{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"125.0.6422.76-bp155.2.85.2","chromium":"125.0.6422.76-bp155.2.85.2"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP5","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"125.0.6422.76-bp155.2.85.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"chromedriver":"125.0.6422.76-bp155.2.85.2","chromium":"125.0.6422.76-bp155.2.85.2"}]},"package":{"ecosystem":"openSUSE:Leap 15.5","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"125.0.6422.76-bp155.2.85.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\n- Chromium 125.0.6422.76 (boo#1224818)\n  * CVE-2024-5157: Use after free in Scheduling\n  * CVE-2024-5158: Type Confusion in V8\n  * CVE-2024-5159: Heap buffer overflow in ANGLE\n  * CVE-2024-5160: Heap buffer overflow in Dawn\n  * Various fixes from internal audits, fuzzing and other initiatives\n","id":"openSUSE-SU-2024:0137-1","modified":"2024-05-23T06:37:44Z","published":"2024-05-23T06:37:44Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OUHQT3H7SVUMWPOBHPV62RCKTAJROHUB/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224818"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-5157"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-5158"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-5159"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-5160"}],"related":["CVE-2024-5157","CVE-2024-5158","CVE-2024-5159","CVE-2024-5160"],"summary":"Security update for chromium","upstream":["CVE-2024-5157","CVE-2024-5158","CVE-2024-5159","CVE-2024-5160"]}