VuXML: chromium -- multiple security fixes

VuXML ID	8cdd38c7-8ebb-11ee-86bb-a8a1599412c6
Discovery	2023-11-28
Entry	2023-11-29

Chrome Releases reports:

This update includes 7 security fixes:

[1491459] High CVE-2023-6348: Type Confusion in Spellcheck. Reported by Mark Brand of Google Project Zero on 2023-10-10

[1494461] High CVE-2023-6347: Use after free in Mojo. Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2023-10-21

[1500856] High CVE-2023-6346: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-09

[1501766] High CVE-2023-6350: Out of bounds memory access in libavif. Reported by Fudan University on 2023-11-13

[1501770] High CVE-2023-6351: Use after free in libavif. Reported by Fudan University on 2023-11-13

[1505053] High CVE-2023-6345: Integer overflow in Skia. Reported by Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group on 2023-11-24

[source]

CVE Name	CVE-2023-6345
CVE Name	CVE-2023-6346
CVE Name	CVE-2023-6347
CVE Name	CVE-2023-6348
CVE Name	CVE-2023-6350
CVE Name	CVE-2023-6351
URL	https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html

chromium -- multiple security fixes

Details

References