VuXML: chromium -- multiple vulnerabilities

VuXML ID	90c48c04-d549-4fc0-a503-4775e32d438e
Discovery	2023-04-20
Entry	2023-04-20

Chrome Releases reports:

This update includes 8 security fixes:

[1429197] High CVE-2023-2133: Out of bounds memory access in Service Worker API. Reported by Rong Jian of VRI on 2023-03-30

[1429201] High CVE-2023-2134: Out of bounds memory access in Service Worker API. Reported by Rong Jian of VRI on 2023-03-30

[1424337] High CVE-2023-2135: Use after free in DevTools. Reported by Cassidy Kim(@cassidy6564) on 2023-03-14

[1432603] High CVE-2023-2136: Integer overflow in Skia. Reported by Clément Lecigne of Google's Threat Analysis Group on 2023-04-12

[1430644] Medium CVE-2023-2137: Heap buffer overflow in sqlite. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2023-04-05

[source]

CVE Name	CVE-2023-2133
CVE Name	CVE-2023-2134
CVE Name	CVE-2023-2135
CVE Name	CVE-2023-2136
CVE Name	CVE-2023-2137
URL	https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html

chromium -- multiple vulnerabilities

Details

References