vulnerability
FreeBSD: VID-a692bffe-b6ad-11e7-a1c2-e8e0b747a45a (CVE-2017-15389): chromium -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Oct 21, 2017 | Oct 23, 2017 | Dec 10, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Oct 21, 2017
Added
Oct 23, 2017
Modified
Dec 10, 2025
Description
Google Chrome Releases reports: 35 security fixes in this release, including: [762930] High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07 [749147] High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26 [760455] High CVE-2017-5126: Use after free in PDFium. Reported by Luat Nguyen on KeenLab, Tencent on 2017-08-30 [765384] High CVE-2017-5127: Use after free in PDFium. Reported by Luat Nguyen on KeenLab, Tencent on 2017-09-14 [765469] High CVE-2017-5128: Heap overflow in WebGL. Reported by Omair on 2017-09-14 [765495] High CVE-2017-5129: Use after free in WebAudio. Reported by Omair on 2017-09-15 [718858] High CVE-2017-5132: Incorrect stack manipulation in WebAssembly. Reported by Gaurav Dewan of Adobe Systems India Pvt. Ltd. on 2017-05-05 [722079] High CVE-2017-5130: Heap overflow in libxml2. Reported by Pranjal Jumde on 2017-05-14 [744109] Medium CVE-2017-5131: Out of bounds write in Skia. Reported by Anonymous on 2017-07-16 [762106] Medium CVE-2017-5133: Out of bounds write in Skia. Reported by Aleksandar Nikolic of Cisco Talos on 2017-09-05 [752003] Medium CVE-2017-15386: UI spoofing in Blink. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-08-03 [756040] Medium CVE-2017-15387: Content security bypass. Reported by Jun Kokatsu on 2017-08-16 [756563] Medium CVE-2017-15388: Out of bounds read in Skia. Reported by Kushal Arvind Shah of Fortinet's FortiGuard Labs on 2017-08-17 [739621] Medium CVE-2017-15389: URL spoofing in Omnibox. Reported by xisigr of Tencent's Xuanwu Lab on 2017-07-06 [750239] Medium CVE-2017-15390: URL spoofing in Omnibox. Reported by Haosheng Wang on 2017-07-28 [598265] Low CVE-2017-15391: Extension limitation bypass in Extensions. Reported by Joao Lucas Melo Brasio on 2016-03-28 [714401] Low CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. Reported by Xiaoyin Liu on 2017-04-22 [732751] Low CVE-2017-15393: Referrer leak in Devtools. Reported by Svyat Mitin on 2017-06-13 [745580] Low CVE-2017-15394: URL spoofing in extensions UI. Reported by Sam on 2017-07-18 [759457] Low CVE-2017-15395: Null pointer dereference in ImageCapture. Reported by Johannes Bergman on 2017-08-28 [775550] Various fixes from internal audits, fuzzing and other initiatives
Solution
freebsd-upgrade-package-chromium
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.