VDB

GCVE-110-MAGEIA-2016-214

GCVE-110-MAGEIA-2016-214
Advisory Published
Vulnetix · Advisory published June 2, 2016
Chromium-browser-stable 51.0.2704.63 fixes security issues: cross-origin bypass problems in extensions bindings (CVE-2016-1672 and CVE-2016-1676), blink (CVE-2016-1673 and CVE-2016-1675), and extensions (CVE-2016-1674) heap use-after free bugs in V8 bindings (CVE-2016-1679), Skia (CVE-2016-1680), and Autofill (CVE-2016-1690) heap buffer overflows in V8 (CVE-2016-1678), PDFium (CVE-2016-1681), media (CVE-2016-1689), and Skia (CVE-2016-1691) out-of-bounds read errors in PDFium (CVE-2016-1685 and CVE-2016-1686) and V8 (CVE-2016-1688) type confusion in V8 (CVE-2016-1677), a CSP bypass for ServiceWorker (CVE-2016-1682), an information leak in extensions (CVE-2016-1687), a limited cross-origin bypass in ServiceWorker (CVE-2016-1692), and HPKP pins removed on cache clearance (CVE-2016-1694) various fixes from upstream's internal audits, fuzzing, and other initiatives (CVE-2016-1695)

Affected Products

VendorProductVersionsPlatforms
Mageiachromium-browser-stable51.0.2704.63-1.mga5 (unaffected), 0 (affected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›