Security Update Chromium Component (MINDBREEZE29591)

ID: MINDBREEZE29591 
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS 
Severity: 8.4 High 
Status: Final 
First published: February 8, 2024 
CVEs: CVE-2023-5996 CVE-2023-6348 CVE-2023-6347 CVE-2023-6346 CVE-2023-6350 CVE-2023-6351 CVE-2023-6345 CVE-2023-6508 CVE-2023-6511 CVE-2023-6512 CVE-2023-6702 CVE-2023-6703 CVE-2023-6704 CVE-2023-6705 CVE-2023-6707 

Summary

Security Update Chromium Component

• CVE-2023-5996 chromium - Component: Use after free in WebAudio. 
• CVE-2023-6348 chromium - Component: Type Confusion in Spellcheck. 
• CVE-2023-6347 chromium - Component: Use after free in Mojo. 
• CVE-2023-6346 chromium - Component: Use after free in WebAudio. 
• CVE-2023-6350 chromium - Component: Out of bounds memory access in libavif. 
• CVE-2023-6351 chromium - Component: Use after free in libavif. 
• CVE-2023-6345 chromium - Component: Integer overflow in Skia. 
• CVE-2023-6508 chromium - Component: Use after free in Media Stream. 
• CVE-2023-6511 chromium - Component: Inappropriate implementation in Autofill. 
• CVE-2023-6512 chromium - Component: Inappropriate implementation in Web Browser UI. 
• CVE-2023-6702 chromium - Component: Type Confusion in V8. 
• CVE-2023-6703 chromium - Component: Use after free in Blink. 
• CVE-2023-6704 chromium - Component: Use after free in libavif. 
• CVE-2023-6705 chromium - Component: Use after free in WebRTC. 
• CVE-2023-6707 chromium - Component: Use after free in CSS.

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 23.7 Release 
• Mindbreeze InSpire SaaS 23.7 Release