Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2023.0090
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2023-0090)
Zusammenfassung:	The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2023-0090 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'chromium-browser-stable' package(s) announced via the MGASA-2023-0090 advisory. Vulnerability Insight: High CVE-2023-1213: Use after free in Swiftshader. Reported by Jaehun Jeong(@n3sk) of Theori on 2023-01-30 High CVE-2023-1214: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2023-02-03 High CVE-2023-1215: Type Confusion in CSS. Reported by Anonymous on 2023-02-17 High CVE-2023-1216: Use after free in DevTools. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2023-02-21 High CVE-2023-1217: Stack buffer overflow in Crash reporting. Reported by sunburst of Ant Group Tianqiong Security Lab on 2023-02-03 High CVE-2023-1218: Use after free in WebRTC. Reported by Anonymous on 2023-02-07 High CVE-2023-1219: Heap buffer overflow in Metrics. Reported by Sergei Glazunov of Google Project Zero on 2023-02-13 High CVE-2023-1220: Heap buffer overflow in UMA. Reported by Sergei Glazunov of Google Project Zero on 2023-02-17 Medium CVE-2023-1221: Insufficient policy enforcement in Extensions API. Reported by Ahmed ElMasry on 2022-11-16 Medium CVE-2023-1222: Heap buffer overflow in Web Audio API. Reported by Cassidy Kim(@cassidy6564) on 2022-12-24 Medium CVE-2023-1223: Insufficient policy enforcement in Autofill. Reported by Ahmed ElMasry on 2022-12-07 Medium CVE-2023-1224: Insufficient policy enforcement in Web Payments API. Reported by Thomas Orlita on 2022-12-25 Medium CVE-2023-1225: Insufficient policy enforcement in Navigation. Reported by Roberto Ffrench-Davis @Lihaft on 2023-01-20 Medium CVE-2023-1226: Insufficient policy enforcement in Web Payments API. Reported by Anonymous on 2019-10-10 Medium CVE-2023-1227: Use after free in Core. Reported by @ginggilBesel on 2022-07-31 Medium CVE-2023-1228: Insufficient policy enforcement in Intents. Reported by Axel Chong on 2022-09-18 Medium CVE-2023-1229: Inappropriate implementation in Permission prompts. Reported by Thomas Orlita on 2020-12-20 Medium CVE-2023-1230: Inappropriate implementation in WebApp Installs. Reported by Axel Chong on 2022-12-30 Medium CVE-2023-1231: Inappropriate implementation in Autofill. Reported by Yan Zhu, Brave on 2021-11-30 Low CVE-2023-1232: Insufficient policy enforcement in Resource Timing. Reported by Sohom Datta on 2022-07-24 Low CVE-2023-1233: Insufficient policy enforcement in Resource Timing. Reported by Soroush Karami on 2020-01-25 Low CVE-2023-1234: Inappropriate implementation in Intents. Reported by Axel Chong on 2023-01-03 Low CVE-2023-1235: Type Confusion in DevTools. Reported by raven at KunLun lab on 2023-01-03 Low CVE-2023-1236: Inappropriate implementation in Internals. Reported by Alesandro Ortiz on 2022-10-14 Affected Software/OS: 'chromium-browser-stable' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2023-1213 https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html https://crbug.com/1411210 Common Vulnerability Exposure (CVE) ID: CVE-2023-1214 https://crbug.com/1412487 Common Vulnerability Exposure (CVE) ID: CVE-2023-1215 https://crbug.com/1417176 Common Vulnerability Exposure (CVE) ID: CVE-2023-1216 https://crbug.com/1417649 Common Vulnerability Exposure (CVE) ID: CVE-2023-1217 https://crbug.com/1412658 Common Vulnerability Exposure (CVE) ID: CVE-2023-1218 https://crbug.com/1413628 Common Vulnerability Exposure (CVE) ID: CVE-2023-1219 http://packetstormsecurity.com/files/171795/Chrome-base-debug-ActivityUserData-ActivityUserData-Heap-Buffer-Overflow.html https://crbug.com/1415328 Common Vulnerability Exposure (CVE) ID: CVE-2023-1220 http://packetstormsecurity.com/files/171796/Chrome-base-SampleVectorBase-MoveSingleSampleToCounts-Heap-Buffer-Overflow.html https://crbug.com/1417185 Common Vulnerability Exposure (CVE) ID: CVE-2023-1221 https://crbug.com/1385343 Common Vulnerability Exposure (CVE) ID: CVE-2023-1222 https://crbug.com/1403515 Common Vulnerability Exposure (CVE) ID: CVE-2023-1223 https://crbug.com/1398579 Common Vulnerability Exposure (CVE) ID: CVE-2023-1224 https://crbug.com/1403539 Common Vulnerability Exposure (CVE) ID: CVE-2023-1225 https://crbug.com/1408799 Common Vulnerability Exposure (CVE) ID: CVE-2023-1226 https://crbug.com/1013080 Common Vulnerability Exposure (CVE) ID: CVE-2023-1227 https://crbug.com/1348791 Common Vulnerability Exposure (CVE) ID: CVE-2023-1228 https://crbug.com/1365100 Common Vulnerability Exposure (CVE) ID: CVE-2023-1229 https://crbug.com/1160485 Common Vulnerability Exposure (CVE) ID: CVE-2023-1230 https://crbug.com/1404230 Common Vulnerability Exposure (CVE) ID: CVE-2023-1231 https://crbug.com/1274887 Common Vulnerability Exposure (CVE) ID: CVE-2023-1232 https://crbug.com/1346924 Common Vulnerability Exposure (CVE) ID: CVE-2023-1233 https://crbug.com/1045681 Common Vulnerability Exposure (CVE) ID: CVE-2023-1234 https://crbug.com/1404621 Common Vulnerability Exposure (CVE) ID: CVE-2023-1235 https://crbug.com/1404704 Common Vulnerability Exposure (CVE) ID: CVE-2023-1236 https://crbug.com/1374518
Copyright	Copyright (C) 2023 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.