Chromium Security Update (MINDBREEZE33366)

ID: MINDBREEZE33366 
Affected Components: Mindbreeze InSpire SaaS, Mindbreeze InSpire    
Severity: High
Status: Final 
First published: December 20, 2024 
CVEs: CVE-2024-9954, CVE-2024-9955, CVE-2024-9956, CVE-2024-9957, CVE-2024-9960, CVE-2024-9961, CVE-2024-9962, CVE-2024-9964, CVE-2024-9966, CVE-2024-10230, CVE-2024-10231, CVE-2024-11110, CVE-2024-11111, CVE-2024-11112, CVE-2024-11113, CVE-2024-11114, CVE-2024-11115, CVE-2024-11116, CVE-2024-11117, CVE-2024-10487, CVE-2024-10827

Summary

• chromium - Component: Use after free in AI. 
• chromium - Component: Use after free in Web Authentication. 
• chromium - Component: Inappropriate implementation in Web Authentication. 
• chromium - Component: Use after free in UI. 
• chromium - Component: Use after free in Dawn. 
• chromium - Component: Use after free in Parcel Tracking. 
• chromium - Component: Inappropriate implementation in Permissions. 
• chromium - Component: Inappropriate implementation in Payments. 
• chromium - Component: Inappropriate implementation in Navigations. 
• chromium - Component: Type Confusion in V8. 
• chromium - Component: Inappropriate implementation in Blink. 
• chromium - Component: Inappropriate implementation in Autofill. 
• chromium - Component: Use after free in Media. 
• chromium - Component: Use after free in Accessibility. 
• chromium - Component: Inappropriate implementation in Views. 
• chromium - Component: Insufficient policy enforcement in Navigation. 
• chromium - Component: Inappropriate implementation in Paint. 
• chromium - Component: Inappropriate implementation in FileSystem. 
• chromium - Component: Out of bounds write in Dawn. 

• chromium - Component: Use after free in Serial.  

   

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire SaaS Release 24.8  
• Mindbreeze InSpire 24.8 Release