AVG-250

Package chromium
Status Fixed
Severity Critical
Type multiple issues
Affected 57.0.2987.133-1
Fixed 58.0.3029.81-1
Current 67.0.3396.87-2 [extra]
Ticket None
Created Thu Apr 20 08:24:19 2017
Issue Severity Remote Type Description
CVE-2017-5069 Low Yes Same-origin policy bypass
A cross-origin bypass issue has been found in the Blink component of the Chromium browser.
CVE-2017-5067 Medium Yes Content spoofing
A URL spoofing issue has been found in the Omnibox component of the Chromium browser.
CVE-2017-5066 Medium Yes Incorrect calculation
An incorrect signature handing issue has been found in the Networking component of the Chromium browser.
CVE-2017-5065 Medium Yes Content spoofing
An incorrect UI issue has been found in the Blink component of the Chromium browser.
CVE-2017-5064 Medium Yes Arbitrary code execution
A use after free flaw has been found in the Blink component of the Chromium browser.
CVE-2017-5063 Medium Yes Arbitrary code execution
A heap overflow issue has been found in the Skia component of the Chromium browser.
CVE-2017-5062 Medium Yes Arbitrary code execution
A use after free issue has been found in the Chrome Apps component of the Chromium browser.
CVE-2017-5061 Medium Yes Content spoofing
A URL spoofing issue has been found in the Omnibox component of the Chromium browser.
CVE-2017-5060 Medium Yes Content spoofing
A URL spoofing issue has been found in the Omnibox component of the Chromium browser.
CVE-2017-5059 Critical Yes Arbitrary code execution
A type confusion issue has been found in the Blink component of the Chromium browser.
CVE-2017-5058 Critical Yes Arbitrary code execution
A heap use after free issue has been found in the Print Preview component of the Chromium browser.
CVE-2017-5057 Critical Yes Arbitrary code execution
A type confusion issue has been found in the PDFium component of the Chromium browser.
Date Advisory Package Description
20 Apr 2017 ASA-201704-5 chromium multiple issues
References
https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html