VulnerableCode Package Details - pkg:apk/alpine/qt6-qtwebengine@6.8.3-r1?arch=s390x&distroversion=edge&reponame=community

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2rju-kk9j-1kbb	Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)	CVE-2025-5065
VCID-34ga-6n2z-4bcm	Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)	CVE-2025-5064
VCID-8vsf-szma-sbad	Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	CVE-2025-5063
VCID-98mt-7srw-qfh4	A vulnerability has been discovered in libvpx, which could lead to execution of arbitrary code.	CVE-2025-5283
VCID-9q9q-6hv9-zkfc	Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium)	CVE-2025-5281
VCID-k2kp-fv3q-vyh2	libexpat: expat: DoS via XML_ResumeParser	CVE-2024-50602
VCID-zzsv-3v7k-n3ep	hunspell: out-of-bounds read in SuggestMgr::leftcommonsubstring in suggestmgr.cxx	CVE-2019-16707

Vulnerability

Summary

Aliases

VCID-2rju-kk9j-1kbb

Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-5065

VCID-34ga-6n2z-4bcm

Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-5064

VCID-8vsf-szma-sbad

Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2025-5063

VCID-98mt-7srw-qfh4

A vulnerability has been discovered in libvpx, which could lead to execution of arbitrary code.

CVE-2025-5283

VCID-9q9q-6hv9-zkfc

Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium)

CVE-2025-5281

VCID-k2kp-fv3q-vyh2

libexpat: expat: DoS via XML_ResumeParser

CVE-2024-50602

VCID-zzsv-3v7k-n3ep

hunspell: out-of-bounds read in SuggestMgr::leftcommonsubstring in suggestmgr.cxx

CVE-2019-16707

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-08T06:24:49.248260+00:00	Alpine Linux Importer	Fixing	VCID-34ga-6n2z-4bcm	https://secdb.alpinelinux.org/edge/community.json	38.1.0
2026-04-06T04:48:43.763661+00:00	Alpine Linux Importer	Fixing	VCID-zzsv-3v7k-n3ep	https://secdb.alpinelinux.org/edge/community.json	38.1.0
2026-04-06T04:47:30.232792+00:00	Alpine Linux Importer	Fixing	VCID-9q9q-6hv9-zkfc	https://secdb.alpinelinux.org/edge/community.json	38.1.0
2026-04-03T17:47:25.781146+00:00	Alpine Linux Importer	Fixing	VCID-k2kp-fv3q-vyh2	https://secdb.alpinelinux.org/edge/community.json	38.1.0
2026-04-01T18:53:53.654025+00:00	Alpine Linux Importer	Fixing	VCID-8vsf-szma-sbad	https://secdb.alpinelinux.org/edge/community.json	38.0.0
2026-04-01T18:51:18.351993+00:00	Alpine Linux Importer	Fixing	VCID-2rju-kk9j-1kbb	https://secdb.alpinelinux.org/edge/community.json	38.0.0
2026-04-01T18:51:05.544198+00:00	Alpine Linux Importer	Fixing	VCID-98mt-7srw-qfh4	https://secdb.alpinelinux.org/edge/community.json	38.0.0