{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"129.0.6668.70-bp156.2.32.1","chromium":"129.0.6668.70-bp156.2.32.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP6","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"129.0.6668.70-bp156.2.32.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"chromedriver":"129.0.6668.70-bp156.2.32.1","chromium":"129.0.6668.70-bp156.2.32.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"129.0.6668.70-bp156.2.32.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\nChromium 129.0.6668.70 (stable released 2024-09-24) (boo#1230964)\n\n  * CVE-2024-9120: Use after free in Dawn\n  * CVE-2024-9121: Inappropriate implementation in V8\n  * CVE-2024-9122: Type Confusion in V8\n  * CVE-2024-9123: Integer overflow in Skia\n\n- bump BR for nodejs to minimal 20.0\n","id":"openSUSE-SU-2024:0314-1","modified":"2024-09-27T08:38:17Z","published":"2024-09-27T08:38:17Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XUWTKZIDZ3ME45LREUL2P3MDUEBKCPKD/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230964"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9120"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9121"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9122"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9123"}],"related":["CVE-2024-9120","CVE-2024-9121","CVE-2024-9122","CVE-2024-9123"],"summary":"Security update for chromium","upstream":["CVE-2024-9120","CVE-2024-9121","CVE-2024-9122","CVE-2024-9123"]}