Debian Chromium vulnerabilities

2,176 known vulnerabilities affecting debian/chromium.

Total CVEs

2,176

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL102HIGH1256MEDIUM754LOW56UNKNOWN8

Vulnerabilities

Page 39 of 109

CVE-2023-2936HIGHCVSS 8.8fixed in chromium 114.0.5735.90-2~deb12u1 (bookworm)2023

CVE-2023-2936 [HIGH] CVE-2023-2936: chromium - Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote at... Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 114.0.5735.90-2~deb12u1) bullseye: resolved (fixed in 114.0.5735.90-2~deb11u1) forky: resolved (fixed in 114.0.5735.90-1) sid: resolved (fixe

debian

CVE-2023-2134HIGHCVSS 8.8fixed in chromium 112.0.5615.138-1 (bookworm)2023

CVE-2023-2134 [HIGH] CVE-2023-2134: chromium - Out of bounds memory access in Service Worker API in Google Chrome prior to 112.... Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 112.0.5615.138-1) bullseye: resolved (fixed in 112.0.5615.138-1~deb11u1) forky: resolved (fixed in 112.0.5615.1

debian

CVE-2023-1214HIGHCVSS 8.8fixed in chromium 111.0.5563.64-1 (bookworm)2023

CVE-2023-1214 [HIGH] CVE-2023-1214: chromium - Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote at... Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 111.0.5563.64-1) bullseye: resolved (fixed in 111.0.5563.64-1~deb11u1) forky: resolved (fixed in 111.0.5563.64-1) sid: resolved (fixed in 111

debian

CVE-2023-2461HIGHCVSS 8.8fixed in chromium 113.0.5672.63-1 (bookworm)2023

CVE-2023-2461 [HIGH] CVE-2023-2461: chromium - Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 ... Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 113.0.5672.63-1) bullseye: resolved (fixed in 113.0.5672.63-

debian

CVE-2023-4074HIGHCVSS 8.8fixed in chromium 115.0.5790.170-1~deb12u1 (bookworm)2023

CVE-2023-4074 [HIGH] CVE-2023-4074: chromium - Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170... Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 115.0.5790.170-1~deb12u1) bullseye: resolved (fixed in 115.0.5790.170-1~deb11u1) forky: resolved (fixed in 115.0.5790.170

debian

CVE-2023-6703HIGHCVSS 8.8fixed in chromium 120.0.6099.109-1~deb12u1 (bookworm)2023

CVE-2023-6703 [HIGH] CVE-2023-6703: chromium - Use after free in Blink in Google Chrome prior to 120.0.6099.109 allowed a remot... Use after free in Blink in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 120.0.6099.109-1~deb12u1) bullseye: resolved (fixed in 120.0.6099.109-1~deb11u1) forky: resolved (fixed in 120.0.6099.109-1) sid: resolve

debian

CVE-2023-6112HIGHCVSS 8.8fixed in chromium 119.0.6045.159-1~deb12u1 (bookworm)2023

CVE-2023-6112 [HIGH] CVE-2023-6112: chromium - Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a ... Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 119.0.6045.159-1~deb12u1) bullseye: resolved (fixed in 119.0.6045.159-1~deb11u1) forky: resolved (fixed in 119.0.6045.159-1) sid: re

debian

CVE-2023-4353HIGHCVSS 8.8fixed in chromium 116.0.5845.96-1~deb12u1 (bookworm)2023

CVE-2023-4353 [HIGH] CVE-2023-4353: chromium - Heap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96 allowed a ... Heap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 116.0.5845.96-1~deb12u1) bullseye: resolved (fixed in 116.0.5845.96-1~deb11u1) forky: resolved (fixed in 116.0.5845.96-1) sid: resol

debian

CVE-2023-2724HIGHCVSS 8.8fixed in chromium 113.0.5672.126-1 (bookworm)2023

CVE-2023-2724 [HIGH] CVE-2023-2724: chromium - Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote a... Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 113.0.5672.126-1) bullseye: resolved (fixed in 113.0.5672.126-1~deb11u1) forky: resolved (fixed in 113.0.5672.126-1) sid: resolved (fixed in

debian

CVE-2023-5855HIGHCVSS 8.8fixed in chromium 119.0.6045.105-1~deb12u1 (bookworm)2023

