diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -1,3 +1,44 @@ + + chromium -- multiple vulnerabilities + + + chromium + 112.0.5615.165 + + + ungoogled-chromium + 112.0.5615.165 + + + + +

Chrome Releases reports:

+
This update includes 8 security fixes:
+
+
[1429197] High CVE-2023-2133: Out of bounds memory access in Service Worker API. Reported by Rong Jian of VRI on 2023-03-30
+
[1429201] High CVE-2023-2134: Out of bounds memory access in Service Worker API. Reported by Rong Jian of VRI on 2023-03-30
+
[1424337] High CVE-2023-2135: Use after free in DevTools. Reported by Cassidy Kim(@cassidy6564) on 2023-03-14
+
[1432603] High CVE-2023-2136: Integer overflow in Skia. Reported by Clément Lecigne of Google's Threat Analysis Group on 2023-04-12
+
[1430644] Medium CVE-2023-2137: Heap buffer overflow in sqlite. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2023-04-05
+
+

+ + + + CVE-2023-2133 + CVE-2023-2134 + CVE-2023-2135 + CVE-2023-2136 + CVE-2023-2137 + https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html + + + 2023-04-20 + 2023-04-20 + + + libxml2 -- multiple vulnerabilities