diff options
author | Jason E. Hale <jhale@FreeBSD.org> | 2024-01-31 19:42:36 +0000 |
---|---|---|
committer | Jason E. Hale <jhale@FreeBSD.org> | 2024-01-31 20:07:14 +0000 |
commit | 281b7559833e360a918bedc5678dd716d53f4d39 (patch) | |
tree | e33a8b49eef9700025c40ab12045e26fc9880939 | |
parent | 667023598899a8bc250fbf4f76588f4892e18679 (diff) | |
download | ports-281b7559833e360a918bedc5678dd716d53f4d39.tar.gz ports-281b7559833e360a918bedc5678dd716d53f4d39.zip |
security/vuxml: Document qt6-webengine vulnerabilities
-rw-r--r-- | security/vuxml/vuln/2024.xml | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/security/vuxml/vuln/2024.xml b/security/vuxml/vuln/2024.xml index 83d240fd970f..16d948614dad 100644 --- a/security/vuxml/vuln/2024.xml +++ b/security/vuxml/vuln/2024.xml @@ -1,3 +1,36 @@ + <vuln vid="bbcb1584-c068-11ee-bdd6-4ccc6adda413"> + <topic>qt6-webengine -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>qt6-webengine</name> + <range><lt>6.6.1_4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Qt qtwebengine-chromium repo reports:</p> + <blockquote cite="https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=112-based"> + <p>Backports for 3 security bugs in Chromium:</p> + <ul> + <li>[1505080] High CVE-2024-0807: Use after free in WebAudio</li> + <li>[1504936] Critical CVE-2024-0808: Integer underflow in WebUI</li> + <li>[1496250] Medium CVE-2024-0810: Insufficient policy enforcement in DevTools</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2024-0807</cvename> + <cvename>CVE-2024-0808</cvename> + <cvename>CVE-2024-0810</cvename> + <url>https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=112-based</url> + </references> + <dates> + <discovery>2024-01-30</discovery> + <entry>2024-01-31</entry> + </dates> + </vuln> + <vuln vid="10dee731-c069-11ee-9190-84a93843eb75"> <topic>OpenSSL -- Multiple vulnerabilities</topic> <affects> |