CVE-2023-5855 [HIGH] CVE-2023-5855: chromium - Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed ... Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 119.0.6045.105-1~deb12u1) bullseye: resolved (fixed in 119.0.6045.105-1~

debian

CVE-2023-4073HIGHCVSS 8.8fixed in chromium 115.0.5790.170-1~deb12u1 (bookworm)2023

CVE-2023-4073 [HIGH] CVE-2023-4073: chromium - Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790... Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 115.0.5790.170-1~deb12u1) bullseye: resolved (fixed in 115.0.5790.170-1~deb11u1) forky: resolved (fixed in 115.0.5790

debian

CVE-2023-0129HIGHCVSS 8.8fixed in chromium 109.0.5414.74-1 (bookworm)2023

CVE-2023-0129 [HIGH] CVE-2023-0129: chromium - Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 ... Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and specific interactions. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 109.0.5414.74-1) bullseye: resolved (fixed in 10

debian

CVE-2023-6351HIGHCVSS 8.8fixed in chromium 119.0.6045.199-1~deb12u1 (bookworm)2023

CVE-2023-6351 [HIGH] CVE-2023-6351: chromium - Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a rem... Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 119.0.6045.199-1~deb12u1) bullseye: resolved (fixed in 119.0.6045.199-1~deb11u1) forky: resolved (fixed in 119.0.6045.199-1) sid: resol

debian

CVE-2023-0931HIGHCVSS 8.8fixed in chromium 110.0.5481.177-1 (bookworm)2023

CVE-2023-0931 [HIGH] CVE-2023-0931: chromium - Use after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remot... Use after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 110.0.5481.177-1) bullseye: resolved (fixed in 110.0.5481.177-1~deb11u1) forky: resolved (fixed in 110.0.5481.177-1) sid: resolved (fixed

debian

CVE-2023-2722HIGHCVSS 8.8fixed in chromium 113.0.5672.126-1 (bookworm)2023

CVE-2023-2722 [HIGH] CVE-2023-2722: chromium - Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.12... Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 113.0.5672.126-1) bullseye: resolved (fixed in 113.0.5672.126-1~deb11u1) forky: resolved (fixed in 113.0.5672.126-1) sid

debian

CVE-2023-4357HIGHCVSS 8.8fixed in chromium 116.0.5845.96-1~deb12u1 (bookworm)2023

CVE-2023-4357 [HIGH] CVE-2023-4357: chromium - Insufficient validation of untrusted input in XML in Google Chrome prior to 116.... Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 116.0.5845.96-1~deb12u1) bullseye: resolved (fixed in 116.0.5845.96-1~deb11u1) forky: resolved (fixed in 116.0.584

debian

CVE-2023-4763HIGHCVSS 8.8fixed in chromium 116.0.5845.180-1~deb12u1 (bookworm)2023

CVE-2023-4763 [HIGH] CVE-2023-4763: chromium - Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a re... Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 116.0.5845.180-1~deb12u1) bullseye: resolved (fixed in 116.0.5845.180-1~deb11u1) forky: resolved (fixed in 116.0.5845.180-1) sid: reso

debian

CVE-2023-4068HIGHCVSS 8.1fixed in chromium 115.0.5790.170-1~deb12u1 (bookworm)2023

CVE-2023-4068 [HIGH] CVE-2023-4068: chromium - Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote a... Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 115.0.5790.170-1~deb12u1) bullseye: resolved (fixed in 115.0.5790.170-1~deb11u1) forky: resolved (fixed in 115.0.5790.170-1) sid: resolved (fixed i

debian

CVE-2023-1820HIGHCVSS 8.8fixed in chromium 112.0.5615.49-1 (bookworm)2023

CVE-2023-1820 [HIGH] CVE-2023-1820: chromium - Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 ... Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 112.0.5615.49-1) bullseye: resolved (fixed in 112.0.5615.49-2~

debian

CVE-2023-1222HIGHCVSS 8.8fixed in chromium 111.0.5563.64-1 (bookworm)2023

CVE-2023-1222 [HIGH] CVE-2023-1222: chromium - Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 al... Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 111.0.5563.64-1) bullseye: resolved (fixed in 111.0.5563.64-1~deb11u1) forky: resolved (fixed in 111.0.5563.64-1) sid: res

debian

← Previous39 / 109Next →