MGASA-2015-0265

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2015-1266 CVE-2015-1267 CVE-2015-1268 CVE-2015-1269

Published: 05 Jul 2015, 17:22

Last modified:16 Apr 2026, 06:22

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

05 Jul 2015, 17:22

Published

Vulnerability first disclosed

16 Apr 2026, 06:22

Last Modified

Vulnerability information updated

Description

Updated chromium-browser package fixes security vulnerability A scheme validation error in WebUI (CVE-2015-1266). Two cross-origin bypass issues in Blink (CVE-2015-1267, CVE-2015-1268). A normalization error in the HSTS/HPKP preload list (CVE-2015-1269). This update also disables the automatic, silent downloading and installation of "external components" like the hotword extension.

Affected Systems

mageia•chromium-browser-stable
< 43.0.2357.130-1.mga4
mageia•chromium-browser-stable
< 43.0.2357.130-1.mga5

MGASA-2015-0265

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)