VuXML: qt6-webengine -- Multiple vulnerabilities

VuXML ID	a25b323a-bed9-11ee-bdd6-4ccc6adda413
Discovery	2024-01-08
Entry	2024-01-29

Qt qtwebengine-chromium repo reports:

Backports for 15 security bugs in Chromium:

[1505053] High CVE-2023-6345: Integer overflow in Skia

[1500856] High CVE-2023-6346: Use after free in WebAudio

[1494461] High CVE-2023-6347: Use after free in Mojo

[1501326] High CVE-2023-6702: Type Confusion in V8

[1502102] High CVE-2023-6703: Use after free in Blink

[1505708] High CVE-2023-6705: Use after free in WebRTC

[1500921] High CVE-2023-6706: Use after free in FedCM

[1513170] High CVE-2023-7024: Heap buffer overflow in WebRTC

[1501798] High CVE-2024-0222: Use after free in ANGLE

[1505009] High CVE-2024-0223: Heap buffer overflow in ANGLE

[1505086] High CVE-2024-0224: Use after free in WebAudio

[1506923] High CVE-2024-0225: Use after free in WebGPU

[1513379] High CVE-2024-0333: Insufficient data validation in Extensions

[1507412] High CVE-2024-0518: Type Confusion in V8

[1517354] High CVE-2024-0519: Out of bounds memory access in V8

[source]

CVE Name	CVE-2023-6345
CVE Name	CVE-2023-6346
CVE Name	CVE-2023-6347
CVE Name	CVE-2023-6702
CVE Name	CVE-2023-6703
CVE Name	CVE-2023-6705
CVE Name	CVE-2023-6706
CVE Name	CVE-2023-7024
CVE Name	CVE-2024-0222
CVE Name	CVE-2024-0223
CVE Name	CVE-2024-0224
CVE Name	CVE-2024-0225
CVE Name	CVE-2024-0333
CVE Name	CVE-2024-0518
CVE Name	CVE-2024-0519
URL	https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=112-based

qt6-webengine -- Multiple vulnerabilities

Details

References