71.0.3578.80 was released
included 43 security fixes.
[905940] High CVE-2018-17480: Out of bounds write in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 via Tianfu Cup on 2018-11-16
[901654] High CVE-2018-17481: Use after frees in PDFium. Reported by Anonymous on 2018-11-04
[895362] High CVE-2018-18335: Heap buffer overflow in Skia. Reported by Anonymous on 2018-10-15
[898531] High CVE-2018-18336: Use after free in PDFium. Reported by Huyna at Viettel Cyber Security on 2018-10-24
[886753] High CVE-2018-18337: Use after free in Blink. Reported by cloudfuzzer on 2018-09-19
[890576] High CVE-2018-18338: Heap buffer overflow in Canvas. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-09-29
[891187] High CVE-2018-18339: Use after free in WebAudio. Reported by cloudfuzzer on 2018-10-02
[896736] High CVE-2018-18340: Use after free in MediaRecorder. Reported by Anonymous on 2018-10-18
[901030] High CVE-2018-18341: Heap buffer overflow in Blink. Reported by cloudfuzzer on 2018-11-01
[906313] High CVE-2018-18342: Out of bounds write in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2018-11-17
[882423] High CVE-2018-18343: Use after free in Skia. Reported by Tran Tien Hung (@hungtt28) of Viettel Cyber Security on 2018-09-10
[866426] High CVE-2018-18344: Inappropriate implementation in Extensions. Reported by Jann Horn of Google Project Zero on 2018-07-23
[900910] High To be allocated: Multiple issues in SQLite via WebSQL. Reported by Wenxiang Qian of Tencent Blade Team on 2018-11-01
[886976] Medium CVE-2018-18345: Inappropriate implementation in Site Isolation. Reported by Masato Kinugawa and Jun Kokatsu (@shhnjk) on 2018-09-19
[606104] Medium CVE-2018-18346: Incorrect security UI in Blink. Reported by Luan Herrera (@lbherrera_) on 2016-04-23
[850824] Medium CVE-2018-18347: Inappropriate implementation in Navigation. Reported by Luan Herrera (@lbherrera_) on 2018-06-08
[881659] Medium CVE-2018-18348: Inappropriate implementation in Omnibox. Reported by Ahmed Elsobky (@0xsobky) on 2018-09-07
[894399] Medium CVE-2018-18349: Insufficient policy enforcement in Blink. Reported by David Erceg on 2018-10-11
[799747] Medium CVE-2018-18350: Insufficient policy enforcement in Blink. Reported by Jun Kokatsu (@shhnjk) on 2018-01-06
[833847] Medium CVE-2018-18351: Insufficient policy enforcement in Navigation. Reported by Jun Kokatsu (@shhnjk) on 2018-04-17
[849942] Medium CVE-2018-18352: Inappropriate implementation in Media. Reported by Jun Kokatsu (@shhnjk) on 2018-06-06
[884179] Medium CVE-2018-18353: Inappropriate implementation in Network Authentication. Reported by Wenxu Wu (@ma7h1as) of Tencent Security Xuanwu Lab on 2018-09-14
[889459] Medium CVE-2018-18354: Insufficient data validation in Shell Integration. Reported by Wenxu Wu (@ma7h1as) of Tencent Security Xuanwu Lab on 2018-09-26
[896717] Medium CVE-2018-18355: Insufficient policy enforcement in URL Formatter. Reported by evi1m0 of Bilibili Security Team on 2018-10-18
[883666] Medium CVE-2018-18356: Use after free in Skia. Reported by Tran Tien Hung (@hungtt28) of Viettel Cyber Security on 2018-09-13
[895207] Medium CVE-2018-18357: Insufficient policy enforcement in URL Formatter. Reported by evi1m0 of Bilibili Security Team on 2018-10-15
[899126] Medium CVE-2018-18358: Insufficient policy enforcement in Proxy. Reported by Jann Horn of Google Project Zero on 2018-10-26
[907714] Medium CVE-2018-18359: Out of bounds read in V8. Reported by cyrilliu of Tencent Zhanlu Lab on 2018-11-22
[851821] Low To be allocated: Inappropriate implementation in PDFium. Reported by Salem Faisal Elmrayed on 2018-06-12
[856135] Low To be allocated: Use after free in Extensions. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-06-25
[879965] Low To be allocated: Inappropriate implementation in Navigation. Reported by Luan Herrera (@lbherrera_) on 2018-09-03
[882270] Low To be allocated: Inappropriate implementation in Navigation. Reported by Jesper van den Ende on 2018-09-09
[890558] Low To be allocated: Insufficient policy enforcement in Navigation. Reported by Ryan Pickren (ryanpickren.com) on 2018-09-29
[895885] Low To be allocated: Insufficient policy enforcement in URL Formatter. Reported by evi1m0 of Bilibili Security Team on 2018-10-16