Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2023.0016
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2023-0016)
Zusammenfassung:	The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2023-0016 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2023-0016 advisory. Vulnerability Insight: The chromium-browser-stable package has been updated to the 109.0.5414.74 release, fixing 17 vulnerabilities. Some of the security fixes are - High CVE-2023-0128 Use after free in Overview Mode. Reported by Khalil Zhani on 2022-08-16 High CVE-2023-0129 Heap buffer overflow in Network Service. Reported by asnine on 2022-11-07 Medium CVE-2023-0130 Inappropriate implementation in Fullscreen API. Reported by Hafiizh on 2022-09-30 Medium CVE-2023-0131 Inappropriate implementation in iframe Sandbox. Reported by NDevTK on 2022-08-28 Medium CVE-2023-0132 Inappropriate implementation in Permission prompts. Reported by Jasper Rebane (popstonia) on 2022-10-05 Medium CVE-2023-0133 Inappropriate implementation in Permission prompts. Reported by Alesandro Ortiz on 2022-10-17 Medium CVE-2023-0134 Use after free in Cart. Reported by Chaoyuan Peng (@ret2happy) on 2022-11-17 Medium CVE-2023-0135 Use after free in Cart. Reported by Chaoyuan Peng (@ret2happy) on 2022-11-18 Medium CVE-2023-0136 Inappropriate implementation in Fullscreen API. Reported by Axel Chong on 2022-08-26 Medium CVE-2023-0137 Heap buffer overflow in Platform Apps. Reported by avaue and Buff3tts at S.S.L. on 2022-12-10 Low CVE-2023-0138 Heap buffer overflow in libphonenumber. Reported by Michael Dau on 2022-07-23 Low CVE-2023-0139 Insufficient validation of untrusted input in Downloads. Reported by Axel Chong on 2022-09-24 Low CVE-2023-0140 Inappropriate implementation in File System API. Reported by harrison.mitchell, cybercx.com.au on 2022-05-18 Low CVE-2023-0141 Insufficient policy enforcement in CORS. Reported by scarlet on 2022-09-12 Affected Software/OS: 'chromium-browser-stable' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2023-0128 https://security.gentoo.org/glsa/202305-10 https://security.gentoo.org/glsa/202311-11 https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop.html https://crbug.com/1353208 Common Vulnerability Exposure (CVE) ID: CVE-2023-0129 https://crbug.com/1382033 Common Vulnerability Exposure (CVE) ID: CVE-2023-0130 https://crbug.com/1370028 Common Vulnerability Exposure (CVE) ID: CVE-2023-0131 https://crbug.com/1357366 Common Vulnerability Exposure (CVE) ID: CVE-2023-0132 https://crbug.com/1371215 Common Vulnerability Exposure (CVE) ID: CVE-2023-0133 https://crbug.com/1375132 Common Vulnerability Exposure (CVE) ID: CVE-2023-0134 https://crbug.com/1385709 Common Vulnerability Exposure (CVE) ID: CVE-2023-0135 https://crbug.com/1385831 Common Vulnerability Exposure (CVE) ID: CVE-2023-0136 https://crbug.com/1356987 Common Vulnerability Exposure (CVE) ID: CVE-2023-0137 https://crbug.com/1399904 Common Vulnerability Exposure (CVE) ID: CVE-2023-0138 https://crbug.com/1346675 Common Vulnerability Exposure (CVE) ID: CVE-2023-0139 https://crbug.com/1367632 Common Vulnerability Exposure (CVE) ID: CVE-2023-0140 https://crbug.com/1326788 Common Vulnerability Exposure (CVE) ID: CVE-2023-0141 https://crbug.com/1362331
Copyright	Copyright (C) 2023 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.