Lucene search
Https://packages.altlinux.org/en/sisyphus/security/AF33DF2FCB7CD238CA2AC81CF198F71EHistoryApr 04, 2023 - 12:00 a.m.
Security fix for the ALT Linux 10 package yandex-browser-stable version 23.1.2.1033-alt1
2023-04-0400:00:00
https://packages.altlinux.org/en/sisyphus/security/
packages.altlinux.org
25
alt linux 10
yandex browser
security fix
version 23.1.2
cve-2022-4436
cve-2022-4437
cve-2022-4438
cve-2022-4439
cve-2022-4440
cve-2022-4262
cve-2022-4174
cve-2022-4175
cve-2022-4176
cve-2022-4177
cve-2022-4178
cve-2022-4179
cve-2022-4180
cve-2022-4181
cve-2022-4182
cve-2022-4183
cve-2022-4184
cve-2022-4185
cve-2022-4186
cve-2022-4187
cve-2022-4188
cve-2022-4189
cve-2022-4190
cve-2022-4191
cve-2022-4192
cve-2022-4193
cve-2022-4194
cve-2022-4195
cve-2022-4135
cve-2022-3885
cve-2022-3886
cve-2022-3887
cve-2022-3888
cve-2022-3889
cve-2022-3890
cve-2022-3723
cve-2022-3652
cve-2022-3653
cve-2022-3654
cve-2022-3655
cve-2022-3656
cve-2022-3657
cve-2022-3658
cve-2022-3659
cve-2022-3660
cve-2022-3661
unix
EPSS
0.035
Percentile
91.7%
23.1.2.1033-alt1 built April 4, 2023 Yandex Browser Team in task #317282
March 20, 2023 Yandex Browser Team
- browser updated to 23.1.2
+ High CVE-2022-4436: Use after free in Blink Media.
+ High CVE-2022-4437: Use after free in Mojo IPC.
+ High CVE-2022-4438: Use after free in Blink Frames.
+ High CVE-2022-4439: Use after free in Aura.
+ Medium CVE-2022-4440: Use after free in Profiles.
+ High CVE-2022-4262: Type Confusion in V8.
+ High CVE-2022-4174: Type Confusion in V8.
+ High CVE-2022-4175: Use after free in Camera Capture.
+ High CVE-2022-4176: Out of bounds write in Lacros Graphics.
+ High CVE-2022-4177: Use after free in Extensions.
+ High CVE-2022-4178: Use after free in Mojo.
+ High CVE-2022-4179: Use after free in Audio.
+ High CVE-2022-4180: Use after free in Mojo.
+ High CVE-2022-4181: Use after free in Forms.
+ Medium CVE-2022-4182: Inappropriate implementation in Fenced Frames.
+ Medium CVE-2022-4183: Insufficient policy enforcement in Popup Blocker.
+ Medium CVE-2022-4184: Insufficient policy enforcement in Autofill.
+ Medium CVE-2022-4185: Inappropriate implementation in Navigation.
+ Medium CVE-2022-4186: Insufficient validation of untrusted input in Downloads.
+ Medium CVE-2022-4187: Insufficient policy enforcement in DevTools.
+ Medium CVE-2022-4188: Insufficient validation of untrusted input in CORS.
+ Medium CVE-2022-4189: Insufficient policy enforcement in DevTools.
+ Medium CVE-2022-4190: Insufficient data validation in Directory.
+ Medium CVE-2022-4191: Use after free in Sign-In.
+ Medium CVE-2022-4192: Use after free in Live Caption.
+ Medium CVE-2022-4193: Insufficient policy enforcement in File System API.
+ Medium CVE-2022-4194: Use after free in Accessibility.
+ Medium CVE-2022-4195: Insufficient policy enforcement in Safe Browsing.
+ High CVE-2022-4135: Heap buffer overflow in GPU.
+ High CVE-2022-3885: Use after free in V8.
+ High CVE-2022-3886: Use after free in Speech Recognition.
+ High CVE-2022-3887: Use after free in Web Workers.
+ High CVE-2022-3888: Use after free in WebCodecs.
+ High CVE-2022-3889: Type Confusion in V8.
+ High CVE-2022-3890: Heap buffer overflow in Crashpad.
+ High CVE-2022-3723: Type Confusion in V8.
+ High CVE-2022-3652: Type Confusion in V8.
+ High CVE-2022-3653: Heap buffer overflow in Vulkan.
+ High CVE-2022-3654: Use after free in Layout.
+ Medium CVE-2022-3655: Heap buffer overflow in Media Galleries.
+ Medium CVE-2022-3656: Insufficient data validation in File System.
+ Medium CVE-2022-3657: Use after free in Extensions.
+ Medium CVE-2022-3658: Use after free in Feedback service on Chrome OS.
+ Medium CVE-2022-3659: Use after free in Accessibility.
