devd/ChromeData.csv Secret

## ChromeData.csv
id,severity,alllabels,security_impact,reward,reward_status,owner,summary,modified,modifiedtimestamp,opened,openedtimestamp,closed,closedtimestamp,reporter,cve
3275,"Low","Cr-Blink, M-4, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","abarth@chromium.org","Security: Popup-blocker bypass using click event","Apr 06, 2013 03:00:12",1365217212,"Oct 09, 2008 12:48:26",1223556506,"Oct 30, 2009 08:07:15",1256890035,"skylined@chromium.org",""
6062,"High","Cr-Blink, Crash-2.0.156.1, Crash-2.0.157.1, Mstone-2.0, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove, stable","Stable",,"","pkasting@chromium.org","Chrome: Crash Report - Stack Signature: WebCore::GIFImageDecoder::haveDecodedRow","Apr 06, 2013 02:56:35",1365216995,"Jan 07, 2009 00:00:08",1231286408,"Feb 05, 2009 00:01:17",1233792077,"mberkow...@chromium.org",""
6264,"High","Area-Misc, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","f...@chromium.org","Security bug: something very wrong with same-origin checks","Mar 21, 2013 20:58:11",1363899491,"Jan 12, 2009 00:05:32",1231718732,"Feb 19, 2009 19:05:44",1235070344,"lcam...@gmail.com",""
6869,"High","Cr-Blink, Crash-2.0.166.1, Crash-2.0.168.0, Crash-2.0.169.0, Crash-2.0.169.1, Crash-2.0.170.0, Mstone-2.1, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","j...@chromium.org","SVG support is crashy in 2.0.157.2","Apr 06, 2013 02:55:47",1365216947,"Jan 22, 2009 19:36:50",1232653010,"Apr 27, 2009 17:36:01",1240853761,"scarybea...@gmail.com",""
7214,"Medium","Cr-Blink, M-4, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","abarth@chromium.org","Cross-domain access to stylesheet text should not be allowed","Apr 06, 2013 02:55:30",1365216930,"Jan 29, 2009 23:58:13",1233273493,"Nov 09, 2009 20:32:14",1257798734,"abarth@chromium.org",""
7338,"High","Cr-Internals, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","abarth@chromium.org","30x redirects silently honored in response to CONNECT","Mar 21, 2013 20:58:10",1363899490,"Feb 03, 2009 09:05:11",1233651911,"Feb 27, 2009 07:58:27",1235721507,"lcam...@gmail.com",""
7590,"Low","Area-Misc, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Rogue renderer can tamper with Windows.","Mar 21, 2013 20:58:09",1363899489,"Feb 11, 2009 14:56:18",1234364178,"Feb 12, 2009 13:52:05",1234446725,"de...@chromium.org",""
7713,"Medium","Cr-Internals, Fixit, M-5, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","infe...@chromium.org","Unescape according to the safe browsing spec","Mar 21, 2013 21:01:39",1363899699,"Feb 13, 2009 21:33:13",1234560793,"Mar 30, 2010 17:41:17",1269970877,"brettw@chromium.org",""
8198,"High","Cr-Internals, Cr-UI-Internationalization, M-4, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, TaskForce-Fixit, Type-Bug-Security, bulkmove","Stable",,"","jshin@chromium.org","Need to upgrade ICU in third_party","Mar 21, 2013 20:58:09",1363899489,"Feb 27, 2009 17:46:05",1235756765,"Sep 10, 2009 18:21:37",1252606897,"a...@chromium.org",""
8473,"Low","Cr-Internals, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","abarth@chromium.org","Fix CONNECT requests with user-cancelled auth","Mar 21, 2013 20:58:08",1363899488,"Mar 06, 2009 19:03:43",1236366223,"Mar 11, 2009 21:20:36",1236806436,"abarth@chromium.org",""
8706,"Low","Area-BrowserUI, OS-All, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","abarth@chromium.org","Mixed content warning can be removed","Mar 21, 2013 20:58:08",1363899488,"Mar 12, 2009 09:45:50",1236851150,"Mar 20, 2009 06:16:54",1237529814,"adhi...@google.com",""
9019,"High","Cr-Blink, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","mal@chromium.org","zdi-can-464: malformed svglist parsing code execution","Apr 06, 2013 02:53:32",1365216812,"Mar 19, 2009 23:43:41",1237506221,"May 13, 2009 18:26:49",1242239209,"whbe...@gmail.com",""
9760,"Low","Cr-Internals, Mstone-2.0, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","est...@chromium.org"," to address bar causes full crash","Mar 21, 2013 20:58:07",1363899487,"Apr 06, 2009 03:09:12",1238987352,"Apr 08, 2009 21:51:14",1239227474,"gotoken",""
9860,"High","Cr-Internals, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cpu@chromium.org","ChromeHTML URI handler vulnerability","Mar 21, 2013 20:58:07",1363899487,"Apr 08, 2009 10:32:19",1239186739,"Apr 08, 2009 16:16:27",1239207387,"roisaltz...@gmail.com",""
9877,"Medium","Cr-Blink, M-4, OS-All, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","scarybea...@gmail.com","Security: cross domain thefts via CSS string property injection","Apr 06, 2013 02:52:27",1365216747,"Apr 08, 2009 19:24:09",1239218649,"Jan 06, 2010 00:57:46",1262739466,"scarybea...@gmail.com",""
10736,"High","Area-Misc, BTW, Mstone-2.0, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","brettw@chromium.org","SkMask::computeImageSize() integer overflow","Mar 21, 2013 20:58:06",1363899486,"Apr 19, 2009 19:40:58",1240170058,"Apr 24, 2009 19:50:35",1240602635,"skylined@chromium.org",""
10869,"High","Cr-Internals, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","mal.chromium@gmail.com","Buffer overflow in browser process while de-serializing SkBitmap  (heap overwrite) ","Mar 21, 2013 20:58:06",1363899486,"Apr 23, 2009 01:17:23",1240449443,"Apr 24, 2009 03:01:32",1240542092,"cpu@chromium.org",""
10996,"Medium","Cr-Internals, M-5, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","nsylv...@chromium.org","Security: job object based restrictions no longer seem to be enforced","Mar 21, 2013 21:01:38",1363899698,"Apr 24, 2009 19:37:42",1240601862,"Jan 12, 2010 05:44:26",1263275066,"tav...@gmail.com",""
11205,"Low","Area-Misc, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cpu@chromium.org","CoInitialize called in renderer (before sandbox lockdown)","Mar 21, 2013 20:58:05",1363899485,"Apr 30, 2009 01:36:50",1241055410,"May 01, 2009 01:09:28",1241140168,"cpu@chromium.org",""
11308,"Medium","Cr-Blink, OS-All, Plugins, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","ana...@chromium.org","ReadAV [ARBITRARY]@chrome!NPAPI::PluginInstance::NPP_DestroyStream+0x111","Apr 06, 2013 02:48:40",1365216520,"May 01, 2009 14:37:49",1241188669,"May 06, 2009 23:55:48",1241654148,"skylined@chromium.org",""
11739,"High","Area-Misc, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","a...@chromium.org","V8Proxy::ToNativeObjectImpl  ASSERT(MaybeDOMWrapper(object));","Mar 21, 2013 20:58:04",1363899484,"May 11, 2009 14:16:14",1242051374,"May 12, 2009 13:44:04",1242135844,"skylined@chromium.org",""
11934,"High","Area-BrowserUI, M-3, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","dglazkov@chromium.org","Crash: Alert box in event listeners","Mar 21, 2013 20:58:04",1363899484,"May 14, 2009 02:04:25",1242266665,"Jun 05, 2009 00:42:33",1244162553,"sg.deve...@gmail.com",""
12142,"Low","Cr-Internals, OS-Windows, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Crash when proxy responds to CONNECT request with Content-Length: 0","Mar 21, 2013 20:58:04",1363899484,"May 18, 2009 05:06:00",1242623160,"May 18, 2009 22:53:33",1242687213,"abarth@chromium.org",""
12303,"Low","Cr-Internals, M-4, OS-All, Pri-3, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Size-Medium, Type-Bug-Security","Stable",,"","eroman@chromium.org","Chrome falls back to DIRECT connections once all proxies have failed.","Mar 21, 2013 20:58:03",1363899483,"May 20, 2009 03:22:59",1242789779,"Jan 06, 2010 19:40:08",1262806808,"eroman@chromium.org",""
12307,"Low","Cr-Blink, OS-All, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Size-Small, Type-Bug-Security","Stable",,"","abarth@chromium.org","Subtle mixed content bugs","Apr 06, 2013 02:47:48",1365216468,"May 20, 2009 06:07:00",1242799620,"Oct 16, 2009 08:24:52",1255681492,"abarth@chromium.org",""
12523,"Medium","Area-BrowserUI, Crash-2.0.172.28, M-4, OS-Windows, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","erg@chromium.org","Crash - Menu::RunMenuAt(int,int)","Mar 21, 2013 21:01:37",1363899697,"May 22, 2009 16:56:18",1243011378,"Jul 07, 2009 22:35:20",1247006120,"lafo...@chromium.org",""
12617,"Low","Area-Misc, OS-All, Pri-3, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Starting a hiden download can allow attacker to determine how long the browser stays open.","Mar 21, 2013 20:58:01",1363899481,"May 25, 2009 12:37:01",1243255021,"Oct 28, 2009 15:48:54",1256744934,"skylined@chromium.org",""
12810,"Low","Area-Misc, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","abarth@chromium.org","Renderer can crash browser through OOM using document.title","Mar 21, 2013 20:58:00",1363899480,"May 28, 2009 10:58:55",1243508335,"May 30, 2009 08:12:26",1243671146,"skylined@chromium.org",""
14508,"Critical","Cr-Internals, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security","Stable",,"","abarth@chromium.org","Security: browser crash with memmove() memory corruption upon large chunked encoding chunk size","Mar 21, 2013 21:08:13",1363900093,"Jun 18, 2009 04:05:26",1245297926,"Jun 18, 2009 05:00:00",1245301200,"scarybea...@gmail.com",""
14719,"High","Cr-Blink, JavaScript, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","erik.corry","Security: possible memory corruption in v8 regex execution engine","Apr 06, 2013 02:45:48",1365216348,"Jun 19, 2009 16:44:48",1245429888,"Jul 14, 2009 18:42:37",1247596957,"scarybea...@gmail.com",""
15556,"Low","Cr-Blink, M-5, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","abarth@chromium.org","innerHTML applies meta/link/title tags before getting commited.","Apr 06, 2013 02:45:05",1365216305,"Jun 29, 2009 04:05:44",1246248344,"Feb 24, 2010 23:22:40",1267053760,"sirdarckcat",""
15701,"Low","Cr-Blink, M-3, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security-Low, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","jshin@chromium.org","XSS issue due to the lack of support for  ISO-2022-KR","Apr 06, 2013 02:44:51",1365216291,"Jun 30, 2009 20:40:52",1246394452,"Sep 09, 2009 10:46:41",1252493201,"dpra...@chromium.org",""
15766,"Medium","Cr-Blink, M-5, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","abarth@chromium.org","Security: focus() selective keystroke redirection","Apr 06, 2013 02:44:47",1365216287,"Jul 01, 2009 19:52:31",1246477951,"May 05, 2010 21:51:26",1273096286,"lcam...@gmail.com",""
16413,"Medium","Cr-Blink, M-3, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security-Medium, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","darin@chromium.org","Security: Redirected XHR includes custom headers, CSRF risk","Apr 06, 2013 02:44:06",1365216246,"Jul 10, 2009 03:24:19",1247196259,"Jul 30, 2009 21:27:59",1248989279,"jack...@chromium.org",""
16535,"High","Area-Misc, M-5, OS-All, Pri-3, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","creis@chromium.org","Security: terminate busy loops on page transitions","Mar 21, 2013 20:57:56",1363899476,"Jul 11, 2009 17:32:10",1247333530,"Mar 17, 2010 17:08:15",1268845695,"lcam...@gmail.com",""
17655,"Low","Cr-Blink, M-8, OS-All, Pri-2, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","j...@chromium.org","Security: Bypass pop-up blocker using javascript: url in a pop-up.","Apr 06, 2013 02:42:39",1365216159,"Jul 24, 2009 11:13:40",1248434020,"Oct 18, 2010 21:19:38",1287436778,"skylined@chromium.org",""
18009,"Medium","Cr-Internals, M-3, OS-Windows, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","wtc@chromium.org","Security: Investigate NTLM reflection vulnerability","Mar 21, 2013 21:01:35",1363899695,"Jul 29, 2009 18:39:07",1248892747,"Sep 23, 2009 20:47:25",1253738845,"wtc@chromium.org",""
18639,"High","Area-Misc, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security-High, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Crash [@ 0xffffffff]","Mar 21, 2013 20:57:55",1363899475,"Aug 06, 2009 16:43:37",1249577017,"Aug 15, 2009 19:22:27",1250364147,"nth1...@gmail.com",""
19158,"High","Cr-Internals, M-3, OS-All, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","libxml2 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529","Mar 21, 2013 20:57:54",1363899474,"Aug 12, 2009 16:07:31",1250093251,"Aug 27, 2009 21:13:44",1251407624,"maruel@chromium.org",""
19340,"Low","Area-Extensions, Cr-Platform-Extensions, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Size-Medium, Type-Bug-Security","Stable",,"","a...@chromium.org"," file extension install without prompt","Mar 21, 2013 20:57:54",1363899474,"Aug 14, 2009 07:57:17",1250236637,"Aug 14, 2009 22:44:49",1250289889,"a...@chromium.org",""
19505,"Low","Cr-Internals, M-4, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Size-Medium, Type-Bug-Security","Stable",,"","abarth@chromium.org","Mixed content flash not causing mixed content warnings","Mar 21, 2013 20:57:53",1363899473,"Aug 17, 2009 17:09:12",1250528952,"Oct 17, 2009 00:20:36",1255738836,"ian.chromium@gmail.com",""
20233,"Low","Area-Misc, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cev...@chromium.org","Crash potentially due to resource exhaustion","Mar 21, 2013 20:57:52",1363899472,"Aug 25, 2009 18:01:36",1251223296,"Jan 08, 2010 00:13:21",1262909601,"sg.deve...@gmail.com",""
20318,"Low","Cr-UI, M-5, OS-All, Pri-3, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Security: do not auto-complete URLs with cloaked credentials","Mar 21, 2013 20:57:51",1363899471,"Aug 26, 2009 17:29:38",1251307778,"Mar 16, 2010 22:08:22",1268777302,"lcam...@gmail.com",""
20334,"Medium","Area-Misc, OS-All, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","phajdan.jr@chromium.org","Security: restrict IPs, ports for PASV ftp mode","Mar 21, 2013 21:01:34",1363899694,"Aug 26, 2009 19:55:03",1251316503,"Aug 31, 2009 19:30:02",1251747002,"lcam...@gmail.com",""
20450,"Low","Cr-Internals, LayoutTests, M-4, OS-All, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Size-Medium, Type-Bug-Security","Stable",,"","abarth@chromium.org","Chromium shouldn't allow XHR to local directories","Mar 21, 2013 20:57:50",1363899470,"Aug 27, 2009 23:12:20",1251414740,"Nov 24, 2009 21:46:22",1259099182,"jparent@chromium.org",""
21238,"Medium","Cr-Internals, M-3, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security-Medium, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","abarth@chromium.org","security: Content-Type: application/rss+xml being rendered as active content","Mar 21, 2013 21:01:33",1363899693,"Sep 07, 2009 22:41:03",1252363263,"Sep 07, 2009 23:30:22",1252366222,"chris.bi...@gmail.com",""
21242,"High","Cr-Blink, M-3, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","lafo...@chromium.org","Merge webkit.org@48142 to mstone-3","Apr 06, 2013 02:39:08",1365215948,"Sep 08, 2009 01:59:25",1252375165,"Sep 09, 2009 01:51:32",1252461092,"abarth@chromium.org",""
21338,"High","Cr-Blink, M-3, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Reward-500, Security, Security-High, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",500,"accept","lafo...@chromium.org","Same Origin Policy Bypass via getSVGDocument() method.","Apr 06, 2013 02:39:04",1365215944,"Sep 09, 2009 01:24:43",1252459483,"Sep 10, 2009 02:56:32",1252551392,"isaac.da...@gmail.com",""
21354,"Low","Cr-Internals, M-4, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Size-Medium, Type-Bug-Security","Stable",,"","jshin@chromium.org","ISO-2022-CN and ISO-2022-CN-Ext are not supported leading to a potential XSS attack","Mar 21, 2013 20:57:49",1363899469,"Sep 09, 2009 10:50:28",1252493428,"Jan 05, 2010 00:42:59",1262652179,"jshin@chromium.org",""
21770,"High","Area-Misc, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Security: ParseFTPList buffer fencepost, integer underflow","Mar 21, 2013 20:57:49",1363899469,"Sep 14, 2009 17:15:53",1252948553,"Sep 22, 2009 16:42:48",1253637768,"lcam...@gmail.com",""
21771,"High","Area-Misc, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Security: ParseFTPList integer underflow","Mar 21, 2013 20:57:49",1363899469,"Sep 14, 2009 17:19:09",1252948749,"Sep 22, 2009 16:50:46",1253638246,"lcam...@gmail.com",""
22115,"High","Cr-Blink, M-3, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Size-Medium, Type-Bug-Security","Stable",,"","abarth@chromium.org","Two pages munged together if an anchor is clicked during unload","Apr 06, 2013 02:38:36",1365215916,"Sep 17, 2009 08:06:42",1253174802,"Sep 21, 2009 02:36:17",1253500577,"darin@chromium.org",""
23188,"Low","Area-BuildTools, M-4, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","micha...@chromium.org","Gears DLL is not marked at NX compatible","Mar 21, 2013 20:57:48",1363899468,"Sep 27, 2009 01:46:38",1254015998,"Oct 26, 2009 07:37:38",1256542658,"cpu@chromium.org",""
23189,"Low","Area-Misc, HTML5, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, Video","Stable",,"","","avcodec-52.dll is not marked NX, SafeSEH or DBCompat","Mar 21, 2013 20:57:48",1363899468,"Sep 27, 2009 01:54:54",1254016494,"Oct 06, 2009 00:23:31",1254788611,"cpu@chromium.org",""
23693,"Low","Area-Misc, M-4, OS-All, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","jsc...@chromium.org","Security: sanitize URLs better before creating desktop shortcuts","Mar 21, 2013 20:57:47",1363899467,"Oct 02, 2009 22:43:29",1254523409,"Dec 30, 2009 20:20:28",1262204428,"lcam...@gmail.com",""
23979,"Medium","Cr-Internals, M-3, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","abarth@chromium.org","Security: add other common HTML extensions to the dangerous extensions list","Mar 21, 2013 21:01:31",1363899691,"Oct 06, 2009 20:36:46",1254861406,"Oct 08, 2009 07:27:43",1254986863,"lcam...@gmail.com",""
24375,"Medium","Area-Misc, OS-All, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","","Unbounded read (possible write) in SDCH header parsing","Mar 21, 2013 21:01:31",1363899691,"Oct 08, 2009 23:19:56",1255043996,"Oct 12, 2009 23:43:08",1255390988,"jschuh+legacy@google.com",""
24486,"Medium","Area-Misc, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","cev...@chromium.org","Chrome does not checksum downloaded .bdic files; Leads to crashes, possible exploits.","Mar 21, 2013 21:01:31",1363899691,"Oct 09, 2009 23:48:58",1255132138,"Oct 19, 2009 22:55:02",1255992902,"breakf...@gmail.com",""
24646,"High","Cr-Blink, M-4, OS-All, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","jsc...@chromium.org","Security: Skia memory corruption with x<0 in SkA*_Blitter::blitH","Apr 06, 2013 02:36:07",1365215767,"Oct 12, 2009 19:05:39",1255374339,"Dec 01, 2009 10:49:33",1259664573,"berendjanwever",""
24733,"Critical","Area-Misc, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security","Stable",,"","","Browser crash in icu processing text from Japanese page","Mar 21, 2013 21:08:13",1363900093,"Oct 13, 2009 19:06:21",1255460781,"Oct 26, 2009 07:46:32",1256543192,"scarybea...@gmail.com",""
26129,"High","Area-Misc, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Reward-500, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security","None",500,"accept","","Security: MSVR report: Chrome Frame allows x-domain data theft in IE","Mar 21, 2013 20:48:30",1363898910,"Oct 28, 2009 20:52:25",1256763145,"Oct 29, 2009 14:39:13",1256827153,"su...@chromium.org",""
26179,"Critical","Area-Misc, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security","Stable",,"","","Security: Chromium bug for gears fts2 security vulnerability","Mar 21, 2013 21:08:13",1363900093,"Oct 29, 2009 03:49:10",1256788150,"Oct 29, 2009 03:49:31",1256788171,"scarybea...@gmail.com",""
26585,"High","Cr-Internals, Internals-Plugins, M-4, OS-Mac, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","ama...@chromium.org","Security: Flash does not lose focus, which allows things like key logging","Mar 21, 2013 20:57:45",1363899465,"Nov 03, 2009 14:25:12",1257258312,"Nov 20, 2009 19:26:44",1258745204,"jonat...@hogervorst.info",""
