Arch LinuxASA-201507-18chromium: multiple issues
EPSS
Percentile
92.0%
- CVE-2015-1270:
Uninitialized memory read in ICU.
- CVE-2015-1271:
Heap overflow in pdfium.
- CVE-2015-1272, CVE-2015-1273, CVE-2015-1279:
Use-after-free related to unexpected GPU process termination.
- CVE-2015-1274:
Settings allowed executable files to run immediately after download.
- CVE-2015-1276 :
Use-after-free in IndexedDB.
- CVE-2015-1277:
Use-after-free in accessibility.
- CVE-2015-1278:
URL spoofing using pdf files.
- CVE-2015-1280:
Memory corruption in skia.
- CVE-2015-1281:
CSP bypass.
- CVE-2015-1282:
Use-after-free in pdfium.
- CVE-2015-1283:
Heap-buffer-overflow in expat.
- CVE-2015-1284:
Use-after-free in blink.
- CVE-2015-1285:
Information leak in XSS auditor.
- CVE-2015-1286:
UXSS in blink.
- CVE-2015-1287:
SOP bypass with CSS.
- CVE-2015-1288:
Spell checking dictionaries fetched over HTTP.
- CVE-2015-1289:
Various fixes from internal audits, fuzzing and other initiatives.
References
googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html
access.redhat.com/security/cve/CVE-2015-1270
access.redhat.com/security/cve/CVE-2015-1271
access.redhat.com/security/cve/CVE-2015-1272
access.redhat.com/security/cve/CVE-2015-1273
access.redhat.com/security/cve/CVE-2015-1274
access.redhat.com/security/cve/CVE-2015-1276
access.redhat.com/security/cve/CVE-2015-1277
access.redhat.com/security/cve/CVE-2015-1278
access.redhat.com/security/cve/CVE-2015-1279
access.redhat.com/security/cve/CVE-2015-1280
access.redhat.com/security/cve/CVE-2015-1281
access.redhat.com/security/cve/CVE-2015-1282
access.redhat.com/security/cve/CVE-2015-1283
access.redhat.com/security/cve/CVE-2015-1284
access.redhat.com/security/cve/CVE-2015-1285
access.redhat.com/security/cve/CVE-2015-1286
access.redhat.com/security/cve/CVE-2015-1287
access.redhat.com/security/cve/CVE-2015-1288
access.redhat.com/security/cve/CVE-2015-1289
Related
