OSVDB: Open Sourced Vulnerability Database

Affiliation/Organization: Chromium development community

Time to Patch Stats

For vulnerabilities disclosed through this affiliation where we have sufficient data to calculate the time to patch (17 vulns), the following statistics apply:

Min Time To Patch:	5 days
Avg Time To Patch:	48 days
Max Time To Patch:	128 days

Other Affiliations

Creditees Affiliated with Chromium development community have also affiliated with:

Google Inc. (2)

Google Chrome Security Team (1)

Website: http://www.chromium.org/

Creditees currently or formerly associated with Chromium development community (26):
(ordered by association date)

Known Since	Name	Vulns Through Affiliation
2010-09-21	Lei Zhang	3
2010-10-19	Chromium development community	4
2011-01-12	Eric Roman	4
2011-02-03	Daniel Cheng	1
2011-04-27	Scott Hess	1
2011-04-27	Kostya Serebryany	2
2012-01-23	Julien Chaffraix	3
2012-01-31	Nick Bray	1
2012-03-08	Adam Klein	1
2012-04-09	Dharani Govindan	3
2012-05-15	Charlie Reis	1
2012-05-15	Brett Wilson	2
2012-06-26	Ken “gets” Russell	1
2012-07-25	Thomas Sepez	1
2012-07-25	Stephen Chenney	1
2012-07-25	David Levin	1
2012-07-31	Nasko Oskov	1
2012-11-06	Al Patrick	1
2012-11-06	Alexander Potapenko	2
2013-01-10	Andreas Rossberg	1
2013-01-22	Ted Nakamura	1
2013-02-21	Andrew Scherkus	2
2013-02-21	Mark Seaborn	1
2013-03-26	Benjamin Kalman	1
2013-03-26	Vsevolod Vlasov	1
2013-05-16	Jay Civelli	1

Disclosed Vulnerabilities (42):