27916,"Low","Cr-Internals, OS-All, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","jsc...@chromium.org","Bounds error in skAlphaRuns causes renderer hang","Mar 21, 2013 20:57:44",1363899464,"Nov 17, 2009 00:27:24",1258417644,"Dec 10, 2009 15:19:51",1260458391,"jsc...@chromium.org",""
28250,"High","Area-Misc, OS-Linux, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","a...@chromium.org","Chrome/chromium crash in Skia (memset) due to excessive stroke","Mar 21, 2013 20:57:44",1363899464,"Nov 19, 2009 17:03:23",1258650203,"Nov 23, 2009 22:14:37",1259014477,"robert.s...@gmail.com",""
28360,"Low","Cr-Blink, M-5, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","ham...@chromium.org","Security: Chromium/chrome crash in WebCore::RenderMarquee::computePosition","Apr 06, 2013 02:33:20",1365215600,"Nov 20, 2009 16:33:05",1258734785,"Dec 21, 2009 07:21:51",1261380111,"robert.s...@gmail.com",""
28449,"High","Cr-Blink, Mstone-4.1, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","senorbla...@chromium.org","Linear gradient on a table row crashes Chromium","Apr 06, 2013 02:33:17",1365215597,"Nov 21, 2009 02:19:11",1258769951,"Jan 15, 2010 03:39:49",1263526789,"scherkus@chromium.org",""
28566,"High","Cr-Blink, M-4, OS-All, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","pkasting@chromium.org","Security: Crash when opening a corrupted GIF image","Apr 06, 2013 02:33:12",1365215592,"Nov 23, 2009 14:44:59",1258987499,"Jan 05, 2010 23:24:47",1262733887,"robert.s...@gmail.com",""
28574,"High","Area-Misc, OS-Linux, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Security: Memory corruption in  WebCore::ResourceLoader","Mar 21, 2013 20:57:43",1363899463,"Nov 23, 2009 15:44:38",1258991078,"Jan 05, 2010 16:16:40",1262708200,"robert.s...@gmail.com",""
28582,"Medium","Area-Misc, M-4, OS-All, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","a...@chromium.org","Out-of-bounds read in memcpy() upon one line CSS - sometimes OOM too","Mar 21, 2013 21:01:30",1363899690,"Nov 23, 2009 17:55:57",1258998957,"Dec 18, 2009 16:50:01",1261155001,"robert.s...@gmail.com",""
28798,"Medium","Cr-Internals, Mstone-4.1, OS-Windows, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","nsylv...@chromium.org","[MD audit] [Window Sandbox] Integrity Level Race Condition","Mar 21, 2013 21:01:30",1363899690,"Nov 25, 2009 19:26:22",1259177182,"Feb 01, 2010 22:32:15",1265063535,"cpu@chromium.org",""
28804,"Medium","Cr-Internals, Mstone-4.1, OS-Windows, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","rvargas@chromium.org","[MD audit] [Window Sandbox] PreProcessName() Race Condition","Mar 21, 2013 21:01:30",1363899690,"Nov 25, 2009 19:32:25",1259177545,"Jan 28, 2010 21:51:48",1264715508,"cpu@chromium.org",""
28811,"High","Cr-Blink, Cr-UI-Notifications, M-4, OS-All, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","john...@chromium.org","Security: WebKit Bug 31886 - Notification::Notification m_presenter reuse of freed memory","Apr 06, 2013 02:33:00",1365215580,"Nov 25, 2009 20:53:04",1259182384,"Dec 15, 2009 21:08:35",1260911315,"skylined@chromium.org",""
28880,"Low","Area-Misc, M-4, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Security: Crash in WebCore/platform/graphics/chromium/FontLinux.cpp:355 (WebCore::TextRunWalker::setupFontForScriptRun)","Mar 21, 2013 20:57:41",1363899461,"Nov 27, 2009 00:05:12",1259280312,"Dec 17, 2009 19:21:27",1261077687,"robert.s...@gmail.com",""
29577,"High","Cr-Blink, M-4, OS-All, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","yusukes@chromium.org","Crash on complicated @font-face rule","Apr 06, 2013 02:32:13",1365215533,"Dec 07, 2009 16:53:07",1260204787,"Dec 16, 2009 01:18:10",1260926290,"yusukes@chromium.org",""
29645,"Medium","Area-BrowserUI, Cr-Blink, Cr-UI-Browser-Autofill, Mstone-X, OS-All, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","zelidrag@chromium.org","Prevent exposing autocomplete values via Javascript","Apr 06, 2013 02:32:11",1365215531,"Dec 08, 2009 00:25:55",1260231955,"Dec 16, 2009 19:03:47",1260990227,"zelidrag@chromium.org",""
29828,"High","Area-Misc, M-4, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Security: sandbox bypass due to directory traversal opening Web Database files","Mar 21, 2013 20:57:40",1363899460,"Dec 09, 2009 05:08:13",1260335293,"Dec 15, 2009 16:41:23",1260895283,"cev...@chromium.org",""
29854,"High","Cr-Blink, M-4, OS-All, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Security: WebKit Bug 32316 - WebCore::RenderObject::arenaDelete ExecAV@??? (292164e5b2ee939ff3ddf062439c2a3e)","Apr 06, 2013 02:32:02",1365215522,"Dec 09, 2009 10:31:29",1260354689,"Dec 17, 2009 00:32:07",1261009927,"skylined@chromium.org",""
29914,"Low","Cr-Internals, M-4, OS-All, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","eroman@chromium.org","DNS queries not forwarded through SOCKS v5 proxies","Mar 21, 2013 20:57:39",1363899459,"Dec 09, 2009 21:11:47",1260393107,"May 28, 2010 19:41:27",1275075687,"Christop...@gmail.com",""
29920,"Low","Cr-Internals, M-4, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","jap...@chromium.org","Referer: header is sent when redirect from https to http","Mar 21, 2013 20:57:38",1363899458,"Dec 09, 2009 21:43:24",1260395004,"Dec 18, 2009 05:00:49",1261112449,"jap...@chromium.org",""
29932,"Low","Area-Misc, M-4, OS-All, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","ukai@chromium.org","Security: Websockets - malformed URL freezes browser","Mar 21, 2013 20:57:38",1363899458,"Dec 09, 2009 22:54:06",1260399246,"Dec 17, 2009 04:50:27",1261025427,"Mario.He...@googlemail.com",""
30079,"Medium","Cr-UI-Browser-SafeBrowsing, M-5, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","","Security SafeBrowsingService pure virtual function call and memory corruption","Mar 21, 2013 21:01:29",1363899689,"Dec 11, 2009 09:21:31",1260523291,"Mar 19, 2010 00:58:00",1268960280,"skylined@chromium.org",""
30146,"High","Cr-Platform-Extensions, M-4, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","rafaelw@chromium.org","chrome.tabs.executeScriptInTab allows running script in the gallery","Mar 21, 2013 20:57:37",1363899457,"Dec 11, 2009 20:20:22",1260562822,"Dec 24, 2009 00:26:01",1261614361,"a...@chromium.org",""
30510,"Low","Area-Misc, M-4, OS-All, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cev...@chromium.org","Security: invalid pointer access when calling HTML5 Web Database REGEXP() function with just one argument","Mar 21, 2013 20:57:35",1363899455,"Dec 15, 2009 22:35:16",1260916516,"Dec 16, 2009 21:37:57",1260999477,"scarybea...@gmail.com",""
30525,"High","Cr-Blink, M-4, OS-All, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Merge HTMLParser security fix from WebKit","Apr 06, 2013 02:31:43",1365215503,"Dec 16, 2009 00:56:17",1260924977,"Dec 17, 2009 00:03:30",1261008210,"abarth@chromium.org",""
30660,"High","Area-Misc, OS-All, Pri-0, Restrict-AddIssueComment-Commit, Reward-1000, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",1000,"accept","abarth@chromium.org","window.open() Method Javascript Same-Origin Policy Violation","Mar 21, 2013 20:57:35",1363899455,"Dec 17, 2009 07:16:27",1261034187,"Dec 20, 2009 07:24:31",1261293871,"tokuji.a...@gmail.com",""
30682,"Medium","Cr-Internals, M-5, OS-Mac, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","wtc@chromium.org","Disable the null encryption and weak encryption TLS/SSL cipher suites","Mar 21, 2013 21:01:28",1363899688,"Dec 17, 2009 16:51:49",1261068709,"Jan 15, 2010 18:49:49",1263581389,"wtc@chromium.org",""
30937,"Medium","Area-Feature, Cr-Platform-Extensions, M-4, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","a...@chromium.org","Possible to execute script on unpermitted domains using chrome.tabs.executeScript()","Mar 21, 2013 21:01:28",1363899688,"Dec 21, 2009 20:41:23",1261428083,"Jan 07, 2010 05:49:26",1262843366,"a...@chromium.org",""
31009,"High","Mstone-4.1, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","lrn%chro...@gtempaccount.com","[MD audit] [V8]: integer errors lead to dangerous crashes in memory allocators","Mar 21, 2013 20:57:33",1363899453,"Dec 22, 2009 20:05:30",1261512330,"Jan 15, 2010 13:47:42",1263563262,"scarybea...@gmail.com",""
31293,"Low","Cr-Blink, Cr-Internals-Media, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, ffmpeg","Stable",,"","fbarch...@chromium.org","Audio TAG MP3 plays noise burst at beginning","Apr 06, 2013 02:31:02",1365215462,"Dec 29, 2009 20:53:24",1262120004,"Feb 12, 2010 23:34:17",1266017657,"isocket...@gmail.com",""
31307,"High","M-4, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","[MD audit] [RPC] More errors deserializing SkBitmaps!!","Mar 21, 2013 20:57:32",1363899452,"Dec 30, 2009 02:42:22",1262140942,"Dec 30, 2009 05:33:46",1262151226,"scarybea...@gmail.com",""
31517,"Low","Cr-Internals, M-4, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cev...@chromium.org","ChildProcessSecurityPolicy::CanRequestURL recusion stack exhaustion in URL parsing with nested protocols","Mar 21, 2013 20:57:32",1363899452,"Jan 04, 2010 16:32:37",1262622757,"Jan 06, 2010 02:47:28",1262746048,"anton.ki...@gmail.com",""
31542,"High","Cr-Blink, M-4, Pri-2, ReleaseBlock-Beta, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Use after free crash in RTL text handling","Apr 06, 2013 02:30:50",1365215450,"Jan 04, 2010 20:44:09",1262637849,"Jan 04, 2010 21:38:52",1262641132,"jamesr@chromium.org",""
31568,"High","Cr-Blink, Mstone-4.1, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Need to merge WebKit fix for ZDI-CAN-632 to Beta branch","Apr 06, 2013 02:30:48",1365215448,"Jan 05, 2010 01:56:13",1262656573,"Feb 17, 2010 02:49:30",1266374970,"scarybea...@gmail.com",""
31692,"High","Cr-Blink, Cr-Content-Core, Mstone-4.1, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","rolandsteiner.chromium@gmail.com","Bug 33266 - WebCore::InlineFlowBox::determineSpacingForFlowBoxes ReadAV@NULL (43c64e8abbda6766e5f5edbd254c2d57)","Apr 06, 2013 02:30:41",1365215441,"Jan 06, 2010 20:34:53",1262810093,"Jan 26, 2010 07:48:47",1264492127,"skylined@chromium.org",""
31880,"High","Cr-Internals, Mstone-4.1, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","ana...@chromium.org","[MD audit] [plugins] Sandbox Violation: Raw pointer from renderer manipulated in plugin process","Mar 21, 2013 20:57:30",1363899450,"Jan 09, 2010 05:31:30",1263015090,"Jan 20, 2010 07:23:00",1263972180,"jsc...@chromium.org",""
32309,"Medium","Mstone-4.1, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","abarth@chromium.org","Stylesheet URL property leaks redirection target","Mar 21, 2013 21:01:27",1363899687,"Jan 14, 2010 22:57:54",1263509874,"Jan 21, 2010 07:40:58",1264059658,"scarybea...@gmail.com",""
32455,"High","M-4, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","ValidityState can hold a stale pointer to control","Mar 21, 2013 20:57:29",1363899449,"Jan 16, 2010 07:28:34",1263626914,"Jan 16, 2010 23:11:12",1263683472,"abarth@chromium.org",""
32718,"Medium","Pri-0, Restrict-AddIssueComment-Commit, Reward-500, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-decline","Stable",500,"decline","tim@chromium.org","Security: Cross-domain bug in password manager","Mar 21, 2013 21:01:26",1363899686,"Jan 20, 2010 18:27:22",1264012042,"Jan 22, 2010 01:40:05",1264124405,"0adian0@gmail.com",""
32915,"High","OS-Windows, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cpu@chromium.org","[MD audit] [Window Sandbox] CrossCallParamsEx::CreateFromBuffer() integer overflow","Mar 21, 2013 20:57:28",1363899448,"Jan 22, 2010 21:25:31",1264195531,"Jan 23, 2010 02:40:05",1264214405,"cpu@chromium.org",""
33053,"High","Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Use of stale HTMLImageElement pointer in JSHTMLFormElement::nameGetter","Mar 21, 2013 20:57:28",1363899448,"Jan 25, 2010 10:55:57",1264416957,"Jan 26, 2010 11:21:49",1264504909,"abarth@chromium.org",""
33445,"Low","Cr-Blink, Mstone-4.1, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cev...@chromium.org","STS design questions around probing what sites a user has been to","Apr 06, 2013 02:28:40",1365215320,"Jan 28, 2010 23:25:58",1264721158,"Feb 23, 2010 22:03:02",1266962582,"teddyl...@gmail.com",""
33572,"Medium","Cr-UI, Cr-UI-Browser-SafeBrowsing, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","eroman@chromium.org"," are allowed to initiate downloads without user intervention.","Mar 21, 2013 21:01:25",1363899685,"Jan 29, 2010 21:38:15",1264801095,"Feb 27, 2010 09:42:24",1267263744,"mike.dou...@gmail.com",""
33664,"Low","Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","abarth@chromium.org","XSS Filter can disable legitimate code, creating vulnerabilities in otherwise safe webpages","Mar 21, 2013 20:57:27",1363899447,"Jan 30, 2010 02:55:58",1264820158,"Mar 02, 2010 22:25:15",1267568715,"tste...@gmail.com",""
33876,"Low","Cr-Blink, M-5, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","jor...@chromium.org","Security: LocalStorage Cross Domain Denial of Service Attack","Apr 06, 2013 02:28:28",1365215308,"Jan 31, 2010 07:54:44",1264924484,"Mar 09, 2010 06:16:45",1268115405,"inferno...@gmail.com",""
33952,"Low","Cr-UI, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cev...@chromium.org","Infinite redirects with long URL can cause browser process OOM.","Mar 21, 2013 20:57:26",1363899446,"Jan 31, 2010 23:05:15",1264979115,"Apr 01, 2010 05:53:17",1270101197,"charlie....@gmail.com",""
34135,"High","Cr-UI, Cr-UI-Browser-TabStrip, M-9, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","sky@chromium.org","Browser process crash (CHECK failure) in TabStripModel::GetContentsAt(int) const","Mar 21, 2013 20:57:26",1363899446,"Feb 01, 2010 23:52:04",1265068324,"Feb 02, 2011 19:46:58",1296676018,"huanr@chromium.org",""
34414,"Low","Cr-Blink, M-7, Pri-3, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","j...@chromium.org","Regression:m7: Chrome Popup Blocker ByPass","Apr 06, 2013 02:28:10",1365215290,"Feb 03, 2010 08:52:02",1265187122,"Sep 03, 2010 18:34:48",1283538888,"inferno...@gmail.com",""
34495,"High","Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Crash in XMLTokenizer::popCurrentNode if window.close() is called during parsing [CVE-2010-0048]","Mar 21, 2013 20:57:25",1363899445,"Feb 03, 2010 22:02:09",1265234529,"Oct 05, 2011 01:37:37",1317778657,"scarybea...@gmail.com",""
34498,"High","Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Navigating to a cached page can result in accessing a destroyed HTMLInputElement [CVE-2010-0052]","Mar 21, 2013 20:57:25",1363899445,"Feb 03, 2010 22:15:04",1265235304,"Oct 05, 2011 01:37:37",1317778657,"scarybea...@gmail.com",""
34721,"Low","Cr-UI, M-5, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, bulkmove","Stable",,"","pkasting@chromium.org","Long string in alert() 100% CPU DoS","Mar 21, 2013 20:57:24",1363899444,"Feb 05, 2010 08:22:12",1265358132,"Apr 19, 2010 16:04:16",1271693056,"ramazanb...@gmail.com",""
34978,"High","Cr-Blink, Mstone-4.1, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-Commit, Reward-500, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",500,"accept","esei...@chromium.org","WebCore::Document::recalcStyleSelector+0x7c","Apr 06, 2013 02:27:57",1365215277,"Feb 08, 2010 08:27:11",1265617631,"Feb 20, 2010 05:50:33",1266645033,"woo...@gmail.com",""
35079,"High","Mstone-4.1, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Stale pointer in WebKit with captions","Mar 21, 2013 20:57:23",1363899443,"Feb 09, 2010 02:12:03",1265681523,"Feb 11, 2010 00:25:53",1265847953,"scarybea...@gmail.com",""
35168,"Low","Cr-Stability, Cr-UI, M-5, OS-Chrome, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Crash when clicking long URL with unknown scheme","Mar 21, 2013 20:57:23",1363899443,"Feb 09, 2010 19:48:14",1265744894,"Mar 29, 2010 22:10:37",1269900637,"derat@chromium.org",""
35366,"High","Cr-Blink, M-5, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","dglazkov@chromium.org","[MD audit] DOM tree node reference errors when manipulating DOM tree inside certain callbacks","Apr 06, 2013 02:27:35",1365215255,"Feb 11, 2010 04:09:32",1265861372,"Jul 12, 2010 21:11:38",1278969098,"scarybea...@gmail.com",""
35724,"High","Cr-Blink, Mstone-4.1, Pri-0, Restrict-AddIssueComment-Commit, Reward-1337, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",1337,"accept","cev...@chromium.org","Integer overflow in webGL","Apr 06, 2013 02:27:22",1365215242,"Feb 14, 2010 14:31:57",1266157917,"Mar 02, 2010 22:42:02",1267569722,"serg.gla...@gmail.com",""
35732,"High","Cr-UI, Pri-0, Restrict-AddIssueComment-Commit, Reward-500, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security","None",500,"accept","pkasting@chromium.org","Security: Renderer segfault when a malformed png file is loaded.","Mar 21, 2013 20:48:17",1363898897,"Feb 14, 2010 16:26:45",1266164805,"Feb 22, 2010 23:26:34",1266881194,"aohelin",""
35979,"Low","Area-libxml, M-5, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cev...@chromium.org","Security: Opening a malformed XML file causes a segmentation fault in xmlParseGetLasts.","Mar 21, 2013 20:57:22",1363899442,"Feb 17, 2010 07:02:39",1266390159,"Mar 23, 2010 22:33:12",1269383592,"aohelin",""
36277,"Medium","Cr-UI, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","","Passwords may be easily seen.","Mar 21, 2013 21:01:21",1363899681,"Feb 19, 2010 18:35:21",1266604521,"Mar 09, 2010 22:58:10",1268175490,"igascr...@gmail.com",""
36772,"Medium","Cr-UI, Mstone-4.1, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","infe...@chromium.org","Security: HTTP AUTH dialog spoofing using long subdomains (Windows Only)","Mar 21, 2013 21:01:21",1363899681,"Feb 25, 2010 09:36:28",1267090588,"Mar 05, 2010 16:55:31",1267808131,"inferno...@gmail.com",""
36774,"Low","Cr-Internals, Cr-UI-Browser-SafeBrowsing, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","The 1 second timeout on safebrowsing get hash might be exploitable","Mar 21, 2013 20:57:20",1363899440,"Feb 25, 2010 10:23:53",1267093433,"Mar 24, 2010 03:39:44",1269401984,"eroman@chromium.org",""
36976,"Low","Cr-Blink, Cr-Content-Core, M-5, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cev...@chromium.org","WebCore::SVGAnimationElement::calculatePercentFromKeyPoints ReadAV@NULL (00939658970e30ddcc2953e88ebb851d)","Apr 06, 2013 02:26:10",1365215170,"Feb 27, 2010 09:00:09",1267261209,"Mar 19, 2010 19:36:21",1269027381,"aohelin",""
37007,"Medium","Cr-Internals, Cr-Internals-Network, Cr-UI-Browser-Downloads, Mstone-4.1, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","jsc...@chromium.org","Bypass unsafe file types dialog using extra dots at end of file name.","Mar 21, 2013 21:01:20",1363899680,"Feb 28, 2010 04:13:56",1267330436,"Mar 03, 2010 06:50:47",1267599047,"kuz...@gmail.com",""
37061,"High","Cr-Blink, Mstone-4.1, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-Commit, Reward-500, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security","None",500,"accept","mal@chromium.org","WebCore::SVGUseElement::updateContainerOffsets ExecAV@Arbitrary (1dc75f12fe3750aa1828ea20506a5d54)","Apr 06, 2013 02:26:07",1365215167,"Mar 01, 2010 10:18:48",1267438728,"Mar 06, 2010 07:35:47",1267860947,"aohelin",""
37184,"Medium","Cr-Blink, Cr-Internals-Media, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","scherkus@chromium.org","Security: ff_vorbis_floor1_render_list ReadAV@Arbitrary (multiple stacks)","Apr 06, 2013 02:26:03",1365215163,"Mar 02, 2010 08:40:19",1267519219,"Apr 01, 2010 00:12:23",1270080743,"berendjanwever",""