+ Medium CVE-2022-3660: Inappropriate implementation in Full screen mode.
+ Low CVE-2022-3661: Insufficient data validation in Extensions.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ALT Linux | 10 | src | yandex-browser-stable-23.3.1.946-alt1.src.rpm | < 23.1.2.1033-alt1 | yandex-browser-stable-23.3.1.946-alt1.src.rpm |
| ALT Linux | 10 | x86_64 | yandex-browser-stable-23.3.1.946-alt1.x86_64.rpm | < 23.1.2.1033-alt1 | yandex-browser-stable-23.3.1.946-alt1.x86_64.rpm |
Related
nessus
nessus
Google Chrome < 108.0.5359.71 Multiple Vulnerabilities
2022-11-29 00:00:00
FreeBSD : chromium -- multiple vulnerabilities (5f7ed6ea-70a7-11ed-92ce-3065ec8fd3ec)
2022-11-30 00:00:00
Debian DSA-5293-1 : chromium - security update
2022-12-05 00:00:00
osv
osv
chromedriver-108.0.5359.71-1.1 on GA media
2024-06-15 00:00:00
chromium - security update
2022-12-03 00:00:00
chromedriver-107.0.5304.87-1.1 on GA media
2024-06-15 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2022-11-29 00:00:00
chromium -- multiple vulnerabilities
2022-10-25 00:00:00
chromium -- multiple vulnerabilities
2022-11-08 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2022-12-07 02:32:48
Updated chromium-browser-stable packages fix security vulnerabilities
2022-11-13 05:25:20
Updated chromium-browser-stable packages fix security vulnerability
2022-12-24 12:14:14
debian
debian
[SECURITY] [DSA 5293-1] chromium security update
2022-12-03 14:24:37
[SECURITY] [DSA 5261-1] chromium security update
2022-10-26 18:26:49
[SECURITY] [DSA 5275-1] chromium security update
2022-11-10 22:46:09
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0451)
2022-12-07 00:00:00
kaspersky
kaspersky
KLA20104 Multiple vulnerabilities in Google Chrome
2022-11-29 00:00:00
KLA20109 Multiple vulnerabilities in Microsoft Browser
2022-12-05 00:00:00
KLA20019 Multiple vulnerabilities in Microsoft Browser
2022-10-27 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2022-11-29 00:00:00
Stable Channel Update for Desktop
2022-11-08 00:00:00
Stable Channel Update for Desktop
2022-12-13 00:00:00
suse
suse
Security update for chromium (important)
2022-10-31 00:00:00
Security update for chromium (important)
2022-10-31 00:00:00
redos
redos
ROS-20231114-01
2023-11-14 00:00:00
gentoo
gentoo
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
2023-05-03 00:00:00
qualysblog
qualysblog
Don’t Spend Your Holiday Season Patching Chrome
2022-11-29 18:26:11
Don’t spend another weekend patching Chrome
2022-10-28 22:07:37
Chrome Zero Day – Just Before the Weekend (again)
2022-10-28 19:40:19
cve
cve
nvd
nvd
debiancve
debiancve
rapid7blog
rapid7blog
Patch Tuesday - December 2022
2022-12-13 21:24:06
cnvd
cnvd
Google Chrome V8 Code Execution Vulnerability (CNVD-2022-85092)
2022-10-31 00:00:00
Google Chrome Extensions Code Execution Vulnerability (CNVD-2023-04555)
2022-11-30 00:00:00
Google Chrome has an unspecified vulnerability (CNVD-2022-86348)
2022-11-30 00:00:00
cisa_kev
cisa_kev
Google Chromium V8 Type Confusion Vulnerability
2022-10-28 00:00:00
mscve
mscve
Chromium: CVE-2022-3723 Type Confusion in V8
2022-10-31 19:31:11
Chromium: CVE-2022-4440 Use after free in Profiles
2022-12-16 15:56:09
Chromium: CVE-2022-4177 Use after free in Extensions
2022-12-05 08:00:00
prion
prion
Type confusion
2022-11-01 23:15:00
Design/Logic Flaw
2022-12-14 06:15:00
Design/Logic Flaw
2022-11-09 04:15:00
malwarebytes
malwarebytes
A Chrome fix for an in-the-wild exploit is out—Check your version
2022-10-28 21:45:00
attackerkb
attackerkb
CVE-2022-3723
2022-11-01 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-03-13 00:11:40
Use After Free
2022-12-11 05:25:40
Denial Of Service (DoS)
2022-12-11 05:25:26
cvelist
cvelist
ubuntucve
ubuntucve
alpinelinux
alpinelinux
CVE-2022-3889
2022-11-09 04:15:10
CVE-2022-3890
2022-11-09 04:15:10
hivepro
hivepro
Google Chrome’s seventh zero-day of 2022
2022-11-01 05:21:34