Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 428
Alerts This Week
Warning Icon 1 428

Debian: DSA-3926-1 Critical: Chromium Browser Spoofing Threats

debian
Calendar Grey August 4, 2017
Debian Logo
Debian DSA-3926-1 highlights several vulnerabilities found in the chromium-browser package, such as out-of-bounds access and deceptive user interface representations.
Several vulnerabilities have been discovered in the chromium web browser

Summary

CVE-2017-5087

Ned Williamson discovered a way to escape the sandbox.

CVE-2017-5088

Xiling Gong discovered an out-of-bounds read issue in the v8 javascript
library.

CVE-2017-5089

Michal Bentkowski discovered a spoofing issue.

CVE-2017-5091

Ned Williamson discovered a use-after-free issue in IndexedDB.

CVE-2017-5092

Yu Zhou discovered a use-after-free issue in PPAPI.

CVE-2017-5093

Luan Herrera discovered a user interface spoofing issue.

CVE-2017-5094

A type confusion issue was discovered in extensions.

CVE-2017-5095

An out-of-bounds write issue was discovered in the pdfium library.

CVE-2017-5097

An out-of-bounds read issue was discovered in the skia library.

CVE-2017-5098

Jihoon Kim discover a use-after-free issue in the v8 javascript library.

CVE-2017-5099

Yuan Deng discovered an out-of-bounds write issue in PPAPI.

CVE-2017-5100

A use-after-free issue was discovered in Chrome Apps.

CVE-2017-5101

Luan Herrera discovered a URL spoofing issue.

CVE-2017-5102

...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: chromium-browser
CVE ID: CVE-2017-5087 CVE-2017-5088 CVE-2017-5089 CVE-2017-5091

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.