VuXML: qt6-webengine -- Multiple vulnerabilities

Affected packages

qt6-webengine

6.7.0

Details

VuXML ID	c6f03ea6-12de-11ef-83d8-4ccc6adda413
Discovery	2024-04-03
Entry	2024-05-15

VuXML ID

c6f03ea6-12de-11ef-83d8-4ccc6adda413

Discovery

2024-04-03

Entry

2024-05-15

Qt qtwebengine-chromium repo reports:

Backports for 16 security bugs in Chromium:

CVE-2024-2625: Object lifecycle issue in V8

CVE-2024-2626: Out of bounds read in Swiftshader

CVE-2024-2885: Use after free in Dawn

CVE-2024-2887: Type Confusion in WebAssembly

CVE-2024-3157: Out of bounds write in Compositing

CVE-2024-3159: Out of bounds memory access in V8

CVE-2024-3516: Heap buffer overflow in ANGLE

CVE-2024-3837: Use after free in QUIC

CVE-2024-3839: Out of bounds read in Fonts

CVE-2024-3914: Use after free in V8

CVE-2024-3840: Insufficient policy enforcement in Site Isolation

CVE-2024-4058: Type Confusion in ANGLE

CVE-2024-4060: Use after free in Dawn

CVE-2024-4331: Use after free in Picture In Picture

CVE-2024-4368: Use after free in Dawn

CVE-2024-4671: Use after free in Visuals

[source]

References

CVE Name

CVE-2024-2625

CVE Name

CVE-2024-2626

CVE Name

CVE-2024-2885

CVE Name

CVE-2024-2887

CVE Name

CVE-2024-3157

CVE Name

CVE-2024-3159

CVE Name

CVE-2024-3516

CVE Name

CVE-2024-3837

CVE Name

CVE-2024-3839

CVE Name

CVE-2024-3840

CVE Name

CVE-2024-3914

CVE Name

CVE-2024-4058

CVE Name

CVE-2024-4060

CVE Name

CVE-2024-4331

CVE Name

CVE-2024-4368

CVE Name

CVE-2024-4671

URL

https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=118-based