37201,"Medium","Cr-UI, Cr-UI-Browser-Omnibox, M-6, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","jshin@chromium.org","Omnibox visual spoofing with Japanese Maru","Mar 21, 2013 21:01:19",1363899679,"Mar 02, 2010 18:10:58",1267553458,"Jul 27, 2010 22:05:43",1280268343,"chris@casaba.com",""
37310,"High","Cr-Blink, Cr-Internals-Media, M-5, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","scherkus@chromium.org","Crash in media::FFmpegDemuxer::~FFmpegDemuxer()","Apr 06, 2013 02:25:55",1365215155,"Mar 03, 2010 17:03:08",1267635788,"Mar 23, 2010 22:42:44",1269384164,"thestig@chromium.org",""
37383,"High","Cr-Internals, Cr-Internals-Core, Mstone-4.1, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-Commit, Reward-1000, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",1000,"accept","jsc...@chromium.org","javascript: url with a leading NULL byte can bypass cross origin protection.","Mar 21, 2013 20:57:17",1363899437,"Mar 04, 2010 07:28:45",1267687725,"Mar 11, 2010 03:54:19",1268279659,"kuz...@gmail.com",""
37447,"Low","Cr-Internals, M-5, OS-Windows, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","secur...@chromium.org","Google Chrome OCX Automatic Download","Mar 21, 2013 20:57:17",1363899437,"Mar 04, 2010 22:37:09",1267742229,"Mar 07, 2010 04:42:06",1267936926,"jconsult...@gmail.com",""
37826,"High","Mstone-4.1, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Need to merge fix for https://bugs.webkit.org/show_bug.cgi?id=35621 / ZDI-CAN-688","Mar 21, 2013 20:57:17",1363899437,"Mar 10, 2010 06:25:08",1268202308,"Mar 10, 2010 06:49:18",1268203758,"scarybea...@gmail.com",""
37827,"High","Mstone-4.1, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Need to merge fix for https://bugs.webkit.org/show_bug.cgi?id=35598 / ZDI-CAN-704","Mar 21, 2013 20:57:16",1363899436,"Mar 10, 2010 06:54:16",1268204056,"Mar 10, 2010 07:06:48",1268204808,"scarybea...@gmail.com",""
38512,"Low","Cr-Internals, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","a...@chromium.org","libpng < (1.4.1|1.2.43) suffer DoS issues (CVE-2010-0205)","Mar 21, 2013 20:57:16",1363899436,"Mar 18, 2010 15:18:49",1268925529,"Mar 18, 2010 18:29:39",1268936979,"a...@chromium.org",""
38550,"Low","Cr-Internals, Cr-Internals-Network, M-5, OS-Mac, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","s...@chromium.org","Mac: Don't send client cert before verifying received server cert","Mar 21, 2013 20:57:16",1363899436,"Mar 18, 2010 21:23:46",1268947426,"Mar 19, 2010 23:17:50",1269040670,"s...@chromium.org",""
38845,"Low","Cr-Internals, Cr-Internals-Network, Mstone-4.1, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Out of bounds array read in FTP network transaction","Mar 21, 2013 20:57:15",1363899435,"Mar 21, 2010 20:54:08",1269204848,"Mar 22, 2010 01:05:13",1269219913,"tk.chromium@googlemail.com",""
38920,"Medium","Cr-Internals, Cr-Platform-Extensions, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","jochen@chromium.org","extensions can circumvent access restrictions by over-writing chromeHidden.event.dispatchJSON","Mar 21, 2013 21:01:18",1363899678,"Mar 22, 2010 18:57:07",1269284227,"Mar 24, 2010 21:17:58",1269465478,"jochen@chromium.org",""
39047,"High","Mstone-4.1, Pri-0, Restrict-AddIssueComment-Commit, Reward-1000, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",1000,"accept","jsc...@chromium.org","Cross-origin bypass","Mar 21, 2013 20:57:15",1363899435,"Mar 23, 2010 16:38:53",1269362333,"Mar 29, 2010 04:09:41",1269835781,"serg.gla...@gmail.com",""
39277,"Low","M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Browser GDI crash with excessive downloads.","Mar 21, 2013 20:57:14",1363899434,"Mar 25, 2010 04:33:36",1269491616,"Mar 29, 2010 22:34:47",1269902087,"kuz...@gmail.com",""
39303,"Low","Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","jsc...@chromium.org","icudt42.dll does not support ASLR(on Win7/Vista)","Mar 21, 2013 20:57:14",1363899434,"Mar 25, 2010 14:31:21",1269527481,"Mar 26, 2010 17:13:35",1269623615,"radu.sta...@gmail.com",""
39443,"High","Mstone-4.1, Pri-2, Restrict-AddIssueComment-Commit, Reward-500, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",500,"accept","cev...@chromium.org","crash with form tag","Mar 21, 2013 20:57:14",1363899434,"Mar 26, 2010 11:58:30",1269604710,"Mar 30, 2010 00:45:48",1269909948,"kuz...@gmail.com",""
39660,"High","Mstone-4.1, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Need to merge fix for CSSPrimitiveValue::setFloatValue() type confusion error","Mar 21, 2013 20:57:13",1363899433,"Mar 29, 2010 04:30:52",1269837052,"Mar 29, 2010 04:53:51",1269838431,"scarybea...@gmail.com",""
39698,"High","Cr-Blink, Mstone-4.1, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","jsc...@chromium.org","Security: Synchronous preflight XHR allows arbitrary XSRF ","Apr 06, 2013 02:24:04",1365215044,"Mar 29, 2010 16:23:01",1269879781,"Apr 05, 2010 01:21:22",1270430482,"me...@google.com",""
39740,"Medium","Cr-Internals, Cr-Privacy, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","cev...@chromium.org","Plugins are not always blocked by content settings","Mar 21, 2013 21:01:18",1363899678,"Mar 29, 2010 22:19:23",1269901163,"Apr 07, 2010 03:06:18",1270609578,"darin@chromium.org",""
39861,"Medium","Mstone-4.1, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","cev...@chromium.org","Cross-origin image theft via SVGs as a canvas pattern","Mar 21, 2013 21:01:18",1363899678,"Mar 30, 2010 17:56:42",1269971802,"Mar 30, 2010 23:01:55",1269990115,"scarybea...@gmail.com",""
39985,"High","Cr-Blink, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jsc...@chromium.org","Cross-origin bypass: Javascript URL can be set in iframe.src via numerous DOM aliases (via Node and NamedNodeMap)","Apr 06, 2013 02:23:47",1365215027,"Mar 31, 2010 14:33:44",1270046024,"May 23, 2010 16:16:47",1274631407,"jsc...@chromium.org",""
40136,"Medium","Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","infe...@chromium.org","Security: Path Traversal in Devtools","Mar 21, 2013 21:01:17",1363899677,"Apr 01, 2010 20:16:13",1270152973,"Apr 03, 2010 01:17:35",1270257455,"tav...@gmail.com",""
40137,"Medium","Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","infe...@chromium.org","Security: XSS in net-internals","Mar 21, 2013 21:01:17",1363899677,"Apr 01, 2010 20:17:49",1270153069,"Apr 01, 2010 22:46:23",1270161983,"tav...@gmail.com",""
40138,"High","Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Security: XSS in chrome://downloads","Mar 21, 2013 20:57:11",1363899431,"Apr 01, 2010 20:18:45",1270153125,"Apr 02, 2010 00:12:59",1270167179,"tav...@gmail.com",""
40147,"Low","Cr-UI, M-5, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Security: XSS issue in the FTP parser","Mar 21, 2013 20:57:11",1363899431,"Apr 01, 2010 22:35:27",1270161327,"Apr 06, 2010 03:44:32",1270525472,"robert.s...@gmail.com",""
40445,"High","Cr-Blink, M-5, Pri-0, Restrict-AddIssueComment-EditIssue, Reward-1000, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",1000,"accept","infe...@chromium.org"," on JAVASCRIPT URI ","Apr 06, 2013 02:23:27",1365215007,"Apr 05, 2010 19:45:36",1270496736,"Apr 08, 2010 20:13:21",1270757601,"jconsult...@gmail.com",""
40487,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","jsc...@chromium.org","<video> inside <foreignObject> inside <svg> inside <img> --> crash","Apr 06, 2013 02:23:23",1365215003,"Apr 05, 2010 23:29:01",1270510141,"Apr 21, 2010 01:30:24",1271813424,"bl...@google.com",""
40575,"Medium","Cr-Internals, M-4, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","brettw@chromium.org","An HTTP page loaded quickly after NTP can gain DOMUI bindings privilege","Mar 21, 2013 21:01:17",1363899677,"Apr 06, 2010 19:32:11",1270582331,"Apr 07, 2010 21:28:06",1270675686,"eroman@chromium.org",""
40605,"Low","Chrome-only, Cr-Internals, Cr-UI-Browser-SafeBrowsing, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Redirecting to a data URI without a / in the data section crashes the entire browser","Mar 21, 2013 20:57:09",1363899429,"Apr 06, 2010 23:55:24",1270598124,"Jun 02, 2010 14:38:45",1275489525,"ric...@gmail.com",""
40628,"Low","Cr-Internals, Cr-Internals-Core, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","darin@chromium.org","WebKit: WebCore::PageGroupLoadDeferrer::PageGroupLoadDeferrer ReadAV@NULL (7a3291a05aead0cc3a4bc8a6b440d145)","Mar 21, 2013 20:57:09",1363899429,"Apr 07, 2010 08:54:45",1270630485,"Apr 27, 2010 06:32:05",1272349925,"skylined@chromium.org",""
40635,"High","Cr-Blink, Cr-Blink-JavaScript, Mstone-4.1, Pri-0, Restrict-AddIssueComment-Commit, Reward-500, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",500,"accept","","Security: v8: WebKitPoint() memory corruption","Apr 06, 2013 03:28:10",1365218890,"Apr 07, 2010 09:46:55",1270633615,"Apr 07, 2010 20:08:25",1270670905,"skylined@chromium.org",""
40801,"Low","Cr-Internals, M-5, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","OOB Array Indexing Bug","Mar 21, 2013 20:57:08",1363899428,"Apr 08, 2010 16:17:09",1270743429,"Apr 08, 2010 17:27:08",1270747628,"flolech...@gmail.com",""
41469,"Medium","Cr-Blink, Cr-Content-Core, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","infe...@chromium.org","Drag and drop bad reference counting leads to re-use of freed memory: WebCore..String..length ReadAV@Arbitrary (394bb1a56acd66a43221b2a08fa5b25a)","Apr 06, 2013 02:22:36",1365214956,"Apr 14, 2010 15:39:13",1271259553,"May 01, 2010 16:38:36",1272731916,"skylined@chromium.org",""
41654,"Medium","Cr-Blink, Cr-Content-Core, M-6, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","infe...@chromium.org","Security: Permanent Clipboard Hijack","Apr 06, 2013 02:22:24",1365214944,"Apr 15, 2010 19:14:07",1271358847,"May 04, 2010 05:24:05",1272950645,"infe...@chromium.org",""
41778,"Low","Cr-UI, M-5, Pri-3, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org"," right click context menu option can open arbitary urls like chrome:// file:// etc.","Mar 21, 2013 20:57:08",1363899428,"Apr 16, 2010 16:10:30",1271434230,"Apr 20, 2010 19:21:46",1271791306,"kuz...@gmail.com",""
42228,"High","M-5, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","ca...@chromium.org","Security: a malicious page may gain access to context of an extension's content script","Mar 21, 2013 20:57:07",1363899427,"Apr 21, 2010 19:06:11",1271876771,"Apr 27, 2010 16:44:27",1272386667,"ca...@chromium.org",""
42294,"High","Cr-Blink, Cr-Blink-Fonts, Cr-Content-Core, M-5, Pri-0, Restrict-AddIssueComment-EditIssue, Reward-500, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",500,"accept","yusukes@chromium.org","WebCore::FontFallbackList::determinePitch memory corruption (0b4c05aab686a31bc4954a5bd6bae27b)","Apr 06, 2013 04:51:09",1365223869,"Apr 22, 2010 10:04:09",1271930649,"Apr 24, 2010 02:07:38",1272074858,"woo...@gmail.com",""
42306,"High","Cr-Blink, Cr-Internals-Media, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","fbarch...@chromium.org","Possible num_patches array indexing errors in AAC SBR","Apr 06, 2013 02:21:32",1365214892,"Apr 22, 2010 13:21:16",1271942476,"Apr 23, 2010 23:20:49",1272064849,"scarybea...@gmail.com",""
42356,"Medium","Cr-Platform-Extensions, Cr-UI, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","arv@chromium.org","User scripts can access chrome:// URLs","Mar 21, 2013 21:01:14",1363899674,"Apr 22, 2010 21:49:24",1271972964,"Apr 23, 2010 02:18:48",1271989128,"arv@chromium.org",""
42391,"Medium","Cr-Blink, M-5, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","dcheng@chromium.org","Chromium exposes file paths when dropping files","Apr 06, 2013 02:21:25",1365214885,"Apr 23, 2010 07:06:44",1272006404,"Apr 29, 2010 03:40:20",1272512420,"dcheng@chromium.org",""
42396,"Low","Cr-Blink, Cr-Content-Core, M-5, Pri-3, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","kbr@chromium.org","Security: WebKit: WebCore::WebGLUnsignedIntArrayInternal::getCallback ReadAV@Arbitrary (deef89ee3d0345edebeaf13cf974c47c)","Apr 06, 2013 02:21:24",1365214884,"Apr 23, 2010 08:59:25",1272013165,"May 07, 2010 17:59:19",1273255159,"skylined@chromium.org",""
42538,"Low","Cr-Internals, Cr-Internals-Network, M-5, OS-Linux, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","wtc@chromium.org","segfault in net::X509Certificate::Verify [Linux]","Mar 21, 2013 20:57:06",1363899426,"Apr 26, 2010 07:29:16",1272266956,"Apr 29, 2010 21:03:44",1272575024,"aohelin",""
42574,"Low","CVE-2011-1185, Cr-Blink, M-10, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","abarth@chromium.org","Sandboxed iframes should not allow navigation to history forward,back without allow-top-navigation set.","Apr 06, 2013 02:21:17",1365214877,"Apr 26, 2010 20:57:47",1272315467,"Jan 02, 2011 03:58:49",1293940729,"evn@google.com","2011-1185"
42575,"Medium","Cr-Blink, M-5, Pri-3, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","abarth@chromium.org","sessionStorage is shared on iframe@sandbox","Apr 06, 2013 02:21:17",1365214877,"Apr 26, 2010 21:00:26",1272315626,"May 07, 2010 00:01:35",1273190495,"evn@google.com",""
42723,"High","Cr-Blink, Cr-Content-Core, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Reward-500, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",500,"accept","infe...@chromium.org","Table layout crash bug from wushi","Apr 06, 2013 02:20:56",1365214856,"Apr 28, 2010 14:15:49",1272464149,"May 14, 2010 22:21:59",1273875719,"scarybea...@gmail.com",""
42736,"Medium","Cr-Blink, Cr-Content-Core, M-5, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500, reward-decline","Stable",500,"decline","","Memory corruption (read random system memory) or crash","Apr 06, 2013 02:20:54",1365214854,"Apr 28, 2010 16:15:13",1272471313,"Jun 29, 2010 17:51:26",1277833886,"Michail....@gmail.com",""
42755,"High","M-5, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Merge fix for WebKit CSS hover security bug to 375","Mar 21, 2013 20:57:04",1363899424,"Apr 28, 2010 18:17:59",1272478679,"Apr 28, 2010 18:37:37",1272479857,"scarybea...@gmail.com",""
42765,"Low","CVE-2011-1185, Cr-Blink, M-10, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","abarth@chromium.org","top.close() is allowed on iframe@sandbox when allow-same-origin is not set","Apr 06, 2013 02:20:52",1365214852,"Apr 28, 2010 19:19:57",1272482397,"Jan 02, 2011 07:26:40",1293953200,"evn@google.com","2011-1185"
42980,"Medium","Cr-Blink, M-5, Pri-3, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","infe...@chromium.org","Sandboxed iframes should not autocomplete/autofill unless allow-same-origin set","Apr 06, 2013 02:20:38",1365214838,"Apr 30, 2010 23:15:57",1272669357,"May 21, 2010 04:57:07",1274417827,"evn@google.com",""
42989,"Low","Cr-Internals, M-10, OS-Mac, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, Verifier-Deepakg","Stable",,"","jeremy@chromium.org","Mac sandbox allows calls to stat() on arbitrary paths.","Mar 21, 2013 20:57:03",1363899423,"May 01, 2010 01:47:24",1272678444,"Oct 26, 2010 13:42:37",1288100557,"dcheng@chromium.org",""
43304,"High","M-5, OS-Linux, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","a...@chromium.org","[MD audit] Linux sandbox escape","Mar 21, 2013 20:57:02",1363899422,"May 05, 2010 12:32:25",1273062745,"May 07, 2010 17:50:12",1273254612,"scarybea...@gmail.com",""
43307,"High","M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","[MD audit] Possible memory corruption with bad bitmap shared memory object in clipboard IPC","Mar 21, 2013 20:57:02",1363899422,"May 05, 2010 13:27:50",1273066070,"May 06, 2010 23:13:41",1273187621,"scarybea...@gmail.com",""
43315,"High","M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","[MD audit] Stale pointer error when normalizing DOM nodes","Mar 21, 2013 20:57:02",1363899422,"May 05, 2010 14:24:48",1273069488,"May 11, 2010 00:13:32",1273536812,"scarybea...@gmail.com",""
43322,"High","Pri-3, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","chromium.cdn@gmail.com","[MD audit] Problems with video messages and sizes","Mar 21, 2013 20:57:01",1363899421,"May 05, 2010 14:53:15",1273071195,"Jun 08, 2010 02:37:14",1275964634,"scarybea...@gmail.com",""
43487,"High","Cr-Blink, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","ZDI-CAN-765: CSS Charset Text Transformation Vulnerability ","Apr 06, 2013 02:20:09",1365214809,"May 06, 2010 23:49:04",1273189744,"May 20, 2010 00:02:27",1274313747,"jsc...@chromium.org",""
43488,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, cve-2010-1786","Stable",,"","jsc...@chromium.org","ZDI-CAN-766: SVG ForeignObject Rendering Layout Vulnerability","Apr 06, 2013 02:20:08",1365214808,"May 06, 2010 23:50:46",1273189846,"Jun 23, 2010 12:34:11",1277296451,"jsc...@chromium.org","2010-1786"
43813,"High","Cr-Internals, Cr-Internals-Skia, M-5, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","wjmacl...@chromium.org","chrome_1c30000!SkAlphaRuns::Break+0x13 - Memory Corruption","Mar 21, 2013 20:57:01",1363899421,"May 10, 2010 22:33:53",1273530833,"Jul 13, 2010 17:27:16",1279042036,"sp3x...@gmail.com",""
43846,"Low","Cr-Blink, M-6, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Null deref during image drag, crash in drag selection controller.","Apr 06, 2013 02:19:52",1365214792,"May 11, 2010 08:44:36",1273567476,"Jun 18, 2010 01:28:01",1276824481,"infe...@chromium.org",""
43902,"High","Cr-Blink, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","innerHTML decompilation issues in textarea","Apr 06, 2013 02:19:49",1365214789,"May 11, 2010 19:10:34",1273605034,"May 12, 2010 18:18:45",1273688325,"evn@google.com",""
43967,"High","Cr-UI, Cr-UI-Browser-Omnibox, M-5, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, bulkmove","Stable",,"","brettw@chromium.org","REGRESSION: Currently loading subresource displayed in omnibox","Mar 21, 2013 20:57:00",1363899420,"May 12, 2010 05:08:28",1273640908,"May 25, 2010 16:23:09",1274804589,"jo...@google.com",""
44424,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","","security:chrome_1c30000!WebCore::InlineBox::paint+0x70","Apr 06, 2013 02:19:08",1365214748,"May 18, 2010 01:46:15",1274147175,"Jun 26, 2010 00:48:03",1277513283,"woo...@gmail.com",""
44500,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, cve-2010-1788","Stable",,"","","Invalid read handling malformed SVG <use> element","Apr 06, 2013 02:19:03",1365214743,"May 18, 2010 20:42:06",1274215326,"Jul 05, 2010 15:33:09",1278343989,"jsc...@chromium.org","2010-1788"
44658,"High","Cr-Internals, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","","Security: Insecure behavior in /tmp by Keystone on Mac OS X","Mar 21, 2013 20:56:59",1363899419,"May 20, 2010 16:37:31",1274373451,"Jun 29, 2010 17:22:15",1277832135,"googlec...@vtty.com",""
44740,"High","Cr-Blink, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Need to merge fix for WebKit font issue to 375 branch","Apr 06, 2013 02:18:49",1365214729,"May 21, 2010 11:11:05",1274440265,"May 23, 2010 16:22:07",1274631727,"scarybea...@gmail.com",""
44759,"Low","Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","sad tab with little script","Mar 21, 2013 20:56:58",1363899418,"May 21, 2010 16:03:21",1274457801,"May 21, 2010 16:44:01",1274460241,"javg0...@gmail.com",""
44868,"High","Cr-Blink, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Geolocation events fire after document deletion","Apr 06, 2013 02:18:41",1365214721,"May 23, 2010 16:15:21",1274631321,"Oct 05, 2011 01:39:10",1317778750,"jsc...@chromium.org",""
44955,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Need to merge WebCore::toAlphabetic() crash to 375 branch.","Apr 06, 2013 02:18:34",1365214714,"May 24, 2010 23:17:57",1274743077,"May 24, 2010 23:28:00",1274743680,"infe...@chromium.org",""
