Debian Chromium vulnerabilities

2,176 known vulnerabilities affecting debian/chromium.

Total CVEs

2,176

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL102HIGH1256MEDIUM754LOW56UNKNOWN8

Vulnerabilities

Page 36 of 109

CVE-2023-6705HIGHCVSS 8.8fixed in chromium 120.0.6099.109-1~deb12u1 (bookworm)2023

CVE-2023-6705 [HIGH] CVE-2023-6705: chromium - Use after free in WebRTC in Google Chrome prior to 120.0.6099.109 allowed a remo... Use after free in WebRTC in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 120.0.6099.109-1~deb12u1) bullseye: resolved (fixed in 120.0.6099.109-1~deb11u1) forky: resolved (fixed in 120.0.6099.109-1) sid: resolv

debian

CVE-2023-6350HIGHCVSS 8.8fixed in chromium 119.0.6045.199-1~deb12u1 (bookworm)2023

CVE-2023-6350 [HIGH] CVE-2023-6350: chromium - Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a rem... Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 119.0.6045.199-1~deb12u1) bullseye: resolved (fixed in 119.0.6045.199-1~deb11u1) forky: resolved (fixed in 119.0.6045.199-1) sid: resol

debian

CVE-2023-2929HIGHCVSS 8.8fixed in chromium 114.0.5735.90-2~deb12u1 (bookworm)2023

CVE-2023-2929 [HIGH] CVE-2023-2929: chromium - Out of bounds write in Swiftshader in Google Chrome prior to 114.0.5735.90 allow... Out of bounds write in Swiftshader in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 114.0.5735.90-2~deb12u1) bullseye: resolved (fixed in 114.0.5735.90-2~deb11u1) forky: resolved (fixed in 114.0.5735.90-1) sid:

debian

CVE-2023-2932HIGHCVSS 8.8fixed in chromium 114.0.5735.90-2~deb12u1 (bookworm)2023

CVE-2023-2932 [HIGH] CVE-2023-2932: chromium - Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote a... Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 114.0.5735.90-2~deb12u1) bullseye: resolved (fixed in 114.0.5735.90-2~deb11u1) forky: resolved (fixed in 114.0.5735.90-1) sid: resolved (fixe

debian

CVE-2023-1818HIGHCVSS 8.8fixed in chromium 112.0.5615.49-1 (bookworm)2023

CVE-2023-1818 [HIGH] CVE-2023-1818: chromium - Use after free in Vulkan in Google Chrome prior to 112.0.5615.49 allowed a remot... Use after free in Vulkan in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 112.0.5615.49-1) bullseye: resolved (fixed in 112.0.5615.49-2~deb11u2) forky: resolved (fixed in 112.0.5615.49-1) sid: resolved (fixed

debian

CVE-2023-4430HIGHCVSS 8.8fixed in chromium 116.0.5845.110-1~deb12u1 (bookworm)2023

CVE-2023-4430 [HIGH] CVE-2023-4430: chromium - Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remo... Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 116.0.5845.110-1~deb12u1) bullseye: resolved (fixed in 116.0.5845.110-1~deb11u1) forky: resolved (fixed in 116.0.5845.110-1) sid: resolv

debian

CVE-2023-4072HIGHCVSS 8.8fixed in chromium 115.0.5790.170-1~deb12u1 (bookworm)2023

CVE-2023-4072 [HIGH] CVE-2023-4072: chromium - Out of bounds read and write in WebGL in Google Chrome prior to 115.0.5790.170 a... Out of bounds read and write in WebGL in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 115.0.5790.170-1~deb12u1) bullseye: resolved (fixed in 115.0.5790.170-1~deb11u1) forky: resolved (fixed in 115.0.5790.170-1

debian

CVE-2023-2723HIGHCVSS 8.8fixed in chromium 113.0.5672.126-1 (bookworm)2023

CVE-2023-2723 [HIGH] CVE-2023-2723: chromium - Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a re... Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 113.0.5672.126-1) bullseye: resolved (fixed in 113.0.5672.126-1~deb11u1) forky: resolved (fix

debian

CVE-2023-3215HIGHCVSS 8.8fixed in chromium 114.0.5735.133-1~deb12u1 (bookworm)2023

CVE-2023-3215 [HIGH] CVE-2023-3215: chromium - Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remo... Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 114.0.5735.133-1~deb12u1) bullseye: resolved (fixed in 114.0.5735.133-1~deb11u1) forky: resolved (fixed in 114.0.5735.133-1) sid: resolv

debian

CVE-2023-2935HIGHCVSS 8.8fixed in chromium 114.0.5735.90-2~deb12u1 (bookworm)2023

