Chromium Security Update (MINDBREEZE30717)

ID: MINDBREEZE30717
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS
Severity: 8.8 High
Status: Final
First published: May 28, 2024
CVEs: CVE-2024-2625, CVE-2024-2626, CVE-2024-2627, CVE-2024-2883, CVE-2024-2885, CVE-2024-2886, CVE-2024-2887, CVE-2024-3157, CVE-2024-3516, CVE-2024-3515, CVE-2024-3832, CVE-2024-3833, CVE-2024-3914, CVE-2024-3837, CVE-2024-3839, CVE-2024-3840, CVE-2024-3845, CVE-2024-3846, CVE-2024-3847

Summary

chromium - Component: Object lifecycle issue in V8.
chromium - Component: Out of bounds read in Swiftshader.
chromium - Component: Use after free in Canvas.
chromium - Component: Use after free in ANGLE.
chromium - Component: Use after free in Dawn.
chromium - Component: Use after free in WebCodecs.
chromium - Component: Type Confusion in WebAssembly.
chromium - Component: Out of bounds write in Compositing.
chromium - Component: Heap buffer overflow in ANGLE.
chromium - Component: Use after free in Dawn.
chromium - Component: Object corruption in V8.
chromium - Component: Object corruption in WebAssembly.
chromium - Component: Use after free in V8.
chromium - Component: Use after free in QUIC.
chromium - Component: Out of bounds read in Fonts.
chromium - Component: Insufficient policy enforcement in Site Isolation.
chromium - Component: Inappropriate implementation in Network.
chromium - Component: Inappropriate implementation in Prompts.
chromium - Component: Insufficient policy enforcement in WebUI.

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS:

Mindbreeze InSpire 24.3 Release
Mindbreeze InSpire SaaS 24.3 Release

Chromium Security Update (MINDBREEZE30717)

Summary

Social Media

Security

Support

Newsletter

Language