Google Chrome Chrome vulnerabilities

CVE-2023-6350 [HIGH] Stable Channel Update for Desktop: CVE-2023-6350 Stable Channel Update for Desktop CVE-2023-6350: Out of bounds memory access in libavif. Reported by Fudan University on 2023-11-13 [$7000][ 1501770 ] High CVE-2023-6351: Use after free in libavif Reported by Fudan University on 2023-11-13 [N/A][ 1505053 ] High CVE-2023-6345: Integer overflow in Skia Severity: high

CVE-2023-6348 [HIGH] Stable Channel Update for Desktop: CVE-2023-6348 Stable Channel Update for Desktop CVE-2023-6348: Type Confusion in Spellcheck. Reported by Mark Brand of Google Project Zero on 2023-10-10 [$31000][ 1494461 ] High CVE-2023-6347: Use after free in Mojo Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2023-10-21 [$10000][ 1500856 ] High CVE-2023-6346: Use after free in WebAudio Severity: high

CVE-2023-5480 [MEDIUM] Long Term Support Channel Update for ChromeOS: CVE-2023-5480 Long Term Support Channel Update for ChromeOS CVE-2023-5480

CVE-2023-21401 [CRITICAL] Long Term Support Channel Update for ChromeOS: CVE-2023-21401 Long Term Support Channel Update for ChromeOS CVE-2023-21401

CVE-2023-38545 [CRITICAL] Long Term Support Channel Update for ChromeOS: CVE-2023-38545 Long Term Support Channel Update for ChromeOS CVE-2023-38545

CVE-2023-21263 [CRITICAL] Long Term Support Channel Update for ChromeOS: CVE-2023-21263 Long Term Support Channel Update for ChromeOS CVE-2023-21263

CVE-2023-5474 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-5474 Long Term Support Channel Update for ChromeOS CVE-2023-5474

CVE-2023-5472 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-5472 Long Term Support Channel Update for ChromeOS CVE-2023-5472

CVE-2023-5481 [MEDIUM] Long Term Support Channel Update for ChromeOS: CVE-2023-5481 Long Term Support Channel Update for ChromeOS CVE-2023-5481

CVE-2023-35688 Long Term Support Channel Update for ChromeOS: CVE-2023-35688 Long Term Support Channel Update for ChromeOS CVE-2023-35688

CVE-2024-3174 [HIGH] Stable Channel Update for Desktop: CVE-2024-3174 Stable Channel Update for Desktop CVE-2024-3174: Inappropriate implementation in V8. Reported by Alan Goodman on 2023-09-25 [$3000][ 1281972 ] Medium CVE-2023-5850: Incorrect security UI in Downloads Reported by Mohit Raj (shadow2639) on 2021-12-22 [$5000][ 40066780 ] Medium CVE-2023-7011: Inappropriate implementation in Picture in Picture Severity: high

CVE-2023-5856 [MEDIUM] Stable Channel Update for Desktop: CVE-2023-5856 Stable Channel Update for Desktop CVE-2023-5856: Use after free in Side Panel. Reported by Weipeng Jiang (@Krace) of VRI on 2023-10-17 [N/A][ 1493435 ] Medium CVE-2023-5857: Inappropriate implementation in Downloads Reported by Will Dormann on 2023-10-18 [$3000][ 1457704 ] Low CVE-2023-5858: Inappropriate implementation in WebApp Provider Severity: medium

CVE-2023-7013 [MEDIUM] Stable Channel Update for Desktop: CVE-2023-7013 Stable Channel Update for Desktop CVE-2023-7013: Inappropriate implementation in Compositing. Reported by Suhwan Song on 2023-09-05 [$1000][ 1488267 ] Medium CVE-2023-5854: Use after free in Profiles Reported by Minchin Park of SSD-Disclosure Labs on 2023-10-01 [$TBD][ 1492396 ] Medium CVE-2023-5855: Use after free in Reading Mode Severity: medium

CVE-2023-5859 [LOW] Stable Channel Update for Desktop: CVE-2023-5859 Stable Channel Update for Desktop CVE-2023-5859: Incorrect security UI in Picture In Picture. Reported by Junsung Lee on 2023-09-13 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel Severity: low

CVE-2023-5218 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-5218 Long Term Support Channel Update for ChromeOS CVE-2023-5218

CVE-2023-42753 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-42753 Long Term Support Channel Update for ChromeOS CVE-2023-42753

CVE-2023-40283 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-40283 Long Term Support Channel Update for ChromeOS CVE-2023-40283

CVE-2023-23583 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-23583 Long Term Support Channel Update for ChromeOS CVE-2023-23583

CVE-2023-5476 [MEDIUM] Stable Channel Update for ChromeOS/ChromeOS Flex: CVE-2023-5476 Stable Channel Update for ChromeOS/ChromeOS Flex CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun on 2023-08-20 [$500][ 1471253 ] Medium CVE-2023-5479: Inappropriate implementation in Extensions API Reported by Axel Chong on 2023-08-09 [$6000][ 1395164 ] Low CVE-2023-5485: Inappropriate implementation in Autofill Severity: medium

CVE-2023-5478 [LOW] Stable Channel Update for ChromeOS/ChromeOS Flex: CVE-2023-5478 Stable Channel Update for ChromeOS/ChromeOS Flex CVE-2023-5478: Inappropriate implementation in Autofill. Reported by Shaheen Fazim on 2023-06-15 [$1000][ 1357442 ] Low CVE-2023-5486: Inappropriate implementation in Input Reported by Hafiizh on 2022-08-29 [$1000][ 1484000 ] Low CVE-2023-5473: Use after free in Cast Severity: low