FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-28 14:09:37 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
19047673-c680-11ee-86bb-a8a1599412c6	chromium -- multiple security fixes Chrome Releases reports: This update includes 3 security fixes: [41494539] High CVE-2024-1284: Use after free in Mojo. Reported by Anonymous on 2024-01-25 [41494860] High CVE-2024-1283: Heap buffer overflow in Skia. Reported by Jorge Buzeti (@r3tr074) on 2024-01-25 Discovery 2024-02-06 Entry 2024-02-08 chromium < 121.0.6167.160 ungoogled-chromium < 121.0.6167.160 qt5-webengine < 5.15.16.p5_5 qt6-webengine < 6.6.1_5 CVE-2024-1284 CVE-2024-1283 https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html
a11e7dd1-bed4-11ee-bdd6-4ccc6adda413	qt5-webengine -- Multiple vulnerabilities Qt qtwebengine-chromium repo reports: Backports for 8 security bugs in Chromium: [1505053] High CVE-2023-6345: Integer overflow in Skia [1501326] High CVE-2023-6702: Type Confusion in V8 [1513170] High CVE-2023-7024: Heap buffer overflow in WebRTC [1501798] High CVE-2024-0222: Use after free in ANGLE [1505086] High CVE-2024-0224: Use after free in WebAudio [1513379] High CVE-2024-0333: Insufficient data validation in Extensions [1507412] High CVE-2024-0518: Type Confusion in V8 [1517354] High CVE-2024-0519: Out of bounds memory access in V8 Discovery 2024-01-08 Entry 2024-01-29 qt5-webengine < 5.15.16.p5_4 CVE-2023-6345 CVE-2023-6702 CVE-2023-7024 CVE-2024-0222 CVE-2024-0224 CVE-2024-0333 CVE-2024-0518 CVE-2024-0519 https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=87-based
4405e9ad-97fe-11ee-86bb-a8a1599412c6	chromium -- multiple security fixes Chrome Releases reports: This update includes 10 security fixes: [1497984] High CVE-2023-6508: Use after free in Media Stream. Reported by Cassidy Kim(@cassidy6564) on 2023-10-31 [1494565] High CVE-2023-6509: Use after free in Side Panel Search. Reported by Khalil Zhani on 2023-10-21 [1480152] Medium CVE-2023-6510: Use after free in Media Capture. Reported by [pwn2car] on 2023-09-08 [1478613] Low CVE-2023-6511: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2023-09-04 [1457702] Low CVE-2023-6512: Inappropriate implementation in Web Browser UI. Reported by Om Apip on 2023-06-24 Discovery 2023-12-05 Entry 2023-12-11 chromium < 120.0.6099.62 ungoogled-chromium < 120.0.6099.62 qt5-webengine < 5.15.16.p5_2 qt6-webengine < 6.6.1_1 CVE-2023-6508 CVE-2023-6509 CVE-2023-6510 CVE-2023-6511 CVE-2023-6512 https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop.html
0da4db89-84bf-11ee-8290-a8a1599412c6	chromium -- multiple security fixes Chrome Releases reports: This update includes 4 security fixes: [1497997] High CVE-2023-5997: Use after free in Garbage Collection. Reported by Anonymous on 2023-10-31 [1499298] High CVE-2023-6112: Use after free in Navigation. Reported by Sergei Glazunov of Google Project Zero on 2023-11-04 Discovery 2023-11-14 Entry 2023-11-16 chromium < 119.0.6045.159 ungoogled-chromium < 119.0.6045.159 qt5-webengine < 5.15.16.p5 qt6-webengine < 6.6.1 CVE-2023-5997 CVE-2023-6112 https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.html
bbcb1584-c068-11ee-bdd6-4ccc6adda413	qt6-webengine -- Multiple vulnerabilities Qt qtwebengine-chromium repo reports: Backports for 3 security bugs in Chromium: [1505080] High CVE-2024-0807: Use after free in WebAudio [1504936] Critical CVE-2024-0808: Integer underflow in WebUI [1496250] Medium CVE-2024-0810: Insufficient policy enforcement in DevTools Discovery 2024-01-30 Entry 2024-01-31 qt5-webengine < 5.15.16.p5_5 qt6-webengine < 6.6.1_4 CVE-2024-0807 CVE-2024-0808 CVE-2024-0810 https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=112-based
dc9e5237-c197-11ee-86bb-a8a1599412c6	chromium -- multiple security fixes Chrome Releases reports: This update includes 4 security fixes: [1511567] High CVE-2024-1060: Use after free in Canvas. Reported by Anonymous on 2023-12-14 [1514777] High CVE-2024-1059: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-12-29 [1511085] High CVE-2024-1077: Use after free in Network. Reported by Microsoft Security Research Center on 2023-12-13 Discovery 2024-01-30 Entry 2024-02-02 chromium < 121.0.6167.139 ungoogled-chromium < 121.0.6167.139 qt5-webengine < 5.15.16.p5_5 qt6-webengine < 6.6.1_5 CVE-2024-1060 CVE-2024-1059 CVE-2024-1077 https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html
8cdd38c7-8ebb-11ee-86bb-a8a1599412c6	chromium -- multiple security fixes Chrome Releases reports: This update includes 7 security fixes: [1491459] High CVE-2023-6348: Type Confusion in Spellcheck. Reported by Mark Brand of Google Project Zero on 2023-10-10 [1494461] High CVE-2023-6347: Use after free in Mojo. Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2023-10-21 [1500856] High CVE-2023-6346: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-09 [1501766] High CVE-2023-6350: Out of bounds memory access in libavif. Reported by Fudan University on 2023-11-13 [1501770] High CVE-2023-6351: Use after free in libavif. Reported by Fudan University on 2023-11-13 [1505053] High CVE-2023-6345: Integer overflow in Skia. Reported by BenoÃÂ®t Sevens and ClÃÂ©ment Lecigne of Google's Threat Analysis Group on 2023-11-24 Discovery 2023-11-28 Entry 2023-11-29 chromium < 119.0.6045.199 ungoogled-chromium < 119.0.6045.199 qt5-webengine < 5.15.16.p5_2 qt6-webengine < 6.6.1_1 CVE-2023-6348 CVE-2023-6347 CVE-2023-6346 CVE-2023-6350 CVE-2023-6351 CVE-2023-6345 https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html