Disclosed Chromium Security Bugs

dawn_wire_server_and_vulkan_backend_fuzzer: Heap-buffer-overflow in rr::optimize

#40056109Reporter: cl...@chromium.org
$0
10/1/2021

Use-after-poison in blink::HTMLSlotElement::DetachLayoutTree

#40056260Reporter: cl...@chromium.org
$0
10/1/2021

Security DCHECK failure: !resource_clipper->NeedsLayout() in clip_path_clipper.cc

#40056278Reporter: cl...@chromium.org
$0
10/1/2021

Heap-use-after-free in blink::PropertyTreeManager::EnsureCompositorTransformNode

#40056313Reporter: cl...@chromium.org
$0
10/1/2021

ec_pchg_fuzzer: Global-buffer-overflow in test_fuzz_one_input

#40056333Reporter: cl...@chromium.org
$0
10/1/2021

CHECK failure: args.Length() == 2 in d8-test.cc

#40056334Reporter: cl...@chromium.org
$0
10/1/2021

heap-use-after-free : blink::PaintController::FinishCycle

#40056339Reporter: cr...@system.gserviceaccount.com
$0
10/1/2021

tint_single_entry_point_fuzzer: Illegal-instruction in tint::fuzzers::ValidityErrorReporter

#40055768Reporter: cl...@chromium.org
$0
9/30/2021

Heap-use-after-free in ash::TrayBubbleView::~TrayBubbleView

#40056181Reporter: cl...@chromium.org
$0
9/30/2021

Heap-use-after-free in ash::TrayBubbleView::~TrayBubbleView

#40056203Reporter: cl...@chromium.org
$0
9/30/2021
Showing 6151-6160 of 10940 bugs