Vulnerabilities (CVE)

Filtered by vendor Chromiumembedded Subscribe
Filtered by product Chromium Embedded Framework
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-21640 1 Chromiumembedded 1 Chromium Embedded Framework 2024-11-21 N/A 5.4 MEDIUM
Chromium Embedded Framework (CEF) is a simple framework for embedding Chromium-based browsers in other applications.`CefVideoConsumerOSR::OnFrameCaptured` does not check `pixel_format` properly, which leads to out-of-bounds read out of the sandbox. This vulnerability was patched in commit 1f55d2e.
CVE-2024-21639 1 Chromiumembedded 1 Chromium Embedded Framework 2024-11-21 N/A 5.3 MEDIUM
CEF (Chromium Embedded Framework ) is a simple framework for embedding Chromium-based browsers in other applications. `CefLayeredWindowUpdaterOSR::OnAllocatedSharedMemory` does not check the size of the shared memory, which leads to out-of-bounds read outside the sandbox. This vulnerability was patched in commit 1f55d2e.