{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"120.0.6099.216-bp155.2.64.1","chromium":"120.0.6099.216-bp155.2.64.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP5","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"120.0.6099.216-bp155.2.64.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"chromedriver":"120.0.6099.216-bp155.2.64.1","chromium":"120.0.6099.216-bp155.2.64.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.5","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"120.0.6099.216-bp155.2.64.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\n- Chromium 120.0.6099.216 (boo#1217839, boo#1218048, boo#1218302,\n  boo#1218533, boo#1218719)\n\n  * CVE-2024-0333: Insufficient data validation in Extensions\n  * CVE-2024-0222: Use after free in ANGLE\n  * CVE-2024-0223: Heap buffer overflow in ANGLE\n  * CVE-2024-0224: Use after free in WebAudio\n  * CVE-2024-0225: Use after free in WebGPU\n  * CVE-2023-7024: Heap buffer overflow in WebRTC\n  * CVE-2023-6702: Type Confusion in V8\n  * CVE-2023-6703: Use after free in Blink\n  * CVE-2023-6704: Use after free in libavif (boo#1218303)\n  * CVE-2023-6705: Use after free in WebRTC\n  * CVE-2023-6706: Use after free in FedCM\n  * CVE-2023-6707: Use after free in CSS\n  * CVE-2023-6508: Use after free in Media Stream\n  * CVE-2023-6509: Use after free in Side Panel Search\n  * CVE-2023-6510: Use after free in Media Capture\n  * CVE-2023-6511: Inappropriate implementation in Autofill\n  * CVE-2023-6512: Inappropriate implementation in Web Browser UI\n\n","id":"openSUSE-SU-2024:0020-1","modified":"2024-01-16T07:30:42Z","published":"2024-01-16T07:30:42Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2KWUFI7NWEEY53YIAANSM3OSYVP7LTDM/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1217839"},{"type":"REPORT","url":"https://bugzilla.suse.com/1218048"},{"type":"REPORT","url":"https://bugzilla.suse.com/1218302"},{"type":"REPORT","url":"https://bugzilla.suse.com/1218303"},{"type":"REPORT","url":"https://bugzilla.suse.com/1218533"},{"type":"REPORT","url":"https://bugzilla.suse.com/1218719"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-6508"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-6509"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-6510"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-6511"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-6512"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-6702"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-6703"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-6704"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-6705"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-6706"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-6707"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-7024"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-0222"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-0223"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-0224"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-0225"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-0333"}],"related":["CVE-2023-6508","CVE-2023-6509","CVE-2023-6510","CVE-2023-6511","CVE-2023-6512","CVE-2023-6702","CVE-2023-6703","CVE-2023-6704","CVE-2023-6705","CVE-2023-6706","CVE-2023-6707","CVE-2023-7024","CVE-2024-0222","CVE-2024-0223","CVE-2024-0224","CVE-2024-0225","CVE-2024-0333"],"summary":"Security update for chromium","upstream":["CVE-2023-6508","CVE-2023-6509","CVE-2023-6510","CVE-2023-6511","CVE-2023-6512","CVE-2023-6702","CVE-2023-6703","CVE-2023-6704","CVE-2023-6705","CVE-2023-6706","CVE-2023-6707","CVE-2023-7024","CVE-2024-0222","CVE-2024-0223","CVE-2024-0224","CVE-2024-0225","CVE-2024-0333"]}