chromedriver-110.0.5481.177-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:12724-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z chromedriver-110.0.5481.177-1.1 on GA media These are all security issues fixed in the chromedriver-110.0.5481.177-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-12724 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2023-0927/ SUSE CVE CVE-2023-0927 page https://www.suse.com/security/cve/CVE-2023-0928/ SUSE CVE CVE-2023-0928 page https://www.suse.com/security/cve/CVE-2023-0929/ SUSE CVE CVE-2023-0929 page https://www.suse.com/security/cve/CVE-2023-0930/ SUSE CVE CVE-2023-0930 page https://www.suse.com/security/cve/CVE-2023-0931/ SUSE CVE CVE-2023-0931 page https://www.suse.com/security/cve/CVE-2023-0932/ SUSE CVE CVE-2023-0932 page https://www.suse.com/security/cve/CVE-2023-0933/ SUSE CVE CVE-2023-0933 page https://www.suse.com/security/cve/CVE-2023-0941/ SUSE CVE CVE-2023-0941 page openSUSE Tumbleweed chromedriver-110.0.5481.177-1.1 chromium-110.0.5481.177-1.1 chromedriver-110.0.5481.177-1.1 as a component of openSUSE Tumbleweed chromium-110.0.5481.177-1.1 as a component of openSUSE Tumbleweed Use after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0927 openSUSE Tumbleweed:chromedriver-110.0.5481.177-1.1 openSUSE Tumbleweed:chromium-110.0.5481.177-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0927.html CVE-2023-0927 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in SwiftShader in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0928 openSUSE Tumbleweed:chromedriver-110.0.5481.177-1.1 openSUSE Tumbleweed:chromium-110.0.5481.177-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0928.html CVE-2023-0928 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in Vulkan in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0929 openSUSE Tumbleweed:chromedriver-110.0.5481.177-1.1 openSUSE Tumbleweed:chromium-110.0.5481.177-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0929.html CVE-2023-0929 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Heap buffer overflow in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0930 openSUSE Tumbleweed:chromedriver-110.0.5481.177-1.1 openSUSE Tumbleweed:chromium-110.0.5481.177-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0930.html CVE-2023-0930 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0931 openSUSE Tumbleweed:chromedriver-110.0.5481.177-1.1 openSUSE Tumbleweed:chromium-110.0.5481.177-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0931.html CVE-2023-0931 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in WebRTC in Google Chrome on Windows prior to 110.0.5481.177 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0932 openSUSE Tumbleweed:chromedriver-110.0.5481.177-1.1 openSUSE Tumbleweed:chromium-110.0.5481.177-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0932.html CVE-2023-0932 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Integer overflow in PDF in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) CVE-2023-0933 openSUSE Tumbleweed:chromedriver-110.0.5481.177-1.1 openSUSE Tumbleweed:chromium-110.0.5481.177-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0933.html CVE-2023-0933 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in Prompts in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) CVE-2023-0941 openSUSE Tumbleweed:chromedriver-110.0.5481.177-1.1 openSUSE Tumbleweed:chromium-110.0.5481.177-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0941.html CVE-2023-0941 https://bugzilla.suse.com/1208589 SUSE Bug 1208589