Security Update Chromium Component (MINDBREEZE29591)
ID: MINDBREEZE29591
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS
Severity: 8.4 High
Status: Final
First published: February 8, 2024
CVEs: CVE-2023-5996 CVE-2023-6348 CVE-2023-6347 CVE-2023-6346 CVE-2023-6350 CVE-2023-6351 CVE-2023-6345 CVE-2023-6508 CVE-2023-6511 CVE-2023-6512 CVE-2023-6702 CVE-2023-6703 CVE-2023-6704 CVE-2023-6705 CVE-2023-6707
Summary
Security Update Chromium Component
- CVE-2023-5996 chromium - Component: Use after free in WebAudio.
- CVE-2023-6348 chromium - Component: Type Confusion in Spellcheck.
- CVE-2023-6347 chromium - Component: Use after free in Mojo.
- CVE-2023-6346 chromium - Component: Use after free in WebAudio.
- CVE-2023-6350 chromium - Component: Out of bounds memory access in libavif.
- CVE-2023-6351 chromium - Component: Use after free in libavif.
- CVE-2023-6345 chromium - Component: Integer overflow in Skia.
- CVE-2023-6508 chromium - Component: Use after free in Media Stream.
- CVE-2023-6511 chromium - Component: Inappropriate implementation in Autofill.
- CVE-2023-6512 chromium - Component: Inappropriate implementation in Web Browser UI.
- CVE-2023-6702 chromium - Component: Type Confusion in V8.
- CVE-2023-6703 chromium - Component: Use after free in Blink.
- CVE-2023-6704 chromium - Component: Use after free in libavif.
- CVE-2023-6705 chromium - Component: Use after free in WebRTC.
- CVE-2023-6707 chromium - Component: Use after free in CSS.
Hotfix Information
Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS:
- Mindbreeze InSpire 23.7 Release
- Mindbreeze InSpire SaaS 23.7 Release