[Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Jun 17 09:13:00 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f4c20cce by Moritz Muehlenhoff at 2026-06-17T10:12:32+02:00
new chromium issues
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -601,71 +601,104 @@ CVE-2026-22313 (The device has a webserver that exposes a REST API authenticated
CVE-2026-22312 (The device has a webserver that exposes a REST API authenticated with ...)
TODO: check
CVE-2026-12469 (Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.78 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12468 (Race in Updater in Google Chrome on Mac prior to 149.0.7827.155 allowe ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12467 (Use after free in Extensions in Google Chrome prior to 149.0.7827.155 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12466 (Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 14 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12465 (Object lifecycle issue in Metrics in Google Chrome prior to 149.0.7827 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12464 (Use after free in Browser in Google Chrome prior to 149.0.7827.155 all ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12463 (Inappropriate implementation in Views in Google Chrome on Linux prior ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12462 (Use after free in Media in Google Chrome prior to 149.0.7827.155 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12461 (Out of bounds read in WebRTC in Google Chrome on Windows prior to 149. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12460 (Insufficient policy enforcement in File System Access in Google Chrome ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12459 (Inappropriate implementation in Serial in Google Chrome prior to 149.0 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12458 (Inappropriate implementation in Passwords in Google Chrome prior to 14 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12457 (Inappropriate implementation in Extensions in Google Chrome prior to 1 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12456 (Inappropriate implementation in Extensions in Google Chrome prior to 1 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12455 (Use after free in Tab Strip in Google Chrome prior to 149.0.7827.155 a ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12454 (Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.155 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12453 (Insufficient validation of untrusted input in Input in Google Chrome p ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12452 (Use after free in Downloads in Google Chrome on Android prior to 149.0 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12451 (Use after free in DigitalCredentials in Google Chrome prior to 149.0.7 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12450 (Inappropriate implementation in Media in Google Chrome prior to 149.0. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12449 (Use after free in Chromoting in Google Chrome on Windows prior to 149. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12448 (Inappropriate implementation in WebView in Google Chrome on Android pr ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12447 (Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.15 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12446 (Inappropriate implementation in Passwords in Google Chrome prior to 14 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12445 (Use after free in Extensions in Google Chrome prior to 149.0.7827.155 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12444 (Out of bounds read in Chromoting in Google Chrome on Windows prior to ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12443 (Use after free in Web Authentication in Google Chrome prior to 149.0.7 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12442 (Use after free in Passwords in Google Chrome on Android prior to 149.0 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12441 (Use after free in File Input in Google Chrome on Linux prior to 149.0. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12440 (Use after free in DigitalCredentials in Google Chrome on Windows prior ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12439 (Use after free in Digital Credentials in Google Chrome prior to 149.0. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12438 (Inappropriate implementation in WebView in Google Chrome on Android pr ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12437 (Use after free in WebShare in Google Chrome on Windows prior to 149.0. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-12425 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
NOT-FOR-US: Palo Alto Networks
CVE-2026-12360 (The JetEngine plugin for WordPress is vulnerable to SQL injection in a ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -20,6 +20,8 @@ atril
--
botan3 (aron)
--
+chromium (dilinger)
+--
cups
--
dulwich
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4c20ccef1a8d2aa99d91ee5f55ba626aed800de
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4c20ccef1a8d2aa99d91ee5f55ba626aed800de
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260617/f7f0257c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list