MGASA-2013-0324

Advisory lineage Upstream: 12 Downstream: 0
Published: 13 Nov 2013, 19:09
Last modified:16 Apr 2026, 06:23

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

13 Nov 2013, 19:09
Published
Vulnerability first disclosed
16 Apr 2026, 06:23
Last Modified
Vulnerability information updated

Description

Updated chromium-browser-stable packages fix multiple vulnerabilities Updated chromium-browser-stable packages fix security vulnerabilities: Various fixes from internal audits, fuzzing and other initiatives (CVE-2013-2931). Use after free related to speech input elements (CVE-2013-6621). Use after free related to media elements (CVE-2013-6622). Out of bounds read in SVG (CVE-2013-6623). Use after free related to 'id' attribute strings (CVE-2013-6624). Use after free in DOM ranges (CVE-2013-6625). Address bar spoofing related to interstitial warnings (CVE-2013-6626). Out of bounds read in HTTP parsing (CVE-2013-6627). Issue with certificates not being checked during TLS renegotiation (CVE-2013-6628). libjpeg 6b and libjpeg-turbo will use uninitialized memory when decoding images with missing SOS data for the luminance component (Y) in presence of valid chroma data (Cr, Cb) (CVE-2013-6629). libjpeg-turbo will use uninitialized memory when handling Huffman tables (CVE-2013-6630). Use after free in libjingle (CVE-2013-6631).

Affected Systems

  • mageiachromium-browser-stable

    < 31.0.1650.48-1.mga2

  • mageiachromium-browser-stable

    < 31.0.1650.48-1.mga3 | < 31.0.1650.48-1.mga3.tainted

References (4)