{"affected":[{"ecosystem_specific":{"binaries":[{"chromedriver":"130.0.6723.58-bp156.2.41.1","chromium":"130.0.6723.58-bp156.2.41.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP5","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"130.0.6723.58-bp156.2.41.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"chromedriver":"130.0.6723.58-bp156.2.41.1","chromium":"130.0.6723.58-bp156.2.41.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP6","name":"chromium","purl":"pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"130.0.6723.58-bp156.2.41.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"chromedriver":"130.0.6723.58-bp156.2.41.1","chromium":"130.0.6723.58-bp156.2.41.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.5","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"130.0.6723.58-bp156.2.41.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"chromedriver":"130.0.6723.58-bp156.2.41.1","chromium":"130.0.6723.58-bp156.2.41.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"chromium","purl":"pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"130.0.6723.58-bp156.2.41.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chromium fixes the following issues:\n\nChromium 130.0.6723.58 (boo#1231694)\n\n* CVE-2024-9954: Use after free in AI\n* CVE-2024-9955: Use after free in Web Authentication\n* CVE-2024-9956: Inappropriate implementation in Web Authentication\n* CVE-2024-9957: Use after free in UI\n* CVE-2024-9958: Inappropriate implementation in PictureInPicture\n* CVE-2024-9959: Use after free in DevTools\n* CVE-2024-9960: Use after free in Dawn\n* CVE-2024-9961: Use after free in Parcel Tracking\n* CVE-2024-9962: Inappropriate implementation in Permissions\n* CVE-2024-9963: Insufficient data validation in Downloads\n* CVE-2024-9964: Inappropriate implementation in Payments\n* CVE-2024-9965: Insufficient data validation in DevTools\n* CVE-2024-9966: Inappropriate implementation in Navigations\n","id":"openSUSE-SU-2024:0337-1","modified":"2024-10-18T13:29:47Z","published":"2024-10-18T13:29:47Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/T2MFLX2ZRDN67URDWGTQ2CAJVYDFICNP/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1231694"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9954"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9955"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9956"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9957"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9958"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9959"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9960"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9961"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9962"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9963"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9964"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9965"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-9966"}],"related":["CVE-2024-9954","CVE-2024-9955","CVE-2024-9956","CVE-2024-9957","CVE-2024-9958","CVE-2024-9959","CVE-2024-9960","CVE-2024-9961","CVE-2024-9962","CVE-2024-9963","CVE-2024-9964","CVE-2024-9965","CVE-2024-9966"],"summary":"Security update for chromium","upstream":["CVE-2024-9954","CVE-2024-9955","CVE-2024-9956","CVE-2024-9957","CVE-2024-9958","CVE-2024-9959","CVE-2024-9960","CVE-2024-9961","CVE-2024-9962","CVE-2024-9963","CVE-2024-9964","CVE-2024-9965","CVE-2024-9966"]}