FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 03:12:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
bdaecfad-3117-11ec-b3b0-3065ec8fd3ec	chromium -- multiple vulnerabilities Chrome Releases reports: This release contains 19 security fixes, including: [1246631] High CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-09-04 [1248661] High CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-09-11 [1249810] High CVE-2021-37983: Use after free in Dev Tools. Reported by Zhihua Yao of KunLun Lab on 2021-09-15 [1253399] High CVE-2021-37984: Heap buffer overflow in PDFium. Reported by Antti LevomÃÂ¤ki, Joonas Pihlaja andChristian Jali from Forcepoint on 2021-09-27 [1241860] High CVE-2021-37985: Use after free in V8. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-08-20 [1242404] Medium CVE-2021-37986: Heap buffer overflow in Settings. Reported by raven (@raid_akame) on 2021-08-23 [1206928] Medium CVE-2021-37987: Use after free in Network APIs. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-08 [1228248] Medium CVE-2021-37988: Use after free in Profiles. Reported by raven (@raid_akame) on 2021-07-12 [1233067] Medium CVE-2021-37989: Inappropriate implementation in Blink. Reported by Matt Dyas, Ankur Sundara on 2021-07-26 [1247395] Medium CVE-2021-37990: Inappropriate implementation in WebView. Reported by Kareem Selim of CyShield on 2021-09-07 [1250660] Medium CVE-2021-37991: Race in V8. Reported by Samuel Gross of Google Project Zero on 2021-09-17 [1253746] Medium CVE-2021-37992: Out of bounds read in WebAudio. Reported by sunburst@Ant Security Light-Year Lab on 2021-09-28 [1255332] Medium CVE-2021-37993: Use after free in PDF Accessibility. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-10-02 [1243020] Medium CVE-2021-37996: Insufficient validation of untrusted input in Downloads. Reported by Anonymous on 2021-08-24 [1100761] Low CVE-2021-37994: Inappropriate implementation in iFrame Sandbox. Reported by David Erceg on 2020-06-30 [1242315] Low CVE-2021-37995: Inappropriate implementation in WebApp Installer. Reported by Terence Eden on 2021-08-23 Discovery 2021-10-19 Entry 2021-10-19 chromium < 95.0.4638.54 CVE-2021-37981 CVE-2021-37982 CVE-2021-37983 CVE-2021-37984 CVE-2021-37985 CVE-2021-37986 CVE-2021-37987 CVE-2021-37988 CVE-2021-37989 CVE-2021-37990 CVE-2021-37991 CVE-2021-37992 CVE-2021-37993 CVE-2021-37994 CVE-2021-37995 CVE-2021-37996 https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html

VuXML ID

Description

bdaecfad-3117-11ec-b3b0-3065ec8fd3ec

chromium -- multiple vulnerabilities

Chrome Releases reports:

This release contains 19 security fixes, including:

[1246631] High CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-09-04

[1248661] High CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-09-11

[1249810] High CVE-2021-37983: Use after free in Dev Tools. Reported by Zhihua Yao of KunLun Lab on 2021-09-15

[1253399] High CVE-2021-37984: Heap buffer overflow in PDFium. Reported by Antti LevomÃÂ¤ki, Joonas Pihlaja andChristian Jali from Forcepoint on 2021-09-27

[1241860] High CVE-2021-37985: Use after free in V8. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-08-20

[1242404] Medium CVE-2021-37986: Heap buffer overflow in Settings. Reported by raven (@raid_akame) on 2021-08-23

[1206928] Medium CVE-2021-37987: Use after free in Network APIs. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-08

[1228248] Medium CVE-2021-37988: Use after free in Profiles. Reported by raven (@raid_akame) on 2021-07-12

[1233067] Medium CVE-2021-37989: Inappropriate implementation in Blink. Reported by Matt Dyas, Ankur Sundara on 2021-07-26

[1247395] Medium CVE-2021-37990: Inappropriate implementation in WebView. Reported by Kareem Selim of CyShield on 2021-09-07

[1250660] Medium CVE-2021-37991: Race in V8. Reported by Samuel Gross of Google Project Zero on 2021-09-17

[1253746] Medium CVE-2021-37992: Out of bounds read in WebAudio. Reported by sunburst@Ant Security Light-Year Lab on 2021-09-28

[1255332] Medium CVE-2021-37993: Use after free in PDF Accessibility. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-10-02

[1243020] Medium CVE-2021-37996: Insufficient validation of untrusted input in Downloads. Reported by Anonymous on 2021-08-24

[1100761] Low CVE-2021-37994: Inappropriate implementation in iFrame Sandbox. Reported by David Erceg on 2020-06-30

[1242315] Low CVE-2021-37995: Inappropriate implementation in WebApp Installer. Reported by Terence Eden on 2021-08-23

Discovery 2021-10-19
Entry 2021-10-19
chromium

< 95.0.4638.54

CVE-2021-37981
CVE-2021-37982
CVE-2021-37983
CVE-2021-37984
CVE-2021-37985
CVE-2021-37986
CVE-2021-37987
CVE-2021-37988
CVE-2021-37989
CVE-2021-37990
CVE-2021-37991
CVE-2021-37992
CVE-2021-37993
CVE-2021-37994
CVE-2021-37995
CVE-2021-37996
https://chromereleases.googleblog.com/2021/10/stable-channel-update-for-desktop_19.html