CVE-2023-2935 [HIGH] CVE-2023-2935: chromium - Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote at... Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 114.0.5735.90-2~deb12u1) bullseye: resolved (fixed in 114.0.5735.90-2~deb11u1) forky: resolved (fixed in 114.0.5735.90-1) sid: resolved (fixe

debian

CVE-2023-1812HIGHCVSS 8.8fixed in chromium 112.0.5615.49-1 (bookworm)2023

CVE-2023-1812 [HIGH] CVE-2023-1812: chromium - Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615... Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 112.0.5615.49-1) bullseye: resolved (fixed in 112.0.5615.49-2~deb11u2) forky: resolved (fixed in 112.0.5615.49-1) si

debian

CVE-2023-1810HIGHCVSS 8.8fixed in chromium 112.0.5615.49-1 (bookworm)2023

CVE-2023-1810 [HIGH] CVE-2023-1810: chromium - Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed ... Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 112.0.5615.49-1) bullseye: resolved (fixed in 112.0.5615.49-2~deb11u2) forky: resolved (f

debian

CVE-2023-5472HIGHCVSS 8.8fixed in chromium 118.0.5993.117-1~deb12u1 (bookworm)2023

CVE-2023-5472 [HIGH] CVE-2023-5472: chromium - Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a re... Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 118.0.5993.117-1~deb12u1) bullseye: resolved (fixed in 118.0.5993.117-1~deb11u1) forky: resolved (fixed in 118.0.5993.117-1) sid: reso

debian

CVE-2023-3216HIGHCVSS 8.8fixed in chromium 114.0.5735.133-1~deb12u1 (bookworm)2023

CVE-2023-3216 [HIGH] CVE-2023-3216: chromium - Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote a... Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 114.0.5735.133-1~deb12u1) bullseye: resolved (fixed in 114.0.5735.133-1~deb11u1) forky: resolved (fixed in 114.0.5735.133-1) sid: resolved (

debian

CVE-2023-0929HIGHCVSS 8.8fixed in chromium 110.0.5481.177-1 (bookworm)2023

CVE-2023-0929 [HIGH] CVE-2023-0929: chromium - Use after free in Vulkan in Google Chrome prior to 110.0.5481.177 allowed a remo... Use after free in Vulkan in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 110.0.5481.177-1) bullseye: resolved (fixed in 110.0.5481.177-1~deb11u1) forky: resolved (fixed in 110.0.5481.177-1) sid: resolved (fixe

debian

CVE-2023-4354HIGHCVSS 8.8fixed in chromium 116.0.5845.96-1~deb12u1 (bookworm)2023

CVE-2023-4354 [HIGH] CVE-2023-4354: chromium - Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a r... Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 116.0.5845.96-1~deb12u1) bullseye: resolved (fixed in 116.0.5845.96-1~deb11u1) forky: resolv

debian

CVE-2023-0701HIGHCVSS 8.8fixed in chromium 110.0.5481.77-1 (bookworm)2023

CVE-2023-0701 [HIGH] CVE-2023-0701: chromium - Heap buffer overflow in WebUI in Google Chrome prior to 110.0.5481.77 allowed a ... Heap buffer overflow in WebUI in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interaction . (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 110.0.5481.77-1) bullseye: resolved (fixed in 110.0.5481.77-1~deb11u1) fork

debian

CVE-2023-0930HIGHCVSS 8.8fixed in chromium 110.0.5481.177-1 (bookworm)2023

CVE-2023-0930 [HIGH] CVE-2023-0930: chromium - Heap buffer overflow in Video in Google Chrome prior to 110.0.5481.177 allowed a... Heap buffer overflow in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 110.0.5481.177-1) bullseye: resolved (fixed in 110.0.5481.177-1~deb11u1) forky: resolved (fixed in 110.0.5481.177-1) sid: resolved

debian

CVE-2023-2726HIGHCVSS 8.8fixed in chromium 113.0.5672.126-1 (bookworm)2023

CVE-2023-2726 [HIGH] CVE-2023-2726: chromium - Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.... Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 113.0.5672.126-1) bullseye: resolved (fixed in 113.0.5672.126-1~deb11u1) forky:

debian

CVE-2023-7010HIGHCVSS 8.8fixed in chromium 117.0.5938.62-1~deb12u1 (bookworm)2023

CVE-2023-7010 [HIGH] CVE-2023-7010: chromium - Use after free in WebRTC in Google Chrome prior to 117.0.5938.62 allowed a remot... Use after free in WebRTC in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 117.0.5938.62-1~deb12u1) bullseye: resolved (fixed in 117.0.5938.62-1~deb11u1) forky: resolved (fixed in 117.0.5938.62-1) sid: resolved (

debian

← Previous36 / 109Next →