Lucene search
Https://packages.altlinux.org/en/sisyphus/security/FB1E7CD6E855BA1B20237B2CD8BE0A03HistoryApr 11, 2023 - 12:00 a.m.
Security fix for the ALT Linux 10 package yandex-browser-stable version 23.3.1.916-alt1
2023-04-1100:00:00
https://packages.altlinux.org/en/sisyphus/security/
packages.altlinux.org
43
yandex browser
security fix
version 23.3.1
use after free
heap buffer overflow
type confusion
inappropriate implementation
insufficient policy enforcement
integer overflow
alt linux 10
webclient
EPSS
0.018
Percentile
88.5%
April 11, 2023 Yandex Browser Team 23.3.1.916-alt1
- Browser updated to 23.3.1
+ Critical CVE-2023-0941: Use after free in Prompts.
+ High CVE-2023-0927: Use after free in Web Payments API.
+ High CVE-2023-0928: Use after free in SwiftShader.
+ High CVE-2023-0929: Use after free in Vulkan.
+ High CVE-2023-0930: Heap buffer overflow in Video.
+ High CVE-2023-0931: Use after free in Video.
+ High CVE-2023-0932: Use after free in WebRTC.
+ Medium CVE-2023-0933: Integer overflow in PDF.
+ High CVE-2023-0696: Type Confusion in V8.
+ High CVE-2023-0697: Inappropriate implementation in Full screen mode.
+ High CVE-2023-0698: Out of bounds read in WebRTC.
+ Medium CVE-2023-0699: Use after free in GPU.
+ Medium CVE-2023-0700: Inappropriate implementation in Download.
+ Medium CVE-2023-0701: Heap buffer overflow in WebUI.
+ Medium CVE-2023-0702: Type Confusion in Data Transfer.
+ Medium CVE-2023-0703: Type Confusion in DevTools.
+ Low CVE-2023-0704: Insufficient policy enforcement in DevTools.
+ Low CVE-2023-0705: Integer overflow in Core.
+ High CVE-2023-0471: Use after free in WebTransport.
+ High CVE-2023-0472: Use after free in WebRTC.
+ Medium CVE-2023-0473: Type Confusion in ServiceWorker API.
+ Medium CVE-2023-0474: Use after free in GuestView.
+ High CVE-2023-0128: Use after free in Overview Mode.
+ High CVE-2023-0129: Heap buffer overflow in Network Service.
+ Medium CVE-2023-0130: Inappropriate implementation in Fullscreen API.
+ Medium CVE-2023-0131: Inappropriate implementation in iframe Sandbox.
+ Medium CVE-2023-0132: Inappropriate implementation in Permission prompts.
+ Medium CVE-2023-0133: Inappropriate implementation in Permission prompts.
+ Medium CVE-2023-0134: Use after free in Cart.
+ Medium CVE-2023-0135: Use after free in Cart.
+ Medium CVE-2023-0136: Inappropriate implementation in Fullscreen API.
+ Medium CVE-2023-0137: Heap buffer overflow in Platform Apps.
+ Low CVE-2023-0138: Heap buffer overflow in libphonenumber.
+ Low CVE-2023-0139: Insufficient validation of untrusted input in Downloads.
+ Low CVE-2023-0140: Inappropriate implementation in File System API.
+ Low CVE-2023-0141: Insufficient policy enforcement in CORS.
- Set provides webclient (closes: [#43564](<https://bugzilla.altlinux.org/43564>))
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ALT Linux | 10 | src | yandex-browser-stable-23.3.1.946-alt1.src.rpm | < 23.3.1.916-alt1 | yandex-browser-stable-23.3.1.946-alt1.src.rpm |
| ALT Linux | 10 | x86_64 | yandex-browser-stable-23.3.1.946-alt1.x86_64.rpm | < 23.3.1.916-alt1 | yandex-browser-stable-23.3.1.946-alt1.x86_64.rpm |
Related
openvas
openvas
Google Chrome Security Update (stable-channel-update-for-desktop-2023-01) - Linux
2023-01-11 00:00:00
openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0016-1)
2024-03-04 00:00:00
Debian: Security Advisory (DSA-5317-1)
2023-01-15 00:00:00
kaspersky
kaspersky
KLA20150 Multiple vulnerabilities in Google Chrome
2023-01-10 00:00:00
KLA40222 Multiple vulnerabilities in Opera
2023-02-22 00:00:00
KLA20220 Multiple vulnerabilities in Google Chrome
2023-02-07 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2023-01-10 00:00:00
chromium -- multiple vulnerabilities
2023-02-07 00:00:00
chromium -- multiple vulnerabilities
2023-02-22 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2023-01-10 00:00:00
Stable Channel Update for Desktop
2023-02-07 00:00:00
Stable Channel Desktop Update
2023-02-22 00:00:00
nessus
nessus
FreeBSD : chromium -- multiple vulnerabilities (7b929503-911d-11ed-a925-3065ec8fd3ec)
2023-01-10 00:00:00
Google Chrome < 109.0.5414.74 Multiple Vulnerabilities (deprecated)
2023-01-10 00:00:00
Debian DSA-5317-1 : chromium - security update
2023-01-14 00:00:00
debian
debian
[SECURITY] [DSA 5317-1] chromium security update
2023-01-13 19:18:06
[SECURITY] [DSA 5345-1] chromium security update
2023-02-08 19:13:01
[SECURITY] [DSA 5359-1] chromium security update
2023-02-23 22:02:55
osv
osv
chromium - security update
2023-01-13 00:00:00
chromedriver-109.0.5414.74-1.1 on GA media
2024-06-15 00:00:00
chromium-browser vulnerabilities
2023-02-21 15:53:57
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2023-01-24 10:58:25
Updated chromium-browser-stable packages fix security vulnerability
2023-03-02 00:14:31
Updated chromium-browser-stable packages fix security vulnerability
2023-02-15 01:43:23
ubuntu
ubuntu
Chromium vulnerabilities
2023-02-21 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: chromium-110.0.5481.177-1.fc38
2023-03-11 03:43:26
[SECURITY] Fedora 36 Update: chromium-110.0.5481.77-1.fc36
2023-02-13 01:26:42
[SECURITY] Fedora 37 Update: chromium-109.0.5414.119-1.fc37
2023-02-03 01:29:14
prion
prion
Design/Logic Flaw
2023-02-07 21:15:00
Design/Logic Flaw
2023-02-07 21:15:00
debiancve
debiancve
CVE-2023-0697
2023-02-07 21:15:09
CVE-2023-0130
2023-01-10 20:15:10
veracode
veracode
Spoofing Attacks
2023-03-12 18:56:59
Spoofing Attack
2023-03-12 20:33:55
cve
cve
mscve
mscve
Chromium:CVE-2023-0140: Inappropriate implementation in File System API
2023-01-12 20:43:55
Chromium: CVE-2023-0700 Inappropriate implementation in Download
2023-02-09 20:57:29
cvelist
cvelist
CVE-2023-0140
2023-01-10 00:00:00
CVE-2023-0697
2023-02-07 00:00:00
nvd
nvd
ubuntucve
ubuntucve
CVE-2023-0140
2023-01-10 00:00:00