Discl. Date	OSVDB ID	CVE ID	Creditees	Title
2013-05-16	93470	2013-0991	Jay Civelli	WebKit Unspecified Memory Corruption (2013-0991)
2013-03-26	91711	2013-0918	Vsevolod Vlasov	Google Chrome DevTools External Navigation Drag And Drop Weakness
2013-03-26	91706	2013-0924	Benjamin Kalman	Google Chrome Permissions API Extension FIle Access Handling Weakness
2013-03-04	90847	2013-0907	Andrew Scherkus	Google Chrome media/filters/video_renderer_base.cc Media Thread Handling Race Condition
2013-02-21	90528	2013-0886	Mark Seaborn	Google Chrome for Mac Unspecified NaCl Signal Handling Issue
2013-02-21	90535	2013-0893	Andrew Scherkus	Google Chrome Media Handling Unspecified Race Condition
2013-01-28	90540	2013-0898	Alexander Potapenko	google-url GURL::ResolveWithCharsetConverter URL Handling Use-after-free Code Execution
2013-01-22	89502	2013-0843	Ted Nakamura	Google Chrome webrtc_audio_renderer.cc WebRtcAudioRenderer::Initialize Function Unsupported RTC Sampling Rate Memory Corruption
2013-01-10	89079	2012-5153	Andreas Rossberg	Google Chrome v8 Unspecified Out-of-bounds Stack Access Issue
2012-11-06	87078	2012-5124	Al Patrick	Google Chrome GLES2DecoderImpl::DeleteTexturesHelper Function Texture Handling Out-of-bounds Array Access Issue
2012-11-06	87083	2012-5125	Alexander Potapenko	Google Chrome ExtensionFunctionDispatcher::Dispatch Function Use-after-free Issue
2012-09-25	85753	2012-2891	Lei Zhang	Google Chrome IPC Print Preview WebUI Memory Address Disclosure Weakness
2012-09-25	85755	2012-2885	Chromium development community	Google Chrome Browser Process Shutdown Handling Double-free Issue
2012-07-31	84374	2012-2854	Nasko Oskov	Google Chrome WebUI Cookie Page Memory Address Disclosure Weakness
2012-07-25	84158	2012-3615	Stephen Chenney	WebKit Website Handling Unspecified Memory Corruption (2012-3615)
2012-07-25	84185	2012-3664	Thomas Sepez	WebKit Website Handling Unspecified Memory Corruption (2012-3664)
2012-07-25	84150	2012-3600	David Levin	WebKit Website Handling Unspecified Memory Corruption (2012-3600)
2012-06-26	83254	2012-2819	Ken “gets” Russell	WebKit WebGL texSubImage2D Floating-point Texture Upload Handling Memory Corruption
2012-06-26	83239	2012-2827	Dharani Govindan	Google Chrome for Mac File Download Handling Use-after-free Issue
2012-05-23	85374	2012-3676	Julien Chaffraix	WebKit 'RenderTableCol::isChildAllowed' Function Table Column Display Handling Memory Corruption
2012-05-21	82227	2011-3103	Brett Wilson	Google V8 Garbage Collection Backing Store Memory Corruption
2012-05-15	81946	2011-3084	Brett Wilson	Google Chrome Internal Page Link WebUI Renderer Process Opening Weakness
2012-05-15	81949	2011-3087	Charlie Reis	Google Chrome Window Swapped Out URL Navigation Weakness
2012-04-23	82252	2011-3107	Dharani Govindan	Google Chrome Plug-in V8 JavaScript Bindings Memory Corruption
2012-04-09	82251	2011-3106	Dharani Govindan	Google Chrome SSL Connection Handling Memory Corruption
2012-03-08	79915	2012-0593	Lei Zhang	WebKit Website Handling Unspecified Memory Corruption (2012-0593)
2012-03-08	79916	2012-0594	Adam Klein	WebKit Website Handling Unspecified Memory Corruption (2012-0594)
2012-03-08	79956	2012-0635	Julien Chaffraix Martin Barbella	WebKit Unspecified Memory Corruption (2012-0635)
2012-01-31	79288	2011-3020	Nick Bray	Google Native Client (NaCl) Super Instructions Validator Error Sandbox Bypass
2012-01-23	84179	2012-3646	Julien Chaffraix Martin Barbella	WebKit 'RenderTableSection::rowLogicalHeightChanged' Function Use-after-free Issue
2011-06-07	72784	2011-1814	Eric Roman	Google Chrome PDF Viewing Image Data Uninitialized Pointer Read Weakness
2011-05-24	72506	2011-1807	Abhishek Arya (Inferno) Kostya Serebryany	Google Chrome Blob Handling Out-of-Bounds Write Remote Code Execution
2011-04-27	72219	2011-1455	Eric Roman	Google Chrome Multipart-Encoded PDF Out-of-Bounds Read
2011-04-27	72196	2011-1303	Scott Hess Martin Barbella	WebKit Floating Object Handling Stale Pointer Issue
2011-04-27	72198	2011-1305	Kostya Serebryany	Google Chrome Database Handling Linked-List Race Condition DoS
2011-04-27	72220	2011-1456	Eric Roman	Google Chrome PDF Forms Unspecified Stale Pointer DoS
2011-02-03	70982	2011-0776	Daniel Cheng	Google Chrome on Mac OS X stat() Call Sandbox Information Disclosure
2011-01-12	70453	2011-0470	Eric Roman	Google Chrome Extension Notification Handling Remote DoS
2010-10-19	68839	2010-4038	Chromium development community	Google Chrome Web Sockets Shutdown Action Unspecified DoS
2010-10-19	68835	2010-4034	Chromium development community	Google Chrome Form Handling Crafted HTML Document DoS
2010-10-19	68836	2010-4035	Chromium development community	Google Chrome Form Autofill Operation Crafted HTML Document DoS
2010-09-21	70102	2010-4574	Lei Zhang	Google Chrome base/pickle.cc Pickle::Pickle Function Message Deserialization Validation Bypass Remote DoS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Creditees currently or formerly associated with Chromium development community (26):(ordered by association date)

Disclosed Vulnerabilities (42):

Creditees currently or formerly associated with Chromium development community (26):
(ordered by association date)