Chromium Security Update (MINDBREEZE30717)
ID: MINDBREEZE30717
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS
Severity: 8.8 High
Status: Final
First published: May 28, 2024
CVEs: CVE-2024-2625, CVE-2024-2626, CVE-2024-2627, CVE-2024-2883, CVE-2024-2885, CVE-2024-2886, CVE-2024-2887, CVE-2024-3157, CVE-2024-3516, CVE-2024-3515, CVE-2024-3832, CVE-2024-3833, CVE-2024-3914, CVE-2024-3837, CVE-2024-3839, CVE-2024-3840, CVE-2024-3845, CVE-2024-3846, CVE-2024-3847
Summary
- chromium - Component: Object lifecycle issue in V8.
- chromium - Component: Out of bounds read in Swiftshader.
- chromium - Component: Use after free in Canvas.
- chromium - Component: Use after free in ANGLE.
- chromium - Component: Use after free in Dawn.
- chromium - Component: Use after free in WebCodecs.
- chromium - Component: Type Confusion in WebAssembly.
- chromium - Component: Out of bounds write in Compositing.
- chromium - Component: Heap buffer overflow in ANGLE.
- chromium - Component: Use after free in Dawn.
- chromium - Component: Object corruption in V8.
- chromium - Component: Object corruption in WebAssembly.
- chromium - Component: Use after free in V8.
- chromium - Component: Use after free in QUIC.
- chromium - Component: Out of bounds read in Fonts.
- chromium - Component: Insufficient policy enforcement in Site Isolation.
- chromium - Component: Inappropriate implementation in Network.
- chromium - Component: Inappropriate implementation in Prompts.
- chromium - Component: Insufficient policy enforcement in WebUI.
Hotfix Information
Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS:
- Mindbreeze InSpire 24.3 Release
- Mindbreeze InSpire SaaS 24.3 Release