45164,"Low","Cr-Blink, M-5, Pri-3, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Crash with invalid images.","Apr 06, 2013 02:18:23",1365214703,"May 26, 2010 22:36:52",1274913412,"Jun 10, 2010 22:08:12",1276207692,"javg0...@gmail.com",""
45267,"High","Pri-3, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","chromium.cdn@gmail.com","ViewHostMsg_UpdateVideo memory corruption","Mar 21, 2013 20:56:57",1363899417,"May 27, 2010 20:19:03",1274991543,"Jun 08, 2010 02:37:56",1275964676,"chromium.cdn@gmail.com",""
45331,"High","Cr-Blink, M-6, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Reward-500, Security, Security_Severity-High, Type-Bug-Security","None",500,"accept","","Memory Corruption with invalid svg rendering","Apr 06, 2013 02:18:17",1365214697,"May 28, 2010 13:28:00",1275053280,"Jun 22, 2010 17:43:56",1277228636,"aohelin",""
45400,"Critical","Cr-Internals, Cr-Stability, M-5, OS-Windows, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security, reward-1337","Stable",1337,"accept","infe...@chromium.org","Browser crash @ RenderViewHost::FilesSelectedInChooser","Mar 21, 2013 21:08:11",1363900091,"May 29, 2010 16:01:32",1275148892,"Aug 03, 2010 16:36:08",1280853368,"serg.gla...@gmail.com",""
45609,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, cve-2010-1784","Stable",,"","jsc...@chromium.org","ZDI-CAN-784: Apple Webkit Rendering Counter Remote Code Execution Vulnerability","Apr 06, 2013 02:17:59",1365214679,"Jun 02, 2010 03:13:26",1275448406,"Jul 01, 2010 17:24:43",1278005083,"infe...@chromium.org","2010-1784"
45614,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, cve-2010-1785","Stable",,"","infe...@chromium.org","ZDI-CAN-782: Apple Webkit SVG First-Letter Style Remote Code Execution Vulnerability","Apr 06, 2013 02:17:59",1365214679,"Jun 02, 2010 05:37:01",1275457021,"Jun 12, 2010 00:58:12",1276304292,"infe...@chromium.org","2010-1785"
45615,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, cve-2010-1787","Stable",,"","infe...@chromium.org","ZDI-CAN-785: Apple Webkit SVG Floating Text Element  Remote Code Execution Vulnerability","Apr 06, 2013 02:17:59",1365214679,"Jun 02, 2010 05:58:49",1275458329,"Jun 12, 2010 00:49:06",1276303746,"infe...@chromium.org","2010-1787"
45659,"High","Cr-Blink, M-6, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Stale pointer in SVGResourceFilter","Apr 06, 2013 02:17:55",1365214675,"Jun 02, 2010 17:56:58",1275501418,"Jun 02, 2010 22:01:17",1275516077,"tav...@gmail.com",""
45876,"Medium","Cr-Internals, Cr-Platform-Extensions, M-6, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","","Web pages should NOT be able to load resources if there are NO content scripts from that extension on the page","Mar 21, 2013 21:01:12",1363899672,"Jun 04, 2010 20:07:29",1275682049,"Aug 05, 2010 20:35:47",1281040547,"a...@chromium.org",""
45983,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","chromium.cdn@gmail.com","Segmentation fault in WebCore::RenderLayer::paintList when a malformed PNG image is viewed","Apr 06, 2013 02:17:38",1365214658,"Jun 07, 2010 07:27:19",1275895639,"Jun 25, 2010 03:18:46",1277435926,"aohelin",""
46018,"Critical","Cr-UI, Cr-UI-Notifications, M-6, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Critical, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","john...@chromium.org","Crash - BalloonViewImpl::DelayedClose","Mar 21, 2013 21:08:10",1363900090,"Jun 07, 2010 20:19:49",1275941989,"Aug 06, 2010 18:50:41",1281120641,"huanr@chromium.org",""
46126,"High","Cr-Internals, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","wtc@chromium.org","crash with processing invalid x509-user-cert responses.","Mar 21, 2013 20:56:54",1363899414,"Jun 09, 2010 02:36:56",1276051016,"Jun 10, 2010 22:34:37",1276209277,"infe...@chromium.org",""
46360,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","infe...@chromium.org","Memory corruption in :first-letter rendering","Apr 06, 2013 02:17:14",1365214634,"Jun 11, 2010 16:30:11",1276273811,"Jun 22, 2010 04:43:15",1277181795,"infe...@chromium.org",""
46452,"High","Cr-Blink, M-5, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove, not-extensions","Stable",,"","tony@chromium.org"," when combined with certain JavaScripts","Apr 06, 2013 02:17:07",1365214627,"Jun 13, 2010 13:35:26",1276436126,"Jul 21, 2010 01:24:25",1279675465,"thaberm...@gmail.com",""
46575,"Low","Cr-UI, M-5, OS-Linux, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","est...@chromium.org","DoS by opening unlimited number of print dialogs","Mar 21, 2013 20:56:53",1363899413,"Jun 15, 2010 16:15:33",1276618533,"Jun 21, 2010 21:50:48",1277157048,"mats.ahl...@gmail.com",""
46750,"Low","Cr-Internals, Feature-WebSocket, M-5, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","ukai@chromium.org","Browser crash in WebSocket creation","Mar 21, 2013 20:56:53",1363899413,"Jun 17, 2010 00:53:27",1276736007,"Aug 04, 2010 00:20:21",1280881221,"jsc...@chromium.org",""
46957,"High","Cr-Blink, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Severity-High, Type-Bug-Security, reward-500","None",500,"accept","dglazkov@chromium.org","Renderer crash in CounterNode in documentBeingDestroyed call (similar to 45609)","Apr 06, 2013 02:16:40",1365214600,"Jun 19, 2010 06:13:03",1276927983,"Jun 30, 2010 19:31:49",1277926309,"javg0...@gmail.com",""
47056,"Low","Cr-UI, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","tony@chromium.org","Browser crash after AppModalDialogQueue::ShowNextDialog","Mar 21, 2013 20:56:52",1363899412,"Jun 21, 2010 15:28:30",1277134110,"Jun 23, 2010 01:25:47",1277256347,"aohelin",""
47086,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Memory corruption with DOM mutation on onchange event firing for select object","Apr 06, 2013 02:16:32",1365214592,"Jun 21, 2010 20:48:54",1277153334,"Jun 23, 2010 21:38:25",1277329105,"chromium.cdn@gmail.com",""
47105,"High","Cr-Internals, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","tony@chromium.org","Renderer crash for a multipart page","Mar 21, 2013 20:56:52",1363899412,"Jun 21, 2010 22:31:09",1277159469,"Jun 24, 2010 01:07:38",1277341658,"bl...@google.com",""
47866,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","","Memory corruption with crash in RenderObject::containingBlock()","Apr 06, 2013 02:15:45",1365214545,"Jun 29, 2010 16:51:59",1277830319,"Jul 10, 2010 18:06:35",1278785195,"javg0...@gmail.com",""
47915,"High","Cr-Blink, M-5, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, cve-2010-1782","Stable",,"","","ZDI-CAN-806: Apple Safari's Webkit Runin Use-after-free Vulnerability","Apr 06, 2013 02:15:42",1365214542,"Jun 29, 2010 21:52:47",1277848367,"Jul 20, 2010 20:38:48",1279658328,"infe...@chromium.org","2010-1782"
48115,"High","Cr-Blink, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-500","None",500,"accept","infe...@chromium.org","REGRESSION: Memory corruption in open source JPEG decoder (r61619)","Apr 06, 2013 02:15:29",1365214529,"Jul 01, 2010 20:38:54",1278016734,"Jul 02, 2010 19:54:57",1278100497,"aohelin",""
48225,"Medium","Cr-UI, Cr-UI-Browser-Autofill, M-7, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","dhollowa@chromium.org","Autofill profile (address, perfsonal info) spam without any need of user interaction","Mar 21, 2013 21:01:12",1363899672,"Jul 03, 2010 04:42:37",1278132157,"Sep 10, 2010 21:49:31",1284155371,"infe...@chromium.org",""
48282,"High","Cr-Blink, M-7, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","abarth@chromium.org","LegacyHTMLTreeBuilder fires DOM mutation events","Apr 06, 2013 02:15:16",1365214516,"Jul 04, 2010 05:31:11",1278221471,"Aug 27, 2010 20:16:16",1282940176,"abarth@chromium.org",""
48283,"Critical","Cr-Internals, OS-Windows, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security, reward-1337","Stable",1337,"accept","","EXTERNAL-REPORT: Windows kernel crash on invalid font","Mar 21, 2013 21:08:10",1363900090,"Jul 04, 2010 07:24:13",1278228253,"Jul 14, 2010 21:46:15",1279143975,"c...@google.com",""
48284,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, cve-2010-1793, reward-500","Stable",500,"accept","","<use> on <font-face> causes crashes, if SVGUseElement gets detached","Apr 06, 2013 02:15:16",1365214516,"Jul 04, 2010 08:11:12",1278231072,"Jul 07, 2010 14:27:11",1278512831,"aohelin","2010-1793"
48437,"High","Cr-Blink, Cr-Internals, Cr-Internals-Plugins, Cr-Internals-Plugins-PDF, M-7, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","g...@chromium.org","chrome pdf viewer crashes when width/height values are large enough","Apr 06, 2013 04:30:00",1365222600,"Jul 07, 2010 09:34:57",1278495297,"Aug 24, 2010 05:46:58",1282628818,"serg.gla...@gmail.com",""
48597,"Low","Cr-UI, Cr-UI-Browser-Omnibox, M-6, OS-Linux, OS-Windows, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Incorrect eliding (windows), truncation(linux) for hostname in security information dialog","Mar 21, 2013 20:56:49",1363899409,"Jul 08, 2010 21:43:32",1278625412,"Jul 09, 2010 17:05:50",1278695150,"infe...@chromium.org",""
48733,"Critical","Cr-Internals, OS-Linux, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security, reward-1337","Stable",1337,"accept","infe...@chromium.org","Crash in third_party xdg_mime library when unable to handle long file paths","Mar 21, 2013 21:08:09",1363900089,"Jul 09, 2010 22:23:13",1278714193,"Jul 12, 2010 21:23:15",1278969795,"lsatc...@gmail.com",""
48857,"High","Cr-UI, Cr-UI-Browser-Autofill, M-7, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","dhollowa@chromium.org","Render crash in FormManager::FindCachedFormElement()","Mar 21, 2013 20:56:48",1363899408,"Jul 12, 2010 19:58:17",1278964697,"Sep 29, 2010 23:05:37",1285801537,"shess@chromium.org",""
49215,"Low","Cr-Internals, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Signed/Unsigned Comparison issue in MemoryAllocator::AllocateRawMemory","Mar 21, 2013 20:56:48",1363899408,"Jul 15, 2010 21:45:00",1279230300,"Jul 21, 2010 18:09:43",1279735783,"pme...@google.com",""
49317,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, cve-2010-1780","Stable",,"","","Merge webkit bug https://bugs.webkit.org/show_bug.cgi?id=40407","Apr 06, 2013 02:14:09",1365214449,"Jul 16, 2010 16:06:32",1279296392,"Oct 05, 2011 01:39:16",1317778756,"infe...@chromium.org","2010-1780"
49318,"High","Cr-Blink, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Merge webkit bug https://bugs.webkit.org/show_bug.cgi?id=39143","Apr 06, 2013 02:14:08",1365214448,"Jul 16, 2010 16:14:40",1279296880,"May 15, 2012 21:39:04",1337117944,"infe...@chromium.org",""
49377,"High","CVE-2011-2835, Cr-Internals, Cr-Internals-Network, M-14, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","rsleevi@chromium.org","X509Certificate::Cache usage pattern may result in use after free","Mar 21, 2013 20:56:47",1363899407,"Jul 16, 2010 22:29:05",1279319345,"Jul 19, 2011 05:46:57",1311054417,"rsleevi@chromium.org","2011-2835"
49596,"High","Cr-Blink, M-5, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","","Security issue in SVGUseElement::buildShadowTree","Apr 06, 2013 02:13:54",1365214434,"Jul 20, 2010 06:35:49",1279607749,"Jul 22, 2010 14:28:09",1279808889,"woo...@gmail.com",""
49628,"High","Cr-Blink, M-5, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, cve-2010-1783, reward-500","Stable",500,"accept","infe...@chromium.org","Memory corruption with invalid text node cast for edit commands","Apr 06, 2013 02:13:53",1365214433,"Jul 20, 2010 15:20:04",1279639204,"Jul 20, 2010 21:14:29",1279660469,"infe...@chromium.org","2010-1783"
49729,"High","Cr-Blink, M-5, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","tony@chromium.org","Use after free in scroll bar layout","Apr 06, 2013 02:13:46",1365214426,"Jul 21, 2010 01:22:48",1279675368,"Aug 05, 2010 20:45:01",1281041101,"rohi...@chromium.org",""
49747,"Low","Cr-UI, M-10, OS-Linux, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","chromium.cdn@gmail.com","GTK message dialogs do not properly wrap overly long words or elide many short lines in js modal dialog","Mar 21, 2013 20:56:46",1363899406,"Jul 21, 2010 06:23:40",1279693420,"Dec 22, 2010 22:31:07",1293057067,"Louis.w.Lang@gmail.com",""
49964,"High","Cr-Blink, M-5, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jsc...@chromium.org","Security: window.history.replaceState fails to enforce domain security","Apr 06, 2013 02:13:34",1365214414,"Jul 22, 2010 19:25:10",1279826710,"Jul 23, 2010 00:31:11",1279845071,"miketa...@gmail.com",""
50250,"High","Cr-Blink, M-6, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","jap...@chromium.org","Use after free in document.close()","Apr 06, 2013 02:13:25",1365214405,"Jul 26, 2010 19:23:06",1280172186,"Aug 19, 2010 20:32:03",1282249923,"infe...@chromium.org",""
50377,"Low","Cr-UI, Mstone-X, OS-All, Pri-3, Restrict-AddIssueComment-Commit, Security, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","tsepez@chromium.org","User gesture leaks from prompt (was: infinite prompts)","Mar 21, 2013 21:07:44",1363900064,"Jul 27, 2010 15:36:42",1280245002,"Jan 11, 2012 18:58:31",1326308311,"optimalcycling@gmail.com",""
50383,"Low","Cr-Internals, M-5, OS-Linux, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","chromium.cdn@gmail.com","Glibc bug in getaddrinfo() may be exposed","Mar 21, 2013 20:56:44",1363899404,"Jul 27, 2010 16:57:00",1280249820,"Aug 07, 2010 01:39:36",1281145176,"chromium.cdn@gmail.com",""
50386,"High","Cr-Blink, Cr-UI-Notifications, M-6, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","john...@chromium.org","Use after free of notification presenter when opening window is closed and notification is cancelled","Apr 06, 2013 02:13:14",1365214394,"Jul 27, 2010 17:01:46",1280250106,"Aug 20, 2010 18:01:44",1282327304,"serg.gla...@gmail.com",""
50428,"Critical","Cr-UI, M-6, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Critical, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","jcive...@chromium.org","Browser crash @ TabContents::ExpireInfoBars","Mar 21, 2013 21:08:09",1363900089,"Jul 27, 2010 22:26:42",1280269602,"Sep 21, 2010 21:17:42",1285103862,"shess@chromium.org",""
50515,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","","Memory corruption - DOMMimeType","Apr 06, 2013 02:13:05",1365214385,"Jul 28, 2010 13:46:00",1280324760,"Jul 29, 2010 18:42:24",1280428944,"serg.gla...@gmail.com",""
50553,"Critical","M-5, OS-Windows, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Critical, Stability-Crash, Type-Bug-Security, bulkmove, reward-1337","Stable",1337,"accept","john...@chromium.org","Crash when closing chrome - BalloonViewImpl::DelayedClose","Mar 21, 2013 21:08:09",1363900089,"Jul 28, 2010 19:58:05",1280347085,"Aug 05, 2010 16:49:03",1281026943,"dogantun...@gmail.com",""
50712,"High","Cr-Blink, M-6, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","","Use after free with SVG use referencing svg style element","Apr 06, 2013 02:12:57",1365214377,"Jul 30, 2010 03:03:48",1280459028,"Sep 04, 2010 15:47:33",1283615253,"kuz...@gmail.com",""
50839,"High","Cr-Blink, Cr-Content-Core, Cr-UI-Notifications, M-6, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Security: WebKit 43295 - cross_fuzz notification requestPermission memory corruption","Apr 06, 2013 02:12:48",1365214368,"Jul 31, 2010 10:32:49",1280572369,"Aug 04, 2010 16:44:37",1280940277,"skylined@chromium.org",""
51070,"Critical","Cr-Internals, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security, reward-1337","Stable",1337,"accept","yusukes@chromium.org","Another Windows kernel bug in the CFF font parser","Mar 21, 2013 21:08:08",1363900088,"Aug 03, 2010 16:43:57",1280853837,"Aug 11, 2010 16:25:29",1281543929,"scarybea...@gmail.com",""
51146,"Medium","Cr-UI, Cr-UI-Browser-Omnibox, M-5, Pri-3, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","pkasting@chromium.org","Plain-text information leak of https://user:password due to autosuggest","Mar 21, 2013 21:01:10",1363899670,"Aug 04, 2010 08:01:59",1280908919,"Aug 09, 2010 23:25:27",1281396327,"scarybea...@gmail.com",""
51252,"High","Cr-Blink, M-6, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","jsc...@chromium.org","Use after free with nested use elements","Apr 06, 2013 02:12:17",1365214337,"Aug 05, 2010 08:46:54",1280998014,"Sep 06, 2010 22:43:37",1283813017,"kuz...@gmail.com",""
51464,"Low","CVE-2011-2836, Cr-Blink, Cr-Internals, Cr-Internals-Plugins, Cr-Internals-Plugins-Flash, M-14, OS-Windows, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cev...@chromium.org","Chromium use ActiveX Flash (not the NPAPI one) with potential WinINET cookie leak","Apr 06, 2013 04:29:30",1365222570,"Aug 07, 2010 07:55:01",1281167701,"Jun 01, 2011 18:03:40",1306951420,"electron...@gmail.com","2011-2836"
51602,"High","Cr-Blink, Cr-Content-Core, M-7, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","rn...@chromium.org","Investigate rte_fuzz crashes","Apr 06, 2013 02:11:54",1365214314,"Aug 09, 2010 17:33:34",1281375214,"Oct 27, 2010 01:30:46",1288143046,"bl...@google.com",""
51630,"High","Cr-Blink, Feature-WebSocket, M-6, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1337","Stable",1337,"accept","ukai@chromium.org","Memory corruption in WebSocketChannel::skipBuffer() - underflow in buffer size","Apr 06, 2013 02:11:52",1365214312,"Aug 09, 2010 22:04:05",1281391445,"Aug 12, 2010 00:37:08",1281573428,"camp...@iit.edu",""
51653,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","chromium.cdn@gmail.com","Memory corruption in Counter Nodes.","Apr 06, 2013 02:11:51",1365214311,"Aug 10, 2010 04:26:51",1281414411,"Aug 25, 2010 23:16:39",1282778199,"kuz...@gmail.com",""
51654,"High","Cr-Blink, M-5, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","","Memory corruption with moving ruby text nodes to runs without ruby bases.","Apr 06, 2013 02:11:50",1365214310,"Aug 10, 2010 04:48:38",1281415718,"Aug 10, 2010 20:47:45",1281473265,"kuz...@gmail.com",""
51658,"Low","Cr-Internals, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Add .xbap to dangerous extensions list","Mar 21, 2013 20:56:39",1363899399,"Aug 10, 2010 05:46:12",1281419172,"Aug 10, 2010 06:25:31",1281421531,"scarybea...@gmail.com",""
51670,"High","Cr-Blink, Cr-Blink-Location, Cr-Content-Core, M-5, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","","Security: WebKit: WebCore::GeolocationService::positionChanged use after free","Apr 06, 2013 05:02:48",1365224568,"Aug 10, 2010 08:11:02",1281427862,"Aug 13, 2010 17:05:20",1281719120,"kuz...@gmail.com",""
51680,"Medium","Cr-Blink, M-7, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Stable",500,"accept","jcive...@chromium.org","Omnibox url spoofing on pending events in page unload","Apr 06, 2013 02:11:48",1365214308,"Aug 10, 2010 10:21:14",1281435674,"Sep 01, 2010 23:33:55",1283384035,"kuz...@gmail.com",""
51709,"Low","Cr-UI, M-6, OS-All, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","est...@chromium.org","Fatal assertion failure when getting gdk custom cursor on safari books","Mar 21, 2013 20:56:37",1363899397,"Aug 10, 2010 19:10:00",1281467400,"Aug 11, 2010 18:23:49",1281551029,"magnusmo...@gmail.com",""
51727,"Low","Cr-Internals, M-7, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","dhollowa@chromium.org","autocomplete entries submitted by javascript should not be stored in db (similar to autofill bug 48225)","Mar 21, 2013 20:56:37",1363899397,"Aug 10, 2010 22:22:03",1281478923,"Sep 10, 2010 21:55:29",1284155729,"infe...@chromium.org",""
51739,"High","Cr-Blink, Feature-WebSocket, M-6, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","chromium.cdn@gmail.com","Numerous Integer wraps and errant pointers within WebSockets parser","Apr 06, 2013 02:11:45",1365214305,"Aug 10, 2010 23:58:38",1281484718,"Aug 12, 2010 19:28:08",1281641288,"chromium.cdn@gmail.com",""
