DSA-3776-1 chromium -- chromiumID: oval:org.secpod.oval:def:602759 | Date: (C)2017-02-01 (M)2023-12-20 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5006 Mariusz Mlynski discovered a cross-site scripting issue. CVE-2017-5007 Mariusz Mlynski discovered another cross-site scripting issue. CVE-2017-5008 Mariusz Mlynski discovered a third cross-site scripting issue. CVE-2017-5009 Sean Stanek and Chip Bradford discovered an out-of-bounds memory issue in the webrtc library. CVE-2017-5010 Mariusz Mlynski discovered a fourth cross-site scripting issue. CVE-2017-5011 Khalil Zhani discovered a way to access unauthorized files in the developer tools. CVE-2017-5012 Gergely Nagy discovered a heap overflow issue in the v8 javascript library. CVE-2017-5013 Haosheng Wang discovered a URL spoofing issue. CVE-2017-5014 sweetchip discovered a heap overflow issue in the skia library. CVE-2017-5015 Armin Razmdjou discovered a URL spoofing issue. CVE-2017-5016 Haosheng Wang discovered another URL spoofing issue. CVE-2017-5017 danberm discovered an uninitialized memory issue in support for webm video files. CVE-2017-5018 Rob Wu discovered a cross-site scripting issue. CVE-2017-5019 Wadih Matar discovered a use-after-free issue. CVE-2017-5020 Rob Wu discovered another cross-site scripting issue. CVE-2017-5021 Rob Wu discovered a use-after-free issue in extensions. CVE-2017-5022 PKAV Team discovered a way to bypass the Content Security Policy. CVE-2017-5023 UK"s National Cyber Security Centre discovered a type confusion issue. CVE-2017-5024 Paul Mehta discovered a heap overflow issue in the ffmpeg library. CVE-2017-5025 Paul Mehta discovered another heap overflow issue in the ffmpeg library. CVE-2017-5026 Ronni Skansing discovered a user interface spoofing issue.