Security Update Chromium Component (MINDBREEZE28926)

ID: MINDBREEZE29751 
Affected Components: Mindbreeze InSpire G7, Mindbreeze InSpire SaaS 
Severity: 6.8 Medium 
Status: Final 
First published: February 8, 2024 
CVEs: CVE-2023-5217 CVE-2023-5346 CVE-2023-5218 CVE-2023-5484 CVE-2023-5475 CVE-2023-5476 CVE-2023-5474 CVE-2023-5486 

Summary

Security Update Chromium Component

• CVE-2023-5217 chromium - Component: Heap buffer overflow in vp8 encoding in libvpx. 
• CVE-2023-5346 chromium - Component: Type Confusion in V8. 
• CVE-2023-5218 chromium - Component: Use after free in Site Isolation. 
• CVE-2023-5484 chromium - Component: Inappropriate implementation in Navigation. 
• CVE-2023-5475 chromium - Component: Inappropriate implementation in DevTools. 
• CVE-2023-5476 chromium - Component: Use after free in Blink History. 
• CVE-2023-5474 chromium - Component: Heap buffer overflow in PDF. 
• CVE-2023-5486 chromium - Component: Inappropriate implementation in Input. 

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 23.7 Release 
• Mindbreeze InSpire SaaS 23.7 Release