Security Update Chromium Component (MINDBREEZE28926)
ID: MINDBREEZE29751
Affected Components: Mindbreeze InSpire G7, Mindbreeze InSpire SaaS
Severity: 6.8 Medium
Status: Final
First published: February 8, 2024
CVEs: CVE-2023-5217 CVE-2023-5346 CVE-2023-5218 CVE-2023-5484 CVE-2023-5475 CVE-2023-5476 CVE-2023-5474 CVE-2023-5486
Summary
Security Update Chromium Component
- CVE-2023-5217 chromium - Component: Heap buffer overflow in vp8 encoding in libvpx.
- CVE-2023-5346 chromium - Component: Type Confusion in V8.
- CVE-2023-5218 chromium - Component: Use after free in Site Isolation.
- CVE-2023-5484 chromium - Component: Inappropriate implementation in Navigation.
- CVE-2023-5475 chromium - Component: Inappropriate implementation in DevTools.
- CVE-2023-5476 chromium - Component: Use after free in Blink History.
- CVE-2023-5474 chromium - Component: Heap buffer overflow in PDF.
- CVE-2023-5486 chromium - Component: Inappropriate implementation in Input.
Hotfix Information
Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS:
- Mindbreeze InSpire 23.7 Release
- Mindbreeze InSpire SaaS 23.7 Release