{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"146.0.7680.80-bp160.1.1","chromium":"146.0.7680.80-bp160.1.1"}]},"package":{"ecosystem":"openSUSE:Leap 16.0","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2016.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"146.0.7680.80-bp160.1.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\nChanges in chromium:\n\n- Chromium 146.0.7680.80:\n\t  * CVE-2026-3909: Out of bounds write in Skia (boo#1259659)\n\n- Chromium 146.0.7680.75 (released 2026-03-12) (boo#1259648)\n  * CVE-2026-3910: Inappropriate implementation in V8.\n\n- Chromium 146.0.7680.71 (released 2026-03-11) (boo#1259530)\n  * CVE-2026-3913: Heap buffer overflow in WebML\n  * CVE-2026-3914: Integer overflow in WebML\n  * CVE-2026-3915: Heap buffer overflow in WebML\n  * CVE-2026-3916: Out of bounds read in Web Speech\n  * CVE-2026-3917: Use after free in Agents\n  * CVE-2026-3918: Use after free in WebMCP\n  * CVE-2026-3919: Use after free in Extensions\n  * CVE-2026-3920: Out of bounds memory access in WebML\n  * CVE-2026-3921: Use after free in TextEncoding\n  * CVE-2026-3922: Use after free in MediaStream\n  * CVE-2026-3923: Use after free in WebMIDI\n  * CVE-2026-3924: Use after free in WindowDialog\n  * CVE-2026-3925: Incorrect security UI in LookalikeChecks\n  * CVE-2026-3926: Out of bounds read in V8\n  * CVE-2026-3927: Incorrect security UI in PictureInPicture\n  * CVE-2026-3928: Insufficient policy enforcement in Extensions\n  * CVE-2026-3929: Side-channel information leakage in ResourceTiming\n  * CVE-2026-3930: Unsafe navigation in Navigation\n  * CVE-2026-3931: Heap buffer overflow in Skia\n  * CVE-2026-3932: Insufficient policy enforcement in PDF\n  * CVE-2026-3934: Insufficient policy enforcement in ChromeDriver\n  * CVE-2026-3935: Incorrect security UI in WebAppInstalls\n  * CVE-2026-3936: Use after free in WebView\n  * CVE-2026-3937: Incorrect security UI in Downloads\n  * CVE-2026-3938: Insufficient policy enforcement in Clipboard\n  * CVE-2026-3939: Insufficient policy enforcement in PDF\n  * CVE-2026-3940: Insufficient policy enforcement in DevTools\n  * CVE-2026-3941: Insufficient policy enforcement in DevTools\n  * CVE-2026-3942: Incorrect security UI in PictureInPicture\n","id":"openSUSE-SU-2026:20372-1","modified":"2026-03-17T10:11:02Z","published":"2026-03-17T10:11:02Z","references":[{"type":"ADVISORY","url":null},{"type":"REPORT","url":"https://bugzilla.suse.com/1259530"},{"type":"REPORT","url":"https://bugzilla.suse.com/1259648"},{"type":"REPORT","url":"https://bugzilla.suse.com/1259659"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3909"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3910"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3913"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3914"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3915"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3916"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3917"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3918"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3919"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3920"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3921"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3922"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3923"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3924"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3925"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3926"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3927"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3928"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3929"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3930"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3931"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3932"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3934"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3935"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3936"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3937"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3938"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3939"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3940"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3941"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-3942"}],"related":["CVE-2026-3909","CVE-2026-3910","CVE-2026-3913","CVE-2026-3914","CVE-2026-3915","CVE-2026-3916","CVE-2026-3917","CVE-2026-3918","CVE-2026-3919","CVE-2026-3920","CVE-2026-3921","CVE-2026-3922","CVE-2026-3923","CVE-2026-3924","CVE-2026-3925","CVE-2026-3926","CVE-2026-3927","CVE-2026-3928","CVE-2026-3929","CVE-2026-3930","CVE-2026-3931","CVE-2026-3932","CVE-2026-3934","CVE-2026-3935","CVE-2026-3936","CVE-2026-3937","CVE-2026-3938","CVE-2026-3939","CVE-2026-3940","CVE-2026-3941","CVE-2026-3942"],"summary":"Security update for chromium","upstream":["CVE-2026-3909","CVE-2026-3910","CVE-2026-3913","CVE-2026-3914","CVE-2026-3915","CVE-2026-3916","CVE-2026-3917","CVE-2026-3918","CVE-2026-3919","CVE-2026-3920","CVE-2026-3921","CVE-2026-3922","CVE-2026-3923","CVE-2026-3924","CVE-2026-3925","CVE-2026-3926","CVE-2026-3927","CVE-2026-3928","CVE-2026-3929","CVE-2026-3930","CVE-2026-3931","CVE-2026-3932","CVE-2026-3934","CVE-2026-3935","CVE-2026-3936","CVE-2026-3937","CVE-2026-3938","CVE-2026-3939","CVE-2026-3940","CVE-2026-3941","CVE-2026-3942"]}