MGASA-2014-0037

Advisory lineage Upstream: 7 Downstream: 0

Upstream

CVE-2013-6641 CVE-2013-6643 CVE-2013-6644 CVE-2013-6645 CVE-2013-6646 CVE-2013-6649

Published: 08 Feb 2014, 18:46

Last modified:16 Apr 2026, 06:22

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

08 Feb 2014, 18:46

Published

Vulnerability first disclosed

16 Apr 2026, 06:22

Last Modified

Vulnerability information updated

Description

Updated chromium-browser-stable package fixes multiple vulnerabilities Use-after-free related to forms (CVE-2013-6641). Unprompted sync with an attackers Google account (CVE-2013-6643). Various fixes from internal audits, fuzzing and other initiatives (CVE-2013-6644). Use-after-free related to speech input elements (CVE-2013-6645). Use-after-free in web workers (CVE-2013-6646). Use-after-free in SVG images (CVE-2013-6649). Memory corruption in v8 before version 3.22.24.16 (CVE-2013-6650).

Affected Systems

mageia•chromium-browser-stable
< 32.0.1700.102-1.mga3 | < 32.0.1700.102-1.mga3.tainted
mageia•chromium-browser-stable
< 32.0.1700.102-1.mga4 | < 32.0.1700.102-1.mga4.tainted

MGASA-2014-0037

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)