Browse all 3 CVE security advisories affecting Chromium. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Chromium serves as the open-source foundation for multiple browsers, enabling web application development and browsing. Historically, it has faced vulnerabilities across classes including remote code execution, cross-site scripting, and privilege escalation. The project maintains a rapid patch cycle, though its widespread adoption increases exposure. Notable incidents include supply chain compromises and zero-day exploits affecting derivative browsers. With three current CVEs, Chromium's security posture reflects both its complexity and active maintenance. Its modular architecture allows for sandboxing and regular security updates, though the attack surface remains substantial due to its extensive feature set and integration with system components.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-5197 | Integer overflow in libvpx — libvpxCWE-190 | 8.1AI | HighAI | 2024-06-03 |
| CVE-2023-6349 | Heap overflow in libvpx — libvpxCWE-122 | 8.8AI | HighAI | 2024-05-27 |
| CVE-2023-1999 | Use after free in libwebp — libwebpCWE-416 | 5.3 | Medium | 2023-06-20 |
This page lists every published CVE security advisory associated with Chromium. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.