51835,"High","Cr-Blink, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jsc...@chromium.org","Use after free in plugin handling","Apr 06, 2013 02:11:40",1365214300,"Aug 11, 2010 21:44:44",1281563084,"Aug 12, 2010 23:51:41",1281657101,"serg.gla...@gmail.com",""
51846,"Low","Cr-Internals, Cr-Internals-Network, M-6, OS-Linux, OS-Mac, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, Verifier-Rohitbm","Stable",,"","chromium.cdn@gmail.com","Null deref when socket stream is closed during hostname resolution","Mar 21, 2013 20:56:36",1363899396,"Aug 11, 2010 23:09:29",1281568169,"Aug 19, 2010 18:41:44",1282243304,"camp...@iit.edu",""
51919,"High","Cr-Internals, Cr-Platform-DevTools, M-6, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","mal@chromium.org","use after free in console.profile calls.","Mar 21, 2013 20:56:35",1363899395,"Aug 12, 2010 15:29:58",1281626998,"Sep 01, 2010 14:13:20",1283350400,"kuz...@gmail.com",""
52204,"High","Cr-Blink, M-6, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","infe...@chromium.org"," in renderblock remove child.","Apr 06, 2013 02:11:24",1365214284,"Aug 15, 2010 05:44:17",1281851057,"Aug 17, 2010 20:56:06",1282078566,"kuz...@gmail.com",""
52443,"High","Cr-Blink, M-6, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","tony@chromium.org","Google Chrome Focus Handling Use-after-free Vulnerability","Apr 06, 2013 02:11:08",1365214268,"Aug 17, 2010 16:46:20",1282063580,"Aug 20, 2010 19:29:02",1282332542,"adamm...@google.com",""
52587,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","cross_fuzz: CSSRule::parentStyleSheet use after free","Apr 06, 2013 02:10:57",1365214257,"Aug 18, 2010 14:10:43",1282140643,"Dec 02, 2010 19:18:40",1291317520,"jsc...@chromium.org",""
52682,"High","Cr-Internals, M-6, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","","Sandbox IPC  out-of-bounds write in CrossCallParamsEx::CreateFromBuffer","Mar 21, 2013 20:56:35",1363899395,"Aug 19, 2010 03:58:31",1282190311,"Aug 21, 2010 02:34:52",1282358092,"cpu@chromium.org",""
53001,"Medium","Cr-Blink, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Stable",500,"accept","infe...@chromium.org","Security: ability to read cross domain image data using toDataURL and getImageData via createPattern ","Apr 06, 2013 02:10:24",1365214224,"Aug 22, 2010 08:01:14",1282464074,"Aug 23, 2010 20:24:05",1282595045,"isaac.da...@gmail.com",""
53002,"Low","Cr-Internals, M-7, OS-All, Pri-3, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","j...@chromium.org","pop blocker bypass","Mar 21, 2013 20:56:34",1363899394,"Aug 22, 2010 08:59:05",1282467545,"Sep 17, 2010 17:08:11",1284743291,"kuz...@gmail.com",""
53116,"Low","Cr-Internals, M-10, Pri-2, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","mmoss@chromium.org","Security:  Chrome can't be downloaded securely.","Mar 27, 2013 01:19:42",1364347182,"Aug 23, 2010 19:35:41",1282592141,"Mar 27, 2013 01:19:42",1364347182,"elvey.ma...@gmail.com",""
53142,"Critical","M-6, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security","Stable",,"","yusukes@chromium.org","EXTERNAL-REPORT: Another Windows kernel CFF font parsing bug","Mar 21, 2013 21:08:08",1363900088,"Aug 23, 2010 23:25:20",1282605920,"Aug 25, 2010 06:35:09",1282718109,"scarybea...@gmail.com",""
53176,"Low","Cr-Internals, Pri-2, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","BlockedPopupContainer::GetBlockedContents ReadAV@NULL (882a25e76e991e980ffce6adda7cfcc5)","Mar 21, 2013 20:56:33",1363899393,"Aug 24, 2010 07:39:23",1282635563,"Aug 24, 2010 23:59:13",1282694353,"kuz...@gmail.com",""
53230,"High","Cr-Blink, M-7, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","rolandsteiner.chromium@gmail.com","crash on google.at ajax search","Apr 06, 2013 02:10:03",1365214203,"Aug 24, 2010 18:52:56",1282675976,"Aug 31, 2010 16:22:23",1283271743,"geki...@gmail.com",""
53361,"Critical","Cr-Internals, M-6, OS-Mac, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security, reward-500","Stable",500,"accept","infe...@chromium.org","Browser crash in improper destruction of select file dialog (mac)","Mar 21, 2013 21:08:08",1363900088,"Aug 25, 2010 21:15:15",1282770915,"Aug 28, 2010 16:06:46",1283011606,"infe...@chromium.org",""
53394,"High","Cr-Blink, Cr-Blink-Location, M-6, M-7, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","j...@chromium.org","Geolocation use after free","Apr 06, 2013 05:02:46",1365224566,"Aug 26, 2010 03:35:52",1282793752,"Sep 07, 2010 15:30:16",1283873416,"infe...@chromium.org",""
53640,"High","Cr-Blink, M-6, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Merge Webkit Bug 41523 to 472","Apr 06, 2013 02:09:39",1365214179,"Aug 27, 2010 21:03:26",1282943006,"Aug 27, 2010 21:30:31",1282944631,"infe...@chromium.org",""
53747,"High","Cr-Blink, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use-after-free of renderer when recalcStyle() is called during layout or painting.","Apr 06, 2013 02:09:26",1365214166,"Aug 29, 2010 05:20:29",1283059229,"Aug 29, 2010 06:53:04",1283064784,"scarybea...@gmail.com",""
53836,"Medium","Cr-Blink, Cr-Blink-WebSockets, Cr-Internals, Cr-Internals-Network-SSL, M-19, MovedFrom-17, MovedFrom18, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","toyoshim@chromium.org","wss:// does not validate SSL certs","Apr 06, 2013 03:42:00",1365219720,"Aug 30, 2010 14:18:24",1283177904,"Dec 20, 2012 15:52:54",1356018774,"m...@meastman.org",""
53930,"High","M-6, OS-Linux, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","a...@chromium.org","Memory corruption on Linux when render Khmer script page","Mar 21, 2013 20:56:30",1363899390,"Aug 31, 2010 08:48:31",1283244511,"Sep 02, 2010 23:13:54",1283469234,"scarybea...@gmail.com",""
53985,"Medium","Cr-Internals, Cr-Internals-Network, Feature-WebSocket, M-7, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","ukai@chromium.org","Crash in chrome_browser_net_websocket_experiment::WebSocketExperimentRunner::DoLoop","Mar 21, 2013 21:01:07",1363899667,"Aug 31, 2010 19:01:56",1283281316,"Sep 16, 2010 02:49:53",1284605393,"eroman@chromium.org",""
54006,"Low","Cr-Internals, Cr-Platform-Extensions, M-6, Pri-1, ReleaseBlock-Dev, Restrict-AddIssueComment-EditIssue, Review-Security, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","erik...@chromium.org","Security: Extension history permission does not generate a warning","Mar 21, 2013 20:56:30",1363899390,"Aug 31, 2010 22:26:46",1283293606,"Sep 01, 2010 23:06:22",1283382382,"adrienne...@gmail.com",""
54132,"Low","Cr-Internals, M-6, OS-Linux, Pri-3, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","mmoss@chromium.org","Security: Insecure library loading in Google Chrome for Linux","Mar 21, 2013 20:56:29",1363899389,"Sep 01, 2010 20:43:06",1283373786,"Sep 13, 2010 18:35:10",1284402910,"adamm...@google.com",""
54262,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","darin@chromium.org","Possible Location Bar & SSL Spoofing","Apr 06, 2013 02:08:59",1365214139,"Sep 02, 2010 17:24:48",1283448288,"Feb 10, 2011 18:02:40",1297360960,"jconsult...@gmail.com",""
54500,"High","Cr-Blink, M-7, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove, reward-500","Stable",500,"accept","cev...@chromium.org","Renderer crash on very big animated gif image @ WebCore::RGBA32Buffer::setRGBA(unsigned int *,unsigned int,unsigned int,unsigned int,unsigned int)","Apr 06, 2013 02:08:46",1365214126,"Sep 04, 2010 16:21:50",1283617310,"Sep 28, 2010 01:11:17",1285636277,"simon.sc...@gmail.com",""
54532,"High","Cr-Blink, M-7, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Issue with incorrect attribute, events handling in SVG and polyline","Apr 06, 2013 02:08:43",1365214123,"Sep 05, 2010 05:45:39",1283665539,"Sep 07, 2010 05:30:46",1283837446,"infe...@chromium.org",""
54539,"Medium","Cr-Blink, M-6, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","infe...@chromium.org","OOB read in rendering text fragment","Apr 06, 2013 02:08:43",1365214123,"Sep 05, 2010 07:21:56",1283671316,"Sep 07, 2010 21:59:30",1283896770,"infe...@chromium.org",""
54636,"High","Cr-Blink, Cr-Content-Core, M-7, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","selectedStylesheetSet memory corruption","Apr 06, 2013 02:08:37",1365214117,"Sep 06, 2010 19:51:54",1283802714,"Sep 06, 2010 21:53:49",1283810029,"skylined@chromium.org",""
54653,"High","Cr-Blink, M-7, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Memory corruption with creating lines on renderblocks.","Apr 06, 2013 02:08:36",1365214116,"Sep 07, 2010 03:31:50",1283830310,"Sep 11, 2010 06:46:26",1284187586,"infe...@chromium.org",""
54691,"High","Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","cev...@chromium.org","segmentation fault in bundled pdf plugin","Mar 21, 2013 20:47:28",1363898848,"Sep 07, 2010 14:53:51",1283871231,"Sep 15, 2010 19:06:46",1284577606,"aohelin",""
54794,"High","Cr-Internals, M-7, OS-Linux, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","a...@chromium.org","HTML5 Workers run outside of the sandbox","Mar 21, 2013 20:56:27",1363899387,"Sep 08, 2010 08:31:16",1283934676,"Sep 13, 2010 18:20:17",1284402017,"scarybea...@gmail.com",""
55114,"High","Cr-Blink, M-6, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","jsc...@chromium.org","Bad cast with svg:g element","Apr 06, 2013 02:08:05",1365214085,"Sep 10, 2010 16:34:49",1284136489,"Sep 10, 2010 22:09:40",1284156580,"woo...@gmail.com",""
55119,"Critical","Cr-Internals, M-6, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security, security, spdy","Stable",,"","mbel...@chromium.org","SpdyFramer buffer resizing bug","Mar 21, 2013 21:08:07",1363900087,"Sep 10, 2010 17:04:07",1284138247,"Sep 14, 2010 20:05:40",1284494740,"mbel...@chromium.org",""
55215,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","yuzo@chromium.org","Memory corruption with styled font-face","Apr 06, 2013 02:07:59",1365214079,"Sep 11, 2010 06:46:39",1284187599,"Oct 28, 2010 20:23:59",1288297439,"scarybea...@gmail.com",""
55257,"High","Cr-Blink, M-7, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Memory corruption in accessing floatptr of a textarea","Apr 06, 2013 02:07:56",1365214076,"Sep 11, 2010 15:13:58",1284218038,"Oct 14, 2010 16:17:17",1287073037,"woo...@gmail.com",""
55346,"High","Cr-Blink, M-7, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","jsc...@chromium.org","Load Timer fired on deleted HTMLMediaElement","Apr 06, 2013 02:07:49",1365214069,"Sep 13, 2010 04:09:23",1284350963,"Oct 04, 2010 22:29:59",1286231399,"kuz...@gmail.com",""
55350,"High","Cr-Blink, M-6, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","abarth@chromium.org","Chrome cross window & cross domain object access","Apr 06, 2013 02:07:48",1365214068,"Sep 13, 2010 05:25:31",1284355531,"Sep 14, 2010 23:15:41",1284506141,"stefano....@gmail.com",""
55607,"High","Cr-Blink, Cr-Internals, Cr-Internals-Plugins-Flash, M-7, OS-Linux, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","stuartmorgan@chromium.org","Flash intercepts key events when not in focus","Apr 06, 2013 04:10:04",1365221404,"Sep 14, 2010 20:09:24",1284494964,"Sep 21, 2010 16:16:41",1285085801,"jsc...@chromium.org",""
55745,"Medium","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","scherkus@chromium.org","MSVR-10-0105: Cross origin bypass using canvas and video","Apr 06, 2013 02:07:11",1365214031,"Sep 15, 2010 19:49:30",1284580170,"Oct 26, 2010 02:57:47",1288061867,"steve.ma...@gmail.com",""
55831,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","chromium.cdn@gmail.com","Segmentation fault at WebCore::ImageLoader::updateFromElement due to malformed HTML","Apr 06, 2013 02:07:09",1365214029,"Sep 16, 2010 08:54:44",1284627284,"Dec 10, 2010 21:21:30",1292016090,"aohelin",""
55901,"High","Cr-Blink, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Merge Webkit Bug 45896 :CSS: Fix crash in getTimingFunctionValue()","Apr 06, 2013 02:07:05",1365214025,"Sep 16, 2010 19:34:08",1284665648,"May 15, 2012 21:39:04",1337117944,"infe...@chromium.org",""
56144,"High","Cr-Blink, M-7, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Memory corruption in adding text child to table column","Apr 06, 2013 02:06:42",1365214002,"Sep 18, 2010 20:14:18",1284840858,"Oct 01, 2010 03:26:56",1285903616,"infe...@chromium.org",""
56206,"High","Cr-Blink, M-7, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Use after free in CounterNode","Apr 06, 2013 02:06:37",1365213997,"Sep 19, 2010 19:37:22",1284925042,"Sep 30, 2010 20:44:43",1285879483,"infe...@chromium.org",""
56237,"Low","Cr-UI-Browser-Incognito, M-8, Pri-3, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Browser crash in incognito mode with trying to close a large db.","Mar 21, 2013 20:56:23",1363899383,"Sep 20, 2010 05:34:04",1284960844,"Sep 27, 2010 21:13:58",1285622038,"infe...@chromium.org",""
56449,"High","Cr-Internals, Cr-Internals-Network, M-8, OS-Linux, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","rvargas@chromium.org","Crash in Pickle::ReadInt in net::HttpResponseInfo::InitFromPickle","Mar 21, 2013 20:56:23",1363899383,"Sep 21, 2010 22:16:08",1285107368,"Dec 02, 2010 18:36:50",1291315010,"thestig@chromium.org",""
56451,"High","Cr-Blink, M-7, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","cross_fuzz: Deleted elements lingering in Document::m_elementsById","Apr 06, 2013 02:06:18",1365213978,"Sep 21, 2010 22:21:40",1285107700,"Sep 22, 2010 23:22:01",1285197721,"infe...@chromium.org",""
56474,"High","Cr-Blink, M-7, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","User after free in table destroy","Apr 06, 2013 02:06:16",1365213976,"Sep 22, 2010 01:28:14",1285118894,"Sep 22, 2010 19:39:17",1285184357,"infe...@chromium.org",""
56514,"Low","Cr-Privacy, Cr-UI, Pri-3, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Click to Play is vulnerable to UI redressing","Mar 21, 2013 20:56:22",1363899382,"Sep 22, 2010 14:22:56",1285165376,"Oct 14, 2010 10:02:14",1287050534,"jln@chromium.org",""
56616,"High","Cr-Blink, M-7, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Bad cast in 3d rendering in RenderObject::getTransformFromContainer","Apr 06, 2013 02:06:07",1365213967,"Sep 23, 2010 05:36:01",1285220161,"Sep 23, 2010 17:22:11",1285262531,"infe...@chromium.org",""
56621,"High","Cr-Blink, M-7, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","use after free in InlineBox::dirtyLineBoxes()","Apr 06, 2013 02:06:07",1365213967,"Sep 23, 2010 07:13:28",1285226008,"Sep 28, 2010 05:15:48",1285650948,"infe...@chromium.org",""
56692,"High","Cr-Blink, M-7, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Bad cast from RenderInline to RenderBox in positionListMarker","Apr 06, 2013 02:06:03",1365213963,"Sep 23, 2010 19:08:51",1285268931,"Sep 27, 2010 18:23:04",1285611784,"infe...@chromium.org",""
56760,"High","Cr-Internals, M-8, Pri-0, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","jam@chromium.org","segfault in bundled pdf viewer","Mar 21, 2013 20:47:19",1363898839,"Sep 24, 2010 08:10:23",1285315823,"Oct 14, 2010 01:03:48",1287018228,"aohelin",""
56796,"High","Cr-Blink, M-7, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Bad cast in casting CSSInitialValue to SVGColor in css","Apr 06, 2013 02:05:58",1365213958,"Sep 24, 2010 16:28:13",1285345693,"Sep 26, 2010 06:16:35",1285481795,"infe...@chromium.org",""
57080,"Low","M-8, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","est...@chromium.org","remove extension renaming code","Mar 21, 2013 20:56:20",1363899380,"Sep 27, 2010 21:05:39",1285621539,"Sep 30, 2010 16:16:29",1285863389,"est...@chromium.org",""
57200,"High","Cr-Blink, M-7, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free from accessing stale renderers in m_floatingObjects in lowestPosition","Apr 06, 2013 02:05:31",1365213931,"Sep 28, 2010 19:21:28",1285701688,"Oct 11, 2010 06:33:38",1286778818,"infe...@chromium.org",""
57347,"High","Cr-Blink, M-7, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","ZDI-CAN-874: Apple Webkit WholeText Integer Overflow Remote Code Execution Vulnerability","Apr 06, 2013 02:05:21",1365213921,"Sep 29, 2010 23:06:22",1285801582,"Sep 29, 2010 23:07:26",1285801646,"infe...@chromium.org",""
57377,"Medium","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","infe...@chromium.org","Cross origin bypass with CSS getMatchedCSSRules()","Apr 06, 2013 02:05:21",1365213921,"Sep 30, 2010 02:38:51",1285814331,"Oct 22, 2010 21:51:05",1287784265,"infe...@chromium.org",""
57501,"High","Cr-Blink, Cr-Internals-Plugins-PDF, Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-500","None",500,"accept","cev...@chromium.org","Crash in PDF plugin when building cross-refs","Apr 06, 2013 03:18:38",1365218318,"Oct 01, 2010 01:02:15",1285894935,"Oct 05, 2011 21:25:05",1317849905,"scarybea...@gmail.com",""
57908,"Low","Build, CVE-2011-2837, M-14, MovedFrom13, OS-Linux, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, bulkmove","Stable",,"","cev...@chromium.org","build with -fPIE","Mar 21, 2013 20:56:19",1363899379,"Oct 04, 2010 22:51:33",1286232693,"Jun 24, 2011 05:04:54",1308891894,"wbr...@gmail.com","2011-2837"
58008,"High","Cr-Blink, M-7, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Bad cast casting parent class obj InlineFlowBox to child class obj RootInlineBox","Apr 06, 2013 02:04:35",1365213875,"Oct 05, 2010 18:51:46",1286304706,"Oct 07, 2010 22:01:55",1286488915,"infe...@chromium.org",""
58053,"Medium","Cr-UI, Cr-UI-Notifications, M-8, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","john...@chromium.org","Crash in BallonViewImpl::DelayedClose()","Mar 21, 2013 21:01:05",1363899665,"Oct 05, 2010 21:56:05",1286315765,"Dec 10, 2010 23:39:45",1292024385,"eroman@chromium.org",""
58069,"Low","Cr-Internals, Cr-Internals-Core, M-14, OS-Windows, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","jsc...@chromium.org","Windows Sandbox allows access to the console.","Mar 21, 2013 20:56:18",1363899378,"Oct 05, 2010 22:45:32",1286318732,"Jul 26, 2011 22:30:09",1311719409,"rvargas@chromium.org",""
58319,"Low","Cr-Blink, M-8, Pri-2, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","j...@chromium.org","Browser crash - creating unlimited number of File Dialogs","Apr 06, 2013 02:04:15",1365213855,"Oct 07, 2010 17:42:36",1286473356,"Oct 16, 2010 16:50:32",1287247832,"cagret@gmail.com",""
58657,"High","Cr-Blink, M-7, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jsc...@chromium.org","Bad cast on SVG use element due to mismatched shadow and instance pointers","Apr 06, 2013 02:03:55",1365213835,"Oct 10, 2010 00:39:00",1286671140,"Oct 18, 2010 01:25:19",1287365119,"kuz...@gmail.com",""
58731,"High","CVE-2010-4008, Cr-Internals, M-7, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","cev...@chromium.org","Invalid memory access (with possible avenue to corruption)  in the xpath handling libxml","Mar 21, 2013 20:56:17",1363899377,"Oct 11, 2010 07:51:11",1286783471,"Oct 16, 2010 01:01:49",1287190909,"min...@bkav.com.vn","2010-4008"
58741,"High","CVE-2011-3243, Cr-Blink, Cr-Content-Core, M-7, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove, reward-500","Stable",500,"accept","rn...@chromium.org","Use after free in HTMLTextFormControlElement::selection()","Apr 06, 2013 02:03:51",1365213831,"Oct 11, 2010 11:23:50",1286796230,"Oct 15, 2010 01:54:07",1287107647,"vkouc...@gmail.com","2011-3243"
59036,"High","Cr-Internals, M-8, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1337","None",1337,"accept","cev...@chromium.org","PDF JS engine doesn't work in 64 bit","Mar 21, 2013 20:47:14",1363898834,"Oct 13, 2010 12:36:21",1286973381,"Oct 28, 2010 22:19:07",1288304347,"aohelin",""
