VuXML: qt5-webengine -- Multiple vulnerabilities

Affected packages

qt5-webengine

5.15.16.p5_4

Details

VuXML ID	a11e7dd1-bed4-11ee-bdd6-4ccc6adda413
Discovery	2024-01-08
Entry	2024-01-29

VuXML ID

a11e7dd1-bed4-11ee-bdd6-4ccc6adda413

Discovery

2024-01-08

Entry

2024-01-29

Qt qtwebengine-chromium repo reports:

Backports for 8 security bugs in Chromium:

[1505053] High CVE-2023-6345: Integer overflow in Skia

[1501326] High CVE-2023-6702: Type Confusion in V8

[1513170] High CVE-2023-7024: Heap buffer overflow in WebRTC

[1501798] High CVE-2024-0222: Use after free in ANGLE

[1505086] High CVE-2024-0224: Use after free in WebAudio

[1513379] High CVE-2024-0333: Insufficient data validation in Extensions

[1507412] High CVE-2024-0518: Type Confusion in V8

[1517354] High CVE-2024-0519: Out of bounds memory access in V8

[source]

References

CVE Name

CVE-2023-6345

CVE Name

CVE-2023-6702

CVE Name

CVE-2023-7024

CVE Name

CVE-2024-0222

CVE Name

CVE-2024-0224

CVE Name

CVE-2024-0333

CVE Name

CVE-2024-0518

CVE Name

CVE-2024-0519

URL

https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=87-based