Security Update Chromium Component (MINDBREEZE28926)

ID: MINDBREEZE29751 
Affected Components: Mindbreeze InSpire G7, Mindbreeze InSpire SaaS 
Severity: 6.8 Medium 
Status: Final 
First published: February 8, 2024 
CVEs: CVE-2023-5217 CVE-2023-5346 CVE-2023-5218 CVE-2023-5484 CVE-2023-5475 CVE-2023-5476 CVE-2023-5474 CVE-2023-5486 

Summary

Security Update Chromium Component

  • CVE-2023-5217 chromium - Component: Heap buffer overflow in vp8 encoding in libvpx. 
  • CVE-2023-5346 chromium - Component: Type Confusion in V8. 
  • CVE-2023-5218 chromium - Component: Use after free in Site Isolation. 
  • CVE-2023-5484 chromium - Component: Inappropriate implementation in Navigation. 
  • CVE-2023-5475 chromium - Component: Inappropriate implementation in DevTools. 
  • CVE-2023-5476 chromium - Component: Use after free in Blink History. 
  • CVE-2023-5474 chromium - Component: Heap buffer overflow in PDF. 
  • CVE-2023-5486 chromium - Component: Inappropriate implementation in Input. 

 

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS

  • Mindbreeze InSpire 23.7 Release 
  • Mindbreeze InSpire SaaS 23.7 Release