59081,"Low","CVE-2011-0166, M-9, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Security: do not allow on-page drag-and-drop from non-same-origin frames (or require an extra gesture)","Mar 21, 2013 20:56:16",1363899376,"Oct 13, 2010 19:01:49",1286996509,"Nov 12, 2010 18:21:07",1289586067,"lcam...@gmail.com","2011-0166"
59314,"High","Cr-Blink, M-8, OS-All, Pri-2, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","secur...@chromium.org","[Merge] Blob / BlobBuilder can be put into bad state with wild integers and strings, due to integer overflows","Apr 06, 2013 02:03:08",1365213788,"Oct 15, 2010 03:41:50",1287114110,"May 15, 2012 21:36:31",1337117791,"infe...@chromium.org",""
59320,"High","Cr-Blink, M-7, OS-Linux, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","cev...@chromium.org","Segfault in x86_64/memset.S below SkScalerContext::getImage on Linux","Apr 06, 2013 02:03:06",1365213786,"Oct 15, 2010 05:33:51",1287120831,"Oct 19, 2010 02:46:52",1287456412,"aohelin",""
59554,"High","Cr-Blink, Crash-Reproducible, M-7, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove, reward-500","Stable",500,"accept","mihaip@chromium.org","Use after free when encountering history.back() call during Page::goToItem execution","Apr 06, 2013 02:02:45",1365213765,"Oct 18, 2010 09:27:35",1287394055,"Nov 05, 2010 00:10:56",1288915856,"geki...@gmail.com",""
59593,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Stale pointer in WebCore::ThreadTimers::sharedTimerFiredInternal","Apr 06, 2013 02:02:42",1365213762,"Oct 18, 2010 17:38:59",1287423539,"Oct 29, 2010 17:51:38",1288374698,"jsc...@chromium.org",""
59817,"Low","Cr-Internals, M-8, OS-Linux, OS-Mac, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, Verifier-Deepakg","Stable",,"","","Security:  Add .html and .htm to the dangerous extensions list for OSX and OS_POSIX","Mar 21, 2013 20:56:15",1363899375,"Oct 19, 2010 18:54:01",1287514441,"Oct 20, 2010 01:20:28",1287537628,"b...@google.com",""
60013,"High","Cr-Blink, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","morrita@google.com","RenderIndicator childs not laid out at all.","Apr 06, 2013 02:01:56",1365213716,"Oct 20, 2010 22:15:47",1287612947,"Nov 05, 2010 02:30:04",1288924204,"chromium.cdn@gmail.com",""
60055,"High","Cr-Internals, Cr-Internals-Media, M-7, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","scherkus@chromium.org","WebM crash in vp8_setup_intra_recon()","Mar 21, 2013 20:56:14",1363899374,"Oct 21, 2010 03:29:23",1287631763,"Oct 23, 2010 07:33:03",1287819183,"scarybea...@gmail.com",""
60238,"High","Cr-Blink, Cr-Stability, M-7, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","infe...@chromium.org","Use after free of m_frame in FrameLoader::loadWithDocumentLoader","Apr 06, 2013 02:01:33",1365213693,"Oct 22, 2010 02:24:48",1287714288,"Oct 26, 2010 16:10:50",1288109450,"gundl...@gmail.com",""
60327,"High","Cr-Blink, M-7, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove, reward-500","Stable",500,"accept","chromium.cdn@gmail.com","Bad cast to MouseEvent in Node::defaultEventHandler()","Apr 06, 2013 02:01:26",1365213686,"Oct 22, 2010 17:34:08",1287768848,"Oct 25, 2010 19:39:37",1288035577,"fam....@live.nl",""
60496,"Low","Cr-Blink, Cr-Blink-JavaScript, Cr-Internals, Cr-Stability, M-13, MovedFrom-10, MovedFrom-11, MovedFrom-9, MovedFrom12, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Speed tracer + AdBlock = Renderer Crash @ v8::internal::Invoke","Apr 06, 2013 03:27:30",1365218850,"Oct 24, 2010 19:53:56",1287950036,"May 02, 2011 17:57:43",1304359063,"fam....@live.nl",""
60653,"Medium","Cr-Blink, Cr-Blink-CSS, M-14, Merge-Merged-835, Merge-Merged-874, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-CodeYellow, Stability-Valgrind, Type-Bug-Security","Stable",,"","adamk@chromium.org","Memory error inside WTF::String::format","Apr 06, 2013 05:01:56",1365224516,"Oct 26, 2010 00:00:11",1288051211,"Sep 14, 2011 02:17:34",1315966654,"thestig@chromium.org",""
60688,"High","Cr-Blink, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jsc...@chromium.org","chrome_55000000!WebCore::FEBlend::apply+0x1a5","Apr 06, 2013 02:01:00",1365213660,"Oct 26, 2010 06:01:23",1288072883,"Oct 28, 2010 00:01:37",1288224097,"woo...@gmail.com",""
60695,"High","Cr-Blink, Cr-Content-Core, M-7, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Bad cast in RenderView docheight,docwidth calc due to adding non box childs  ","Apr 06, 2013 02:00:59",1365213659,"Oct 26, 2010 07:37:19",1288078639,"Oct 27, 2010 19:52:23",1288209143,"skylined@chromium.org",""
60761,"Medium","Cr-Internals, Cr-Platform-Extensions, M-8, OS-All, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","tessa...@chromium.org","chrome_1c30000!TabContents::RemoveInfoBar(class InfoBarDelegate * delegate = 0x05dfe700)+0x1dfull tab crash","Mar 21, 2013 21:01:04",1363899664,"Oct 26, 2010 17:03:08",1288112588,"Dec 03, 2010 04:18:01",1291349881,"kuz...@gmail.com",""
60769,"High","Cr-Blink, M-7, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","more bad casts in event handling.","Apr 06, 2013 02:00:54",1365213654,"Oct 26, 2010 17:48:59",1288115339,"Oct 26, 2010 22:27:44",1288132064,"infe...@chromium.org",""
61158,"High","Cr-Blink, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","rn...@chromium.org","Use after free in ApplyStyleCommand::removeInlineStyle","Apr 06, 2013 02:00:22",1365213622,"Oct 28, 2010 23:27:52",1288308472,"Nov 10, 2010 01:03:08",1289350988,"infe...@chromium.org",""
61255,"High","Cr-Internals, M-7, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","chromium.cdn@gmail.com","Bad cast in PageClickTracker::handleEvent","Mar 21, 2013 20:56:10",1363899370,"Oct 29, 2010 22:02:20",1288389740,"Oct 29, 2010 23:10:54",1288393854,"infe...@chromium.org",""
61313,"High","Cr-Blink, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","rn...@chromium.org","Use after free related to ApplyBlockElementCommand::formatSelection","Apr 06, 2013 02:00:03",1365213603,"Oct 30, 2010 14:55:48",1288450548,"Nov 12, 2010 13:46:08",1289569568,"infe...@chromium.org",""
61338,"High","Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","cev...@chromium.org","pdf viewer segfault after js syntax error","Mar 21, 2013 20:47:07",1363898827,"Oct 30, 2010 21:11:57",1288473117,"Nov 01, 2010 22:32:46",1288650766,"aohelin",""
61502,"High","CVE-2011-1303, Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Floats left out of the incremental line break code due to failed image load.","Apr 06, 2013 01:59:54",1365213594,"Nov 01, 2010 22:19:05",1288649945,"Mar 18, 2011 22:37:39",1300487859,"shess@chromium.org","2011-1303"
61653,"Medium","Cr-Internals, Cr-Internals-Media, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","fbarch...@chromium.org","MSVR-10-0108 - Integer Overflow in Chrome's VP8 decoding leads to memory corruption","Mar 21, 2013 21:01:03",1363899663,"Nov 02, 2010 22:36:10",1288737370,"Nov 18, 2010 02:09:21",1290046161,"steve.ma...@gmail.com",""
61701,"Low","Cr-Internals, Cr-Internals-Network, OS-All, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cbentzel@chromium.org","Security: google chrome crashes when a request passes through a proxy and recieves a 407 HTTP error code from the server","Mar 21, 2013 20:56:09",1363899369,"Nov 03, 2010 08:47:37",1288774057,"Nov 05, 2010 20:28:43",1288988923,"mohammed...@gmail.com",""
62127,"High","M-8, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","cev...@chromium.org","faulty webm file causes segfault","Mar 21, 2013 20:56:08",1363899368,"Nov 05, 2010 20:59:42",1288990782,"Nov 08, 2010 05:44:54",1289195094,"miaubiz@gmail.com",""
62168,"Medium","Cr-Blink, Cr-Platform-DevTools, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","ca...@chromium.org","Bad cast in WebDevToolsFrontendImpl::dispatchOnInspectorFrontend","Apr 06, 2013 01:58:57",1365213537,"Nov 06, 2010 07:46:22",1289029582,"Nov 09, 2010 19:40:07",1289331607,"kuz...@gmail.com",""
62261,"High","Cr-Blink, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","jsc...@chromium.org","use after free in ContainerNode::willRemove","Apr 06, 2013 01:58:52",1365213532,"Nov 07, 2010 17:36:49",1289151409,"Nov 12, 2010 22:16:03",1289600163,"infe...@chromium.org",""
62276,"Medium","Cr-Internals, M-9, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","cev...@chromium.org","Out of bound memory access in webp decoder","Mar 21, 2013 21:01:01",1363899661,"Nov 07, 2010 22:15:07",1289168107,"Dec 21, 2010 15:23:57",1292945037,"undin...@gmail.com",""
62281,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free due to overhanging floats in LEGEND block","Apr 06, 2013 01:58:50",1365213530,"Nov 07, 2010 23:55:20",1289174120,"Nov 10, 2010 16:52:43",1289407963,"infe...@chromium.org",""
62293,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Bad cast in CSSStyleSelector::createTransformOperations","Apr 06, 2013 01:58:49",1365213529,"Nov 08, 2010 02:57:12",1289185032,"Nov 09, 2010 19:46:40",1289332000,"infe...@chromium.org",""
62296,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Bad cast from renderinline to renderbox in animations","Apr 06, 2013 01:58:49",1365213529,"Nov 08, 2010 04:12:05",1289189525,"Nov 09, 2010 19:34:21",1289331261,"infe...@chromium.org",""
62354,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","chromium.cdn@gmail.com","Bad cast in SVGImageBufferTools::renderSubtreeToImageBuffer","Apr 06, 2013 01:58:44",1365213524,"Nov 08, 2010 17:43:40",1289238220,"Nov 10, 2010 16:58:08",1289408288,"infe...@chromium.org",""
62358,"High","Cr-Internals, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","wjmacl...@chromium.org","Integer overflow in SVG Parsing","Mar 21, 2013 20:56:06",1363899366,"Nov 08, 2010 18:14:31",1289240071,"Dec 02, 2010 20:08:28",1291320508,"infe...@chromium.org",""
62401,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Crash in WebCore::SMILTimeContainer::begin","Apr 06, 2013 01:58:40",1365213520,"Nov 08, 2010 22:38:47",1289255927,"Nov 10, 2010 00:18:30",1289348310,"slaweck",""
62496,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Use after free in WebCore::StyleSheet","Apr 06, 2013 01:58:33",1365213513,"Nov 09, 2010 13:28:23",1289309303,"Dec 02, 2010 19:37:39",1291318659,"serg.gla...@gmail.com",""
62623,"High","Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","cev...@chromium.org","Crash at NULL IP in PDF when evaluating strange expression","Mar 21, 2013 20:47:02",1363898822,"Nov 10, 2010 02:34:13",1289356453,"Nov 10, 2010 21:28:20",1289424500,"scarybea...@gmail.com",""
62791,"Low","Cr-Internals, Cr-Platform-Extensions, M-9, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Crash loading invalid crx extension file","Mar 21, 2013 20:56:05",1363899365,"Nov 11, 2010 06:46:56",1289458016,"Nov 11, 2010 18:44:35",1289501075,"briankir...@gmail.com",""
62925,"High","Cr-Internals, M-15, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","b...@chromium.org","<Unloaded_S.DLL>+0x42cd17f crash","Mar 21, 2013 20:56:05",1363899365,"Nov 12, 2010 07:17:12",1289546232,"Aug 28, 2011 06:17:42",1314512262,"kuz...@gmail.com",""
62987,"High","Cr-Blink, M-8, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free in EventSource","Apr 06, 2013 01:57:54",1365213474,"Nov 12, 2010 17:29:06",1289582946,"Dec 02, 2010 18:30:42",1291314642,"infe...@chromium.org",""
63031,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Stale font accessed in WebCore::GlyphPage::glyphDataForCharacter","Apr 06, 2013 01:57:48",1365213468,"Nov 13, 2010 00:05:54",1289606754,"Nov 16, 2010 23:23:48",1289949828,"infe...@chromium.org",""
63051,"Medium","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Stable",500,"accept","infe...@chromium.org","chrome_6dc70000!WebCore::EventHandler::updateSelectionForMouseDrag use after free","Apr 06, 2013 01:57:44",1365213464,"Nov 13, 2010 07:39:47",1289633987,"Nov 15, 2010 20:32:10",1289853130,"kuz...@gmail.com",""
63248,"High","Pri-0, Restrict-AddIssueComment-Commit, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","cev...@chromium.org","segfault in bundled PDF viewer (invalid read in strlen)","Mar 21, 2013 20:46:59",1363898819,"Nov 15, 2010 21:04:25",1289855065,"Nov 17, 2010 00:23:46",1289953426,"aohelin",""
63268,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Universal XSS via mutating style objects and read styles cross origins","Apr 06, 2013 01:57:26",1365213446,"Nov 15, 2010 23:29:06",1289863746,"Nov 16, 2010 23:30:38",1289950238,"infe...@chromium.org",""
63389,"Low","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Setting small numeric CSS values using setFloatValues changes that value on all pages until the browser is quit","Apr 06, 2013 01:57:16",1365213436,"Nov 16, 2010 22:16:10",1289945770,"Nov 17, 2010 04:27:27",1289968047,"infe...@chromium.org",""
63444,"High","M-8, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","cev...@chromium.org","Security: possible memory corruption (double-free) in XPath processing code","Mar 21, 2013 20:56:02",1363899362,"Nov 17, 2010 06:13:40",1289974420,"Nov 18, 2010 02:25:31",1290047131,"yangding...@gmail.com",""
63454,"Medium","Cr-Blink, Cr-Content-Core, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","rn...@chromium.org","Analyze integer wraps in WebCore::Range.","Apr 06, 2013 01:57:12",1365213432,"Nov 17, 2010 09:42:59",1289986979,"Dec 02, 2010 18:19:35",1291313975,"skylined@chromium.org",""
63495,"High","Cr-Blink, OS-Windows, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","jsc...@chromium.org","WebCore::NamedNodeMap::setAttributes() stale iterator","Apr 06, 2013 01:57:10",1365213430,"Nov 17, 2010 17:47:41",1290016061,"Jan 20, 2011 00:17:17",1295482637,"slaweck",""
63529,"Low","Cr-Internals, M-8, OS-All, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Security: Segfault when dealing with Web Workers and MessageChannels","Mar 21, 2013 20:56:01",1363899361,"Nov 17, 2010 21:31:35",1290029495,"Dec 02, 2010 18:39:56",1291315196,"nweiz@google.com",""
63533,"High","Cr-Internals, Cr-Internals-Media, M-8, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, testcasenotadded","Stable",,"","scherkus@chromium.org","WebM Crash fix merge from M7","Mar 21, 2013 20:56:01",1363899361,"Nov 17, 2010 21:52:23",1290030743,"Nov 18, 2010 02:10:48",1290046248,"kerz@google.com",""
63732,"High","Cr-Internals, Cr-UI-Browser-TabContents, M-9, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove, reward-500","Stable",500,"accept","a...@chromium.org","Browser crash @ JavaScriptAppModalDialog::Cleanup()","Mar 21, 2013 20:56:01",1363899361,"Nov 19, 2010 09:13:53",1290158033,"Feb 10, 2011 21:33:35",1297373615,"avrelian...@gmail.com",""
63866,"Medium","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-1000","Stable",1000,"accept","chromium.cdn@gmail.com","WebKit CSS Font Face Parsing Type Confusion","Apr 06, 2013 01:56:47",1365213407,"Nov 20, 2010 04:36:22",1290227782,"Dec 02, 2010 18:49:07",1291315747,"chris.ro...@gmail.com",""
63924,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","chromium.cdn@gmail.com","Bad cast from RenderTableCol to RenderBlock in search css","Apr 06, 2013 01:56:41",1365213401,"Nov 20, 2010 21:33:46",1290288826,"Dec 02, 2010 18:25:34",1291314334,"infe...@chromium.org",""
63982,"High","Cr-Blink, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Memory corruption in RenderObjectChildList::removeChildNode","Apr 06, 2013 01:56:37",1365213397,"Nov 21, 2010 17:48:10",1290361690,"Dec 03, 2010 22:36:55",1291415815,"infe...@chromium.org",""
64046,"High","CVE-2011-1799, Cr-Blink, Cr-Content-Core, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","WebKit 49902 - chrome.dll!WebCore::toWebWidgetClient ReadAV@NULL (08ffd4f21a8c6465bb1e19a2f52e4bd5)","Apr 06, 2013 01:56:30",1365213390,"Nov 22, 2010 12:08:18",1290427698,"May 07, 2011 03:52:03",1304740323,"skylined@chromium.org","2011-1799"
64051,"High","Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-9, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","cev...@chromium.org","Crash after a PDF opens a print dialog @ CFX_DIBitmap::CompositeRect(int,int,int,int,unsigned long)","Apr 06, 2013 03:17:20",1365218240,"Nov 22, 2010 12:49:41",1290430181,"Dec 21, 2010 17:44:15",1292953455,"aohelin",""
64108,"High","Cr-Internals, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, spdy","Stable",,"","mbel...@chromium.org","Verify cross-origin push fails under SPDY","Mar 21, 2013 20:55:59",1363899359,"Nov 22, 2010 20:27:39",1290457659,"Dec 16, 2010 01:47:16",1292464036,"mbel...@chromium.org",""
64331,"High","Cr-Blink, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","morrita@google.com","Stale node being set as layout root when rendering meter, progress elements.","Apr 06, 2013 01:56:01",1365213361,"Nov 24, 2010 16:09:59",1290614999,"Dec 10, 2010 21:06:37",1292015197,"infe...@chromium.org",""
64456,"Low","Cr-Internals, Cr-Platform-Extensions, M-10, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","sker...@chromium.org","Chrome crashes when attempting to install a userscript.","Mar 21, 2013 20:55:58",1363899358,"Nov 26, 2010 00:14:27",1290730467,"Jan 04, 2011 20:14:20",1294172060,"badpazzword",""
64559,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Bad cast when selection changes for combo boxes.","Apr 06, 2013 01:55:42",1365213342,"Nov 28, 2010 06:25:46",1290925546,"Dec 02, 2010 18:37:28",1291315048,"infe...@chromium.org",""
64945,"High","Cr-Internals, Cr-Internals-Media, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","cev...@chromium.org","Crash when webp image is invalid","Mar 21, 2013 20:55:58",1363899358,"Dec 01, 2010 18:43:54",1291229034,"Dec 21, 2010 15:24:20",1292945060,"slaweck",""
64959,"High","Cr-Blink, M-8, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jsc...@chromium.org","Stale pointer in cursors DOM","Apr 06, 2013 01:55:01",1365213301,"Dec 01, 2010 20:46:53",1291236413,"Dec 08, 2010 02:16:48",1291774608,"serg.gla...@gmail.com",""
65299,"Medium","M-9, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-Medium, Type-Bug-Security, reward-500","None",500,"accept","cev...@chromium.org","Out of bound read when using modified webp file","Mar 21, 2013 21:00:59",1363899659,"Dec 03, 2010 16:34:05",1291394045,"Dec 21, 2010 15:24:36",1292945076,"chamal.d...@gmail.com",""
65577,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","chromium.cdn@gmail.com","Stale pointer - Document::resetFormElementsOwner","Apr 06, 2013 01:54:16",1365213256,"Dec 06, 2010 12:10:52",1291637452,"Jan 13, 2011 07:07:01",1294902421,"serg.gla...@gmail.com",""
65764,"High","Cr-Blink, M-8, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1337","Stable",1337,"accept","infe...@chromium.org","detachNodeIterator called on the wrong document object","Apr 06, 2013 01:54:01",1365213241,"Dec 07, 2010 20:10:29",1291752629,"Dec 10, 2010 21:16:03",1292015763,"serg.gla...@gmail.com",""
65796,"High","Cr-Blink, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Children of cloned anonymous blocks should set childreninline flag","Apr 06, 2013 01:54:00",1365213240,"Dec 07, 2010 23:03:39",1291763019,"Jan 10, 2011 20:55:52",1294692952,"infe...@chromium.org",""
65942,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","e...@chromium.org","Stale pointer in Range::processContents when modified during mutation event","Apr 06, 2013 01:53:52",1365213232,"Dec 08, 2010 22:10:10",1291846210,"Jan 10, 2011 22:03:47",1294697027,"jsc...@chromium.org",""
66334,"High","Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org"," button on PDFs","Apr 06, 2013 03:16:49",1365218209,"Dec 10, 2010 15:15:26",1291994126,"Dec 21, 2010 17:36:40",1292953000,"scarybea...@gmail.com",""
66473,"High","Cr-Blink, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","e...@chromium.org","Crash in ReplaceSelectionCommand::doApply when modified during mutation event ","Apr 06, 2013 01:53:28",1365213208,"Dec 10, 2010 21:32:15",1292016735,"Jan 10, 2011 21:54:37",1294696477,"e...@chromium.org",""
66560,"High","Cr-Blink, M-8, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jsc...@chromium.org","Stale pointer in CSSCanvasValue","Apr 06, 2013 01:53:21",1365213201,"Dec 11, 2010 19:49:37",1292096977,"Jan 10, 2011 20:59:42",1294693182,"serg.gla...@gmail.com",""
66718,"Low","Cr-Internals-GPU-VendorSpecific, M-10, OS-Linux, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","zmo@chromium.org","webgl page causes X server crash","Mar 21, 2013 20:55:55",1363899355,"Dec 13, 2010 19:04:33",1292267073,"Jan 19, 2011 22:12:20",1295475140,"evan@chromium.org",""
66748,"High","Cr-Blink, Crash-Reproducible, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, SVG, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove, reward-500","Stable",500,"accept","jsc...@chromium.org","CSSCursorImageValue not clearing SVGElement back pointer","Apr 06, 2013 01:53:04",1365213184,"Dec 13, 2010 22:20:30",1292278830,"Jan 10, 2011 21:21:37",1294694497,"jan.toso...@gmail.com",""
66760,"High","Cr-Blink, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","ZDI-CAN-968: Apple Webkit Font Glyph Layout Remote Code Execution Vulnerability","Apr 06, 2013 01:53:03",1365213183,"Dec 14, 2010 00:09:30",1292285370,"Jan 10, 2011 21:15:33",1294694133,"jsc...@chromium.org",""
66931,"Low","Cr-Internals, Cr-Internals-Network, M-9, OS-Mac, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Stability-Crash, Type-Bug-Security, Verifier-Deepakg, bulkmove","Stable",,"","rsleevi@chromium.org","Google Chrome crashes at https://webmail.afmc.af.mil/Exchange","Mar 21, 2013 20:55:54",1363899354,"Dec 15, 2010 03:05:47",1292382347,"Jan 13, 2011 07:20:14",1294903214,"dmorr...@gmail.com",""
66962,"Low","CVE-2011-1186, M-10, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","tsepez@chromium.org","browser crash when reproducing issue #64051","Mar 21, 2013 20:55:54",1363899354,"Dec 15, 2010 08:27:32",1292401652,"Jan 13, 2011 22:22:41",1294957361,"aohelin","2011-1186"
66986,"High","Cr-Blink, Cr-Content-Core, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Reparenting error due to double merge of anonymous blocks in removeChild","Apr 06, 2013 01:52:45",1365213165,"Dec 15, 2010 14:40:20",1292424020,"Jan 10, 2011 21:01:34",1294693294,"skylined@chromium.org",""
67100,"High","Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Crash in PDF form event handling when deleting page from underneath self","Apr 06, 2013 03:16:41",1365218201,"Dec 16, 2010 02:00:55",1292464855,"Dec 21, 2010 17:03:36",1292951016,"scarybea...@gmail.com",""
67208,"High","Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000, reward-decline","Stable",1000,"decline","cev...@chromium.org","VU#821271 Exception generated by code running in the Stack","Apr 06, 2013 03:16:39",1365218199,"Dec 16, 2010 21:56:34",1292536594,"Dec 22, 2010 02:41:37",1292985697,"jared.al...@gmail.com",""
67234,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Webkit crashes during animation event processing","Apr 06, 2013 01:52:30",1365213150,"Dec 17, 2010 00:50:25",1292547025,"Feb 09, 2011 21:00:12",1297285212,"infe...@chromium.org",""
67303,"High","Cr-Blink, Cr-Internals-Media, M-8, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","cev...@chromium.org","renderer crash when playing a corrupt webm video","Apr 06, 2013 01:52:25",1365213145,"Dec 17, 2010 13:35:36",1292592936,"Jan 08, 2011 00:57:07",1294448227,"aohelin",""
67363,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","jsc...@chromium.org","EXTERNAL-REPORT: SVGElementInstance::m_useElement not cleared on corresponding use element destruction","Apr 06, 2013 01:52:20",1365213140,"Dec 17, 2010 21:18:02",1292620682,"Jan 10, 2011 21:56:41",1294696601,"scarybea...@gmail.com",""
67393,"Medium","Cr-Internals, M-8, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Freeing invalid uninitialized pointer to bug_report_ object","Mar 21, 2013 21:00:58",1363899658,"Dec 18, 2010 02:32:49",1292639569,"Jan 11, 2011 20:47:57",1294778877,"kuz...@gmail.com",""
67577,"Low","Cr-Internals, Cr-UI-Browser-Downloads, OS-All, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cev...@chromium.org","Switch .jar and .class to always-warn","Mar 21, 2013 20:55:51",1363899351,"Dec 20, 2010 17:27:54",1292866074,"Dec 22, 2010 02:32:41",1292985161,"cjava...@gmail.com",""
67923,"High","CVE-2011-1793, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Stale pointer in SVGImage","Apr 06, 2013 01:51:44",1365213104,"Dec 23, 2010 18:42:51",1293129771,"May 02, 2011 23:26:00",1304378760,"jsc...@chromium.org","2011-1793"
67968,"High","Cr-Blink, M-9, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free due to adjacent floats not cleared properly from parents","Apr 06, 2013 01:51:42",1365213102,"Dec 24, 2010 15:25:58",1293204358,"Feb 02, 2011 02:38:58",1296614338,"infe...@chromium.org",""
68062,"Medium","Cr-Blink, M-9, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","jsc...@chromium.org","OOB read crash in SVG length list parsing algorithm","Apr 06, 2013 01:51:36",1365213096,"Dec 27, 2010 06:43:41",1293432221,"Jan 10, 2011 21:09:32",1294693772,"infe...@chromium.org",""
68115,"High","M-8, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000, reward-decline","Stable",1000,"decline","cev...@chromium.org","Memory corruption with bad Vorbis streams (from CERT)","Mar 21, 2013 20:55:50",1363899350,"Dec 27, 2010 20:28:02",1293481682,"Jan 08, 2011 01:06:07",1294448767,"scarybea...@gmail.com",""
68120,"High","Cr-Blink, Cr-Content-Core, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jsc...@chromium.org","Stale pointer in CSSFontFaceSource::m_svgFontFaceElement","Apr 06, 2013 01:51:31",1365213091,"Dec 27, 2010 22:37:44",1293489464,"Feb 09, 2011 21:02:46",1297285366,"miaubiz@gmail.com",""
68170,"High","Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","cev...@chromium.org","invalid free() in bundled pdf viewer","Apr 06, 2013 03:16:36",1365218196,"Dec 28, 2010 18:48:11",1293562091,"Dec 28, 2010 22:54:06",1293576846,"aohelin",""
68178,"High","Cr-Blink, M-8, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jsc...@chromium.org","Bad cast in FrameView::scrollToAnchor","Apr 06, 2013 01:51:23",1365213083,"Dec 28, 2010 20:30:37",1293568237,"Jan 10, 2011 21:19:38",1294694378,"serg.gla...@gmail.com",""
68181,"High","Cr-Blink, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Bad cast in MediaDocument::defaultEventHandler","Apr 06, 2013 01:51:23",1365213083,"Dec 28, 2010 21:23:55",1293571435,"Jan 10, 2011 21:17:29",1294694249,"serg.gla...@gmail.com",""
68244,"Low","Cr-Internals, Cr-Internals-Media, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Stability-Crash, Type-Bug-Security, Verifier-Deepakg, bulkmove, testcasenotadded","Stable",,"","infe...@chromium.org","Playing audio with volume set to undefined crashes browser","Mar 21, 2013 20:55:48",1363899348,"Dec 29, 2010 17:42:14",1293644534,"Jan 11, 2011 22:03:05",1294783385,"matthew....@gmail.com",""
68263,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","e...@chromium.org","Use after free in Style Sheets","Apr 06, 2013 01:51:20",1365213080,"Dec 29, 2010 22:38:14",1293662294,"Feb 09, 2011 20:50:19",1297284619,"serg.gla...@gmail.com",""
68342,"High","Cr-Blink, Cr-Content-Core, M-10, Pri-1, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove, reward-500, reward-inprocess","Stable",500,"inprocess","satish@chromium.org","Aw snap on github.com with voice search extension installed","Apr 06, 2013 01:51:14",1365213074,"Dec 31, 2010 08:20:21",1293783621,"Feb 01, 2011 23:43:40",1296603820,"temp01...@gmail.com",""
68439,"High","Cr-Blink, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Destroying nextblock in RenderBlock::removeChild can cause oldChild and nextblock's next sibling to be merged.","Apr 06, 2013 01:51:09",1365213069,"Jan 03, 2011 03:32:15",1294025535,"Jan 10, 2011 21:04:04",1294693444,"MartyBar...@gmail.com",""
68558,"High","Cr-Blink, M-8, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Stale pointers in CSSOM - CSSRuleList::deleteRule and CSSStyleSheet::deleteRule","Apr 06, 2013 01:50:56",1365213056,"Jan 04, 2011 22:32:07",1294180327,"Jan 10, 2011 21:24:03",1294694643,"serg.gla...@gmail.com",""
68641,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","chromium.cdn@gmail.com","Stale form associated element pointer in Document object","Apr 06, 2013 01:50:49",1365213049,"Jan 05, 2011 18:05:36",1294250736,"Jan 13, 2011 07:03:40",1294902220,"chromium.cdn@gmail.com",""
68666,"Critical","Cr-Internals, M-8, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security, reward-3133","Stable",3133,"accept","satish@chromium.org","Browser crash in HTML5 speech UI","Mar 21, 2013 21:08:05",1363900085,"Jan 05, 2011 20:58:00",1294261080,"Jan 12, 2011 00:29:20",1294792160,"serg.gla...@gmail.com",""
68741,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","","Stale pointers in CSSOM - 2","Apr 06, 2013 01:50:42",1365213042,"Jan 06, 2011 17:09:25",1294333765,"Feb 09, 2011 20:54:03",1297284843,"infe...@chromium.org",""
68766,"Low","Cr-Internals, Cr-Internals-Network, M-10, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","jam@chromium.org","Chrome: Crash Report - Stack Signature: net::HttpStreamFactory::~HttpStreamFactory()-2A77B8F","Mar 21, 2013 20:55:45",1363899345,"Jan 06, 2011 20:12:40",1294344760,"Jan 28, 2011 02:33:20",1296182000,"willchan@chromium.org",""
69106,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","ZDI-CAN-1009: Apple Webkit setOuterText Memory Corruption Remote Code Execution Vulnerability","Apr 06, 2013 01:50:20",1365213020,"Jan 10, 2011 20:00:23",1294689623,"Jan 11, 2011 22:51:08",1294786268,"infe...@chromium.org",""
69187,"Medium","CVE-2011-1187, M-10, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-1337","Stable",1337,"accept","rossb...@chromium.org","Error prototypes are called on remote scripts","Mar 21, 2013 21:00:57",1363899657,"Jan 11, 2011 04:17:40",1294719460,"Apr 24, 2012 14:06:17",1335276377,"evn@google.com","2011-1187"
69195,"Critical","Cr-Internals-Media, M-9, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security, testcaseadded","Stable",,"","cev...@chromium.org","playing Z-Type causes crash","Mar 21, 2013 21:08:05",1363900085,"Jan 11, 2011 05:34:24",1294724064,"Jan 12, 2011 20:38:24",1294864704,"daniel.w...@gmail.com",""
69275,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free in scrollbars","Apr 06, 2013 01:50:05",1365213005,"Jan 11, 2011 19:34:40",1294774480,"Jan 11, 2011 22:56:09",1294786569,"infe...@chromium.org",""
69556,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Issue with merging anonymous block in renderblock::removechild (2)","Apr 06, 2013 01:49:46",1365212986,"Jan 13, 2011 17:00:30",1294938030,"Feb 02, 2011 02:40:35",1296614435,"infe...@chromium.org",""
69628,"High","CVE-2011-1188, Cr-Blink, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","chromium.cdn@gmail.com","Probable memory corruption in WebCore::CounterNode::lastDescendant","Apr 06, 2013 01:49:40",1365212980,"Jan 14, 2011 04:29:02",1294979342,"Feb 28, 2011 23:08:54",1298934534,"MartyBar...@gmail.com","2011-1188"
69640,"Medium","CVE-2011-1287, Cr-Blink, Cr-Content-Core, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","cev...@chromium.org","memcheck: read after free in third_party/icu/source/common/unormimp.h","Apr 06, 2013 01:49:39",1365212979,"Jan 14, 2011 08:18:08",1294993088,"Feb 09, 2011 23:17:43",1297293463,"kcc@chromium.org","2011-1287"
69934,"High","Cr-Blink, M-14, OS-Linux, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Stability-Valgrind, Type-Bug-Security","Stable",,"","anan...@chromium.org","Use after free in LayoutPluginTester.SelfDeletePluginInvoke","Apr 06, 2013 01:49:19",1365212959,"Jan 18, 2011 10:47:33",1295347653,"Jul 28, 2011 13:56:23",1311861383,"hb...@chromium.org",""
69970,"Medium","Cr-Blink, Cr-Blink-JavaScript, M-9, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","jap...@chromium.org","Invalid read in convertV8ObjectToNPVariant","Apr 06, 2013 03:27:08",1365218828,"Jan 18, 2011 17:54:29",1295373269,"Feb 02, 2011 02:37:00",1296614220,"jsc...@chromium.org",""
70027,"High","ApprovedForMerge, CVE-2011-1189, Cr-Blink, M-10, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Stale text node in linebox due to failure to dirty linebox when that text child is dirtied","Apr 06, 2013 01:49:11",1365212951,"Jan 19, 2011 00:14:53",1295396093,"Feb 28, 2011 21:31:02",1298928662,"MartyBar...@gmail.com","2011-1189"
70070,"Critical","Cr-Internals, Cr-Internals-GPU-WebGL, Cr-Internals-Graphics, M-10, Needs-Feedback, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Critical, Stability-Crash, Type-Bug-Security, bulkmove,","Stable",500,"decline","vangelis@chromium.org","WebGL crashes depending on uniform names","Mar 21, 2013 21:08:04",1363900084,"Jan 19, 2011 06:55:35",1295420135,"Mar 30, 2011 21:49:51",1301521791,"yuri.ko...@gmail.com",""
70078,"High","Cr-Blink, Cr-Stability, M-9, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500, reward-decline","Stable",500,"decline","tkent@chromium.org","Crash by form controls with form attributes under orphan nodes","Apr 06, 2013 01:49:06",1365212946,"Jan 19, 2011 08:18:57",1295425137,"Feb 14, 2011 17:51:17",1297705877,"stefanva...@gmail.com",""
70165,"Critical","Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-Critical, Type-Bug-Security, reward-1337","None",1337,"accept","satish@chromium.org","Use after free in speech API","Apr 06, 2013 01:48:57",1365212937,"Jan 19, 2011 21:31:57",1295472717,"Jan 20, 2011 16:41:44",1295541704,"serg.gla...@gmail.com",""
70244,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","wjmacl...@chromium.org","height of <rect> - integer overflow(?)","Apr 06, 2013 01:48:51",1365212931,"Jan 20, 2011 14:26:37",1295533597,"Feb 28, 2011 23:12:39",1298934759,"slaweck",""
70336,"Medium","CVE-2011-1190, Cr-Blink, M-10, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Stable",500,"accept","levin@chromium.org","Cross-origin Javascript error message leak via Worker importScripts()","Apr 06, 2013 01:48:41",1365212921,"Jan 21, 2011 03:58:42",1295582322,"Feb 14, 2011 17:55:22",1297706122,"scarybea...@gmail.com","2011-1190"
70376,"Medium","Cr-Internals, M-9, OS-Linux, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory, Stability-Valgrind, Type-Bug-Security, bulkmove","Stable",,"","euge...@chromium.org","Pickle::FindNext reads payload_size without checking that the header is complete","Apr 01, 2013 15:53:18",1364831598,"Jan 21, 2011 12:19:05",1295612345,"Feb 09, 2011 23:12:51",1297293171,"euge...@chromium.org",""
70442,"High","CVE-2011-1191, Cr-Blink, M-10, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, bulkmove, reward-1000","Stable",1000,"accept","jia...@chromium.org","Use after free in WebCore::DOMURL","Apr 06, 2013 01:48:36",1365212916,"Jan 21, 2011 21:08:24",1295644104,"Feb 09, 2011 23:00:25",1297292425,"serg.gla...@gmail.com","2011-1191"
70456,"Medium","Cr-Internals, M-9, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-1000, reward-decline","Stable",1000,"decline","cev...@chromium.org","OOM handler not always properly terminating process","Mar 21, 2013 21:00:55",1363899655,"Jan 21, 2011 23:53:38",1295654018,"Feb 02, 2011 00:39:33",1296607173,"scarybea...@gmail.com",""
70538,"Low","CVE-2011-1304, M-11, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cev...@chromium.org","Open popup in new tab using java applet","Mar 21, 2013 20:55:39",1363899339,"Jan 23, 2011 15:38:00",1295797080,"Feb 03, 2011 07:05:32",1296716732,"chamal.d...@gmail.com","2011-1304"
70589,"Medium","CVE-2011-1305, Cr-Blink, M-11, OS-Linux, OS-Mac, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","phajdan.jr@chromium.org","race on a linked list in third_party/WebKit/Source/WebCore/platform/sql/chromium/SQLiteFileSystemChromiumPosix.cpp","Apr 06, 2013 01:48:26",1365212906,"Jan 24, 2011 09:11:40",1295860300,"Mar 18, 2011 00:34:08",1300408448,"kcc@chromium.org","2011-1305"
70718,"Medium","M-9, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","kbr@chromium.org","crashes when opening a page with webgl","Mar 21, 2013 21:00:55",1363899655,"Jan 25, 2011 07:44:03",1295941443,"Jan 29, 2011 01:12:06",1296263526,"aohelin",""
70779,"Medium","CVE-2011-1192, Cr-Blink, Cr-Content-Core, M-10, OS-Linux, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","scarybea...@gmail.com","width of boundingClientRect for Range with unicode combining characters is corrupted ","Apr 06, 2013 01:48:11",1365212891,"Jan 25, 2011 17:11:43",1295975503,"Feb 09, 2011 23:24:38",1297293878,"miaubiz@gmail.com","2011-1192"
70877,"High","CVE-2011-1193, M-10, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1337","Stable",1337,"accept","a...@chromium.org","Arbitrary cross-origin bypass using SyntaxError and Number prototype overrides","Mar 21, 2013 20:55:38",1363899338,"Jan 26, 2011 05:09:01",1296018541,"Feb 14, 2011 09:23:53",1297675433,"scarybea...@gmail.com","2011-1193"
70885,"Low","CVE-2011-1194, Cr-Blink, Cr-UI-Browser-PopupBlocker, M-9, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","j...@chromium.org","Bypass popup blocker using iframe","Apr 06, 2013 01:48:06",1365212886,"Jan 26, 2011 08:27:02",1296030422,"Feb 10, 2011 17:07:24",1297357644,"chamal.d...@gmail.com","2011-1194"
71027,"Medium","Cr-Internals, Cr-UI-Browser-Downloads, Cr-UI-Browser-Incognito, Pri-1, Restrict-AddIssueComment-Commit, Security, Security_Impact-Stable, Security_Severity-Medium, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","battre@chromium.org","REGRESSION: crash after download and close window (only in incognito)","Mar 21, 2013 21:00:54",1363899654,"Jan 27, 2011 09:03:51",1296119031,"Jan 28, 2011 11:04:25",1296212665,"geki...@gmail.com",""
71114,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Stale pointer due to table childs incorrect added","Apr 06, 2013 01:47:43",1365212863,"Jan 27, 2011 22:08:26",1296166106,"Feb 09, 2011 21:37:47",1297287467,"MartyBar...@gmail.com",""
71115,"High","Cr-Blink, Cr-Content-Core, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Stale pointer in WebCore::RenderTable::firstLineBoxBaseline","Apr 06, 2013 01:47:43",1365212863,"Jan 27, 2011 22:26:51",1296167211,"Feb 09, 2011 20:56:31",1297284991,"MartyBar...@gmail.com",""
71167,"Low","CVE-2011-1194, Cr-Blink, Cr-UI-Browser-PopupBlocker, M-10, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","j...@chromium.org","Bypass popup blocker using custom event (variation of issue 3275)","Apr 06, 2013 01:47:38",1365212858,"Jan 28, 2011 06:45:54",1296197154,"Feb 10, 2011 17:04:52",1297357492,"chamal.d...@gmail.com","2011-1194"
71296,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jsc...@chromium.org","Stale iterator in SVGDocumentExtensions::startAnimations()","Apr 06, 2013 01:47:24",1365212844,"Jan 29, 2011 23:57:04",1296345424,"Feb 09, 2011 22:18:59",1297289939,"miaubiz@gmail.com",""
71386,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Stale nodes in Document::recalcStyleSelector","Apr 06, 2013 01:47:19",1365212839,"Jan 31, 2011 08:55:53",1296464153,"Feb 09, 2011 21:19:28",1297286368,"woo...@gmail.com",""
71388,"High","Cr-Blink, Cr-Content-Core, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Security:WebCore::HTMLTextAreaElement::updateValue+0xf","Apr 06, 2013 01:47:18",1365212838,"Jan 31, 2011 08:59:00",1296464340,"Feb 09, 2011 21:15:38",1297286138,"woo...@gmail.com",""
71545,"High","Cr-Blink, Cr-Blink-JavaScript, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","","Chrome_Mac: Crash Report - Stack Signature: WebKit::NotificationPresenterImpl::checkPermission-5428423","Apr 06, 2013 03:26:58",1365218818,"Feb 01, 2011 14:07:05",1296569225,"Feb 28, 2011 21:35:57",1298928957,"kcc@chromium.org",""
71551,"High","Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-CodeYellow, Stability-Crash, Stability-Memory-AddressSanitizer, Type-Bug-Security, ","Beta, Stable",,"","micha...@chromium.org","Cross_fuzz and ClusterFuzz crashes in WebCore::DatabaseTracker::removeOpenDatabase","Apr 06, 2013 01:47:07",1365212827,"Feb 01, 2011 15:32:21",1296574341,"Oct 15, 2011 07:31:43",1318663903,"kcc@chromium.org",""
71586,"Medium","CVE-2011-1434, Cr-Blink, Cr-Internals, Cr-Internals-Plugins, M-11, OS-Linux, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory, Stability-ThreadSanitizer, Stability-Valgrind,","Stable",500,"accept","tsepez@chromium.org","race in base/third_party/xdg_mime (crasher)","Apr 06, 2013 04:26:35",1365222395,"Feb 01, 2011 20:46:08",1296593168,"Apr 14, 2011 18:50:46",1302807046,"aohelin","2011-1434"
71595,"High","Cr-Blink, Cr-Content-Core, M-9, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","chromium.cdn@gmail.com","Stale pointer in DeviceOrientationController::didChangeDeviceOrientation()","Apr 06, 2013 01:47:04",1365212824,"Feb 01, 2011 21:22:51",1296595371,"Feb 09, 2011 21:06:04",1297285564,"serg.gla...@gmail.com",""
71601,"Medium","Cr-Internals, Cr-UI-Browser-Autofill, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","isherman@chromium.org","Switch to https by default in autofill toolbar server queries","Mar 21, 2013 21:00:53",1363899653,"Feb 01, 2011 22:07:03",1296598023,"Aug 12, 2011 04:16:23",1313122583,"infe...@chromium.org",""
71717,"Medium","Cr-Internals-GPU-WebGL, M-9, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","","webgl causes segfault","Mar 21, 2013 21:00:53",1363899653,"Feb 02, 2011 22:49:03",1296686943,"Feb 11, 2011 23:14:24",1297466064,"miaubiz@gmail.com",""
71734,"High","CVE-2011-1289, Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Security: accessing DataView methods with negative index could cause crash","Apr 06, 2013 01:46:52",1365212812,"Feb 03, 2011 01:09:01",1296695341,"Feb 09, 2011 21:09:42",1297285782,"jia...@chromium.org","2011-1289"
71763,"High","CVE-2011-1195, Cr-Blink, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","","use-after-free when document.close and document.write are called after requesting a non-existing script","Apr 06, 2013 01:46:49",1365212809,"Feb 03, 2011 10:32:12",1296729132,"Feb 28, 2011 21:36:52",1298929012,"miaubiz@gmail.com","2011-1195"
71788,"High","CVE-2011-1196, Cr-Blink, Cr-Content-WebApps, Cr-Internals, Cr-Internals-Media, M-10, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Memory corruption playing back specially crafted .ogg vorbis file.","Apr 06, 2013 01:46:46",1365212806,"Feb 03, 2011 14:56:38",1296744998,"Feb 28, 2011 19:48:22",1298922502,"skylined@chromium.org","2011-1196"
71855,"High","Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","stale pointer in WebCore::RenderBlock::insertFloatingObject","Apr 06, 2013 01:46:40",1365212800,"Feb 03, 2011 22:50:16",1296773416,"Feb 09, 2011 22:14:05",1297289645,"miaubiz@gmail.com",""
71960,"Medium","Cr-Blink, Cr-Internals-GPU-WebGL, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","g...@chromium.org","OOB Read in WebGL due to integer overflows","Apr 06, 2013 01:46:31",1365212791,"Feb 04, 2011 17:50:51",1296841851,"Feb 10, 2011 00:41:40",1297298500,"infe...@chromium.org",""
72028,"High","ApprovedForMerge, CVE-2011-1197, Cr-Blink, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Stale continuation flow pointer for ContinuationOutlineTableMap","Apr 06, 2013 01:46:24",1365212784,"Feb 05, 2011 03:29:58",1296876598,"Feb 28, 2011 21:35:14",1298928914,"MartyBar...@gmail.com","2011-1197"
72134,"High","CVE-2011-1288, Cr-Blink, M-9, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Potential buffer overrun in SVGTextRunWalker::walk()","Apr 06, 2013 01:46:20",1365212780,"Feb 06, 2011 21:36:48",1297028208,"Feb 09, 2011 20:47:25",1297284445,"infe...@chromium.org","2011-1288"
72189,"Low","ApprovedForMerge, CVE-2011-1801, Cr-Internals, Cr-UI-Browser-PopupBlocker, M-11, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","jsc...@chromium.org","Bypass popup blocker using custom event and onMouseOver","Mar 21, 2013 20:55:31",1363899331,"Feb 07, 2011 14:34:25",1297089265,"May 19, 2011 18:33:46",1305830026,"chamal.d...@gmail.com","2011-1801"
72340,"High","Cr-Blink, M-10, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","","use after free in WebCore::RenderCounter::destroyCounterNode","Apr 06, 2013 01:46:05",1365212765,"Feb 08, 2011 20:54:56",1297198496,"Feb 28, 2011 23:32:25",1298935945,"miaubiz@gmail.com",""
72387,"High","Cr-Blink, Cr-Internals-Compositing, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","infe...@chromium.org","Out of bounds read in WebCore::LayerTilerChromium::invalidateRect (dev only)","Apr 06, 2013 01:46:03",1365212763,"Feb 09, 2011 03:22:38",1297221758,"Feb 10, 2011 16:58:27",1297357107,"MartyBar...@gmail.com",""
72437,"High","Cr-Blink, Cr-Internals, Cr-Internals-Plugins, M-9, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","bauerb@chromium.org","Crash in ContainerNodeAlgorithms.h with outdated ice-tea plugin","Apr 06, 2013 04:26:28",1365222388,"Feb 09, 2011 15:45:43",1297266343,"Feb 10, 2011 15:51:18",1297353078,"chamal.d...@gmail.com",""
72492,"Medium","CVE-2011-2822, Cr-Internals, M-13, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-1000","Stable",1000,"accept","cev...@chromium.org","Cross application unsafe redirect","Mar 21, 2013 21:00:52",1363899652,"Feb 09, 2011 22:28:28",1297290508,"Aug 06, 2011 06:35:01",1312612501,"d0z...@gmail.com","2011-2822"
72517,"High","ApprovedForMerge, CVE-2011-1291, Cr-Internals, M-10, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove, reward-500","Stable",500,"accept","brettw@chromium.org","Dev. console null character crash @ history::URLDatabase::GetMostRecentKeywordSearchTerms","Mar 21, 2013 20:55:29",1363899329,"Feb 10, 2011 03:07:13",1297307233,"Mar 18, 2011 02:31:41",1300415501,"alex.tur...@gmail.com","2011-1291"
72523,"Medium","CVE-2011-1435, Cr-Internals, M-11, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","tsepez@chromium.org"," resource","Mar 21, 2013 21:00:52",1363899652,"Feb 10, 2011 05:09:37",1297314577,"Feb 16, 2011 01:14:06",1297818846,"c...@three-fourths-infinity.com","2011-1435"
72832,"High","CVE-2011-2333, Cr-Blink, M-12, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Reliability issues with WebCore::RenderBlock due to use after free in floats","Apr 06, 2013 01:45:25",1365212725,"Feb 12, 2011 19:28:12",1297538892,"May 07, 2011 06:13:53",1304748833,"rsleevi@chromium.org","2011-2333"
72908,"High","CVE-2011-2807, Cr-Blink, M-13, OS-Mac, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","dim...@chromium.org","Freed timer heap element used","Apr 06, 2013 01:45:17",1365212717,"Feb 14, 2011 07:44:14",1297669454,"Jun 14, 2011 02:24:08",1308018248,"infe...@chromium.org","2011-2807"
72910,"Low","CVE-2011-1436, Cr-Internals, M-11, OS-Linux, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","derat@chromium.org","Browser crash/segfault when selecting very long option in select","Mar 21, 2013 20:55:28",1363899328,"Feb 14, 2011 09:27:54",1297675674,"Feb 23, 2011 00:20:57",1298420457,"miaubiz@gmail.com","2011-1436"
72936,"High","ApprovedForMerge, Cr-Blink, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Freed scrollbar in ScrollView::updateScrollbars","Apr 06, 2013 01:45:14",1365212714,"Feb 14, 2011 18:28:11",1297708091,"Feb 28, 2011 20:33:37",1298925217,"infe...@chromium.org",""
73026,"High","CVE-2011-1198, Cr-Internals, Cr-Internals-Media, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","cev...@chromium.org","dereference poisoned value in avcodec_52!ff_thread_decode_frame","Mar 21, 2013 20:55:27",1363899327,"Feb 15, 2011 16:26:20",1297787180,"Feb 28, 2011 19:48:32",1298922512,"tav...@gmail.com","2011-1198"
73066,"High","ApprovedForMerge, CVE-2011-1199, Cr-Blink, Cr-Internals-GPU, Cr-Internals-GPU-WebGL, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jia...@chromium.org","DataView constructor can be applied as a regular method","Apr 06, 2013 01:45:06",1365212706,"Feb 15, 2011 22:18:18",1297808298,"Feb 28, 2011 20:51:49",1298926309,"serg.gla...@gmail.com","2011-1199"
73134,"High","ApprovedForMerge, CVE-2011-1200, Cr-Blink, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Crash due to bad cast to rendertextfragment in updatefirstletter.","Apr 06, 2013 01:44:59",1365212699,"Feb 16, 2011 07:20:43",1297840843,"Feb 28, 2011 21:05:52",1298927152,"miaubiz@gmail.com","2011-1200"
73196,"High","ApprovedForMerge, CVE-2011-1201, Cr-Blink, Cr-Internals-GPU, Cr-Internals-GPU-WebGL, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-2000","Stable",2000,"accept","","Stale pointer in WebKitLoseContext","Apr 06, 2013 01:44:55",1365212695,"Feb 16, 2011 19:52:34",1297885954,"Feb 28, 2011 21:14:24",1298927664,"serg.gla...@gmail.com","2011-1201"
73216,"High","ApprovedForMerge, CVE-2011-1291, Cr-Blink, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Use after free of frame loader in DocumentLoader::commitLoad","Apr 06, 2013 01:44:54",1365212694,"Feb 16, 2011 21:43:44",1297892624,"Mar 18, 2011 02:49:49",1300416589,"slaweck","2011-1291"
73235,"High","ApprovedForMerge, Cr-Blink, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Stale pointer in WebCore::RenderBlock::lowestPosition","Apr 06, 2013 01:44:52",1365212692,"Feb 17, 2011 00:32:48",1297902768,"Feb 28, 2011 20:56:54",1298926614,"MartyBar...@gmail.com",""
73478,"Low","CVE-2011-3953, Cr-Blink, M-17, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, WebKit-ID-72056","Beta, Stable",,"","dcheng@chromium.org","Pages can continuously poll the OS clipboard for paste data","Apr 06, 2013 01:44:35",1365212675,"Feb 19, 2011 00:00:26",1298073626,"Nov 28, 2011 18:47:42",1322506062,"dcheng@chromium.org","2011-3953"
73526,"High","CVE-2011-1437, Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Floats not cleared to logical height wraps.","Apr 06, 2013 01:44:31",1365212671,"Feb 19, 2011 14:12:52",1298124772,"Mar 19, 2011 01:13:51",1300497231,"miaubiz@gmail.com","2011-1437"
73595,"High","ApprovedForMerge, CVE-2011-1293, Cr-Blink, M-10, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-2000","Stable",2000,"accept","e...@chromium.org","Use after free in HTMLCollection","Apr 06, 2013 01:44:26",1365212666,"Feb 20, 2011 18:55:27",1298228127,"Mar 18, 2011 07:35:54",1300433754,"serg.gla...@gmail.com","2011-1293"
73716,"Low","CVE-2011-1202, M-10, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cev...@chromium.org","Leak of address of heap object via xslt generate-id() function","Mar 21, 2013 20:55:24",1363899324,"Feb 22, 2011 07:56:42",1298361402,"Feb 23, 2011 06:08:53",1298441333,"scarybea...@gmail.com","2011-1202"
73746,"High","ApprovedForMerge, CVE-2011-1203, Cr-Blink, M-10, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1500","Stable",1500,"accept","jsc...@chromium.org","Stale pointer in SVGCursorElement","Apr 06, 2013 01:44:14",1365212654,"Feb 22, 2011 18:07:17",1298398037,"Feb 28, 2011 21:19:41",1298927981,"serg.gla...@gmail.com","2011-1203"
73932,"High","ApprovedForMerge, Cr-Blink, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Bad cast to text node in CompositeEditCommand::breakOutOfEmptyMailBlockquotedParagraph","Apr 06, 2013 01:44:01",1365212641,"Feb 23, 2011 23:09:41",1298502581,"Feb 28, 2011 22:53:51",1298933631,"infe...@chromium.org",""
73962,"High","CVE-2011-1808, Cr-Blink, Cr-Content-Core, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, bulkmove, reward-1000","Stable",1000,"accept","","use after free due to floats not cleared (overflow)","Apr 06, 2013 01:43:57",1365212637,"Feb 24, 2011 05:35:29",1298525729,"May 02, 2011 22:24:30",1304375070,"miaubiz@gmail.com","2011-1808"
74030,"High","ApprovedForMerge, CVE-2011-1204, Cr-Blink, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jsc...@chromium.org","DOM tree corruption in Attr::setValue","Apr 06, 2013 01:43:51",1365212631,"Feb 24, 2011 17:55:08",1298570108,"Feb 28, 2011 21:39:46",1298929186,"serg.gla...@gmail.com","2011-1204"
74562,"High","ApprovedForMerge, CVE-2011-1294, Cr-Blink, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1500","Stable",1500,"accept","","Stale pointer in WebKitCSSKeyframesRule","Apr 06, 2013 01:43:07",1365212587,"Mar 01, 2011 18:48:22",1299005302,"Mar 18, 2011 03:20:25",1300418425,"serg.gla...@gmail.com","2011-1294"
74649,"Medium","Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory, Stability-Memory-AddressSanitizer, Stability-Valgrind, Type-Bug-Security","Stable",,"","rn...@chromium.org","OOB read in SearchBuffer::append","Apr 06, 2013 01:43:00",1365212580,"Mar 02, 2011 06:23:12",1299046992,"Jul 27, 2011 15:40:46",1311781246,"kcc@chromium.org",""
74653,"High","CVE-2011-1438, Cr-Internals, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jia...@chromium.org","bypass SOP with blob:","Mar 21, 2013 20:55:21",1363899321,"Mar 02, 2011 07:21:13",1299050473,"Mar 19, 2011 01:41:29",1300498889,"kuz...@gmail.com","2011-1438"
74660,"High","Cr-Blink, Cr-Blink-JavaScript, LangFuzz, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","","v8 fuzzing - 1174 - out-of-bounds write in reloc info","Apr 06, 2013 03:26:48",1365218808,"Mar 02, 2011 09:02:24",1299056544,"Mar 02, 2011 10:01:55",1299060115,"skylined@chromium.org",""
74662,"High","CVE-2011-1285, Cr-Blink, Cr-Blink-JavaScript, LangFuzz, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","","v8 fuzzing - 1108 potential use-after-free in RegExp code","Apr 06, 2013 03:26:48",1365218808,"Mar 02, 2011 09:19:50",1299057590,"Mar 02, 2011 10:00:48",1299060048,"skylined@chromium.org","2011-1285"
74665,"High","Cr-Blink, Cr-Content-Core, LangFuzz, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","","v8 fuzzing - 1109 (out of bounds write)","Apr 06, 2013 01:42:58",1365212578,"Mar 02, 2011 09:40:52",1299058852,"Mar 02, 2011 10:01:07",1299060067,"skylined@chromium.org",""
74666,"High","Cr-Blink, Cr-Blink-JavaScript, LangFuzz, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","","v8 fuzzing 1122 - stack corruption","Apr 06, 2013 03:26:47",1365218807,"Mar 02, 2011 09:45:43",1299059143,"Mar 02, 2011 10:01:32",1299060092,"skylined@chromium.org",""
74669,"High","Cr-Blink, Cr-Blink-JavaScript, LangFuzz, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","","v8 fuzzing - 1113 - stack corruption","Apr 06, 2013 03:26:47",1365218807,"Mar 02, 2011 09:54:31",1299059671,"Mar 02, 2011 10:03:30",1299060210,"skylined@chromium.org",""
74670,"High","Cr-Blink, Cr-Blink-JavaScript, LangFuzz, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-500","None",500,"accept","","v8 fuzzing 1128 - out of bounds write","Apr 06, 2013 03:26:46",1365218806,"Mar 02, 2011 10:05:12",1299060312,"Mar 02, 2011 10:05:12",1299060312,"skylined@chromium.org",""
74671,"High","Cr-Blink, Cr-Blink-JavaScript, LangFuzz, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","","v8 fuzzing - 1136 - corrupt JIT code","Apr 06, 2013 03:26:46",1365218806,"Mar 02, 2011 10:07:23",1299060443,"Mar 02, 2011 10:07:23",1299060443,"skylined@chromium.org",""
74672,"High","Cr-Blink, Cr-Blink-JavaScript, LangFuzz, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","","v8 fuzzing - 1138 - use after free","Apr 06, 2013 03:26:46",1365218806,"Mar 02, 2011 10:09:16",1299060556,"Mar 02, 2011 10:09:16",1299060556,"skylined@chromium.org",""
74673,"High","Cr-Blink, Cr-Blink-JavaScript, LangFuzz, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","","v8 fuzzing - 1166 - exploitable write","Apr 06, 2013 03:26:45",1365218805,"Mar 02, 2011 10:11:52",1299060712,"Mar 02, 2011 10:11:52",1299060712,"skylined@chromium.org",""
74675,"High","CVE-2011-1286, Cr-Blink, Cr-Blink-JavaScript, LangFuzz, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","","v8 fuzzing - 1146 - invalid memory access","Apr 06, 2013 03:26:45",1365218805,"Mar 02, 2011 10:22:59",1299061379,"Mar 02, 2011 10:22:59",1299061379,"skylined@chromium.org","2011-1286"
74678,"High","Cr-Blink, Cr-Blink-JavaScript, LangFuzz, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","","v8 fuzzing - 1175 - use after free","Apr 06, 2013 03:26:44",1365218804,"Mar 02, 2011 10:33:37",1299062017,"Mar 02, 2011 10:33:37",1299062017,"skylined@chromium.org",""
74720,"Medium","ApprovedForMerge, CVE-2011-1297, Cr-Blink, M-10, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","","Read uninitialized value from JavaScript.","Apr 06, 2013 01:42:49",1365212569,"Mar 02, 2011 19:48:51",1299095331,"Mar 18, 2011 03:11:24",1300417884,"jsc...@chromium.org","2011-1297"
74763,"High","CVE-2011-1439, Cr-Internals, M-11, OS-Linux, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Security: Domui process can be ptraced from a compromised renderer leading to sandbox escape","Mar 21, 2013 20:55:20",1363899320,"Mar 03, 2011 00:54:30",1299113670,"Mar 30, 2011 07:09:30",1301468970,"jln@chromium.org","2011-1439"
74991,"High","ApprovedForMerge, CVE-2011-1295, Cr-Blink, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-2000","Stable",2000,"accept","","Node::checkAddChild and Node::checkReplaceChild shouldn't change the owner document of a node","Apr 06, 2013 01:42:22",1365212542,"Mar 05, 2011 00:32:57",1299285177,"Mar 18, 2011 03:28:05",1300418885,"serg.gla...@gmail.com","2011-1295"
75070,"Low","CVE-2011-2838, Cr-Blink, M-14, OS-All, Pri-3, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","cev...@chromium.org","Security: do not ignore type= on <object>","Apr 06, 2013 01:42:16",1365212536,"Mar 06, 2011 07:20:40",1299396040,"Jul 18, 2011 21:06:23",1311023183,"lcam...@gmail.com","2011-2838"
75155,"High","ApprovedForMerge, CVE-2011-1298, Cr-Blink, M-10, OS-Mac, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","thakis@chromium.org","Integer overflow in WebCore::GraphicsContext::fillRect (Mac)","Apr 06, 2013 01:42:13",1365212533,"Mar 07, 2011 18:10:11",1299521411,"Mar 18, 2011 03:07:53",1300417673,"infe...@chromium.org","2011-1298"
75170,"High","ApprovedForMerge, CVE-2011-1296, Cr-Blink, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1500","Stable",1500,"accept","","SVGVKernElement and SVGHKernElement should call the parent insertedIntoDocument() method","Apr 06, 2013 01:42:10",1365212530,"Mar 07, 2011 20:28:12",1299529692,"Mar 18, 2011 02:59:18",1300417158,"serg.gla...@gmail.com","2011-1296"
75186,"High","CVE-2011-1440, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","rolandsteiner.chromium@gmail.com","(WebCore::RenderObjectChildList::destroyLeftoverChildren) Use-after-free with nesting ruby tag and css propierties","Apr 06, 2013 01:42:08",1365212528,"Mar 07, 2011 21:37:57",1299533877,"Apr 15, 2011 18:30:20",1302892220,"javg0...@gmail.com","2011-1440"
75311,"High","ApprovedForMerge, CVE-2011-1299, Cr-Blink, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Bad cast in HTMLTreeBuilder::processStartTag","Apr 06, 2013 01:41:56",1365212516,"Mar 08, 2011 19:55:11",1299614111,"Mar 18, 2011 03:41:23",1300419683,"infe...@chromium.org","2011-1299"
75347,"High","CVE-2011-1441, Cr-Blink, Cr-Content-Core, Feature-Forms, M-11, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","tkent@chromium.org","Bad cast to RenderBlock with floating select element with required attribute ","Apr 06, 2013 01:41:53",1365212513,"Mar 08, 2011 23:00:49",1299625249,"Mar 19, 2011 01:07:53",1300496873,"mdhgriff...@gmail.com","2011-1441"
75436,"High","CVE-2011-1457, Cr-Blink, Cr