIDWCHG24ZTFD4P42D4A4WWPPA74BCG/"
},
{
"name": "openSUSE-SU-2020:1148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.html"
},
{
"name": "openSUSE-SU-2020:1172",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.html"
},
{
"name": "openSUSE-SU-2020:1048",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00041.html"
},
{
"name": "DSA-4824",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4824"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "84.0.4147.89",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-02T15:06:38",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://crbug.com/1095560"
},
{
"name": "openSUSE-SU-2020:1061",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html"
},
{
"name": "GLSA-202007-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202007-08"
},
{
"name": "FEDORA-2020-bf684961d9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTRPPTKZ2RKVH2XGQCWNFZ7FOGQ5LLCA/"
},
{
"name": "FEDORA-2020-84d87cbd50",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYIDWCHG24ZTFD4P42D4A4WWPPA74BCG/"
},
{
"name": "openSUSE-SU-2020:1148",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.html"
},
{
"name": "openSUSE-SU-2020:1172",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.html"
},
{
"name": "openSUSE-SU-2020:1048",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00041.html"
},
{
"name": "DSA-4824",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4824"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "chrome-cve-admin@google.com",
"ID": "CVE-2020-6517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "84.0.4147.89"
}
]
}
}
]
},
"vendor_name": "Google"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
},
{
"name": "https://crbug.com/1095560",
"refsource": "MISC",
"url": "https://crbug.com/1095560"
},
{
"name": "openSUSE-SU-2020:1061",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00069.html"
},
{
"name": "GLSA-202007-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202007-08"
},
{
"name": "FEDORA-2020-bf684961d9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTRPPTKZ2RKVH2XGQCWNFZ7FOGQ5LLCA/"
},
{
"name": "FEDORA-2020-84d87cbd50",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYIDWCHG24ZTFD4P42D4A4WWPPA74BCG/"
},
{
"name": "openSUSE-SU-2020:1148",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00007.html"
},
{
"name": "openSUSE-SU-2020:1172",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00018.html"
},
{
"name": "openSUSE-SU-2020:1048",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00041.html"
},
{
"name": "DSA-4824",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4824"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2020-6517",
"datePublished": "2020-07-22T16:16:03",
"dateReserved": "2020-01-08T00:00:00",
"dateUpdated": "2024-08-04T09:02:40.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1450 (GCVE-0-2011-1450)
Vulnerability from
Published
2011-05-03 22:00
Modified
2024-08-06 22:28
Severity ?
EPSS score ?
Summary
Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/67157 | vdb-entry, x_refsource_XF | |
| http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14633 | vdb-entry, signature, x_refsource_OVAL | |
| http://code.google.com/p/chromium/issues/detail?id=77349 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:28:41.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "google-chrome-file-dialogs-dos(67157)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67157"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html"
},
{
"name": "oval:org.mitre.oval:def:14633",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14633"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=77349"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to \"dangling pointers.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "google-chrome-file-dialogs-dos(67157)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67157"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html"
},
{
"name": "oval:org.mitre.oval:def:14633",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14633"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=77349"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1450",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to \"dangling pointers.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "google-chrome-file-dialogs-dos(67157)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67157"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html"
},
{
"name": "oval:org.mitre.oval:def:14633",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14633"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=77349",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=77349"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1450",
"datePublished": "2011-05-03T22:00:00",
"dateReserved": "2011-03-18T00:00:00",
"dateUpdated": "2024-08-06T22:28:41.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
displaying 1 - 10 organizations in total 17