Disclosed Chromium Security Bugs
←Back to DashboardSecurity: V8: JIT: JSBuiltinReducer::ReduceObjectCreate fails to ensure that the prototype is "null"
$0
3/24/2018
Security: pdfium: out-of-bounds read with nested colorspaces
$0
3/24/2018
Security: V8: JIT: Type confusion in GetSpecializationContext
$0
3/24/2018
CHECK failure: LoadElement of kRepFloat64 (NumberOrHole) cannot be changed to kRepTagged in rep
$0
3/22/2018
Security: V8: JIT: Simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement optimization bug
$0
3/15/2018
Use-of-uninitialized-value in media::DecoderBuffer::timestamp
$0
3/14/2018
pobfuzz: cc::DrawTextBlobOp::Deserialize -> use-of-uninitialized-value in int const& SkTMax
$0
3/14/2018
CHECK failure: NumberToUint32 of kRepWord32 (Range(1, NUMBER)) cannot be changed to kRepTaggedS
$0
3/14/2018
ServiceWorkerScriptURLLoader does not check for certificate errors properly
$0
3/9/2018
CHECK failure: frame_state->opcode() == IrOpcode::kFrameState || (node->opcode() == IrOpcode::k
$0
3/6/2018