A side-channel information leakage flaw was found in the ResourceTiming component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=477180001

An insufficient policy enforcement flaw was found in the Extensions component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=435980394

An incorrect security ui flaw was found in the PictureInPicture component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=474948986

An out of bounds read flaw was found in the V8 component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=478659010

An use after free flaw was found in the WindowDialog component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=487338366

An use after free flaw was found in the WebMIDI component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=485935314

An use after free flaw was found in the MediaStream component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=485397139

An use after free flaw was found in the TextEncoding component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=484946544

An out of bounds memory access flaw was found in the WebML component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=482875307

An use after free flaw was found in the Extensions component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=444176961

An use after free flaw was found in the WebMCP component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=483853103

An use after free flaw was found in the Agents component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=483569512

An out of bounds read flaw was found in the Web Speech component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=482828615

A heap buffer overflow flaw was found in the WebML component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=483971526

An integer overflow flaw was found in the WebML component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=481776048

A heap buffer overflow flaw was found in the WebML component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=483445078

A flaw was found in Keycloak. An authenticated user with the view-users role could exploit a vulnerability in the UserResource component. By accessing a specific administrative endpoint, this user could improperly retrieve user attributes that were configured to be hidden. This unauthorized information disclosure could expose sensitive user data.

An inappropriate implementation flaw was found in the V8 component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=491410818

An out of bounds write flaw was found in the Skia component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=491421267

A flaw was found in glibc. When calling NSS-backed functions that support caching via nscd, the nscd client under high load on x86_64 systems may call the memcmp function on inputs that are concurrently modified by other processes or threads, causing a crash and resulting in a denial of service.