Search for packages
| purl | pkg:deb/debian/chromium@124.0.6367.60-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1hju-8srd-57bg | Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) |
CVE-2024-3844
|
| VCID-83ge-9gkd-vbdb | Inappropriate implementation in Prompts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-3846
|
| VCID-as76-9ntp-y3bp | Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-3837
|
| VCID-c61j-p3uq-43bx | Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-7019
|
| VCID-d4gt-rndb-wbat | Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-3839
|
| VCID-fazb-vu1j-qkcg | Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-3840
|
| VCID-j736-y8am-xbah | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-3832
|
| VCID-kcsu-b91y-t7g5 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-3834
|
| VCID-m947-x8gn-dybn | Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium) |
CVE-2024-3838
|
| VCID-msy4-5tju-c3ak | Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-3845
|
| VCID-p3ts-q4qw-1qch | Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to inject scripts or HTML into a privileged page via a malicious file. (Chromium security severity: Medium) |
CVE-2024-3841
|
| VCID-p3wp-rb44-7ygm | Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-3847
|
| VCID-snc8-e46j-9fa2 | Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-7020
|
| VCID-t5uy-rm9d-9bcx | Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-3843
|
| VCID-u3qp-1wrx-6fg1 | Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-3914
|
| VCID-xtcv-nv3g-nkfr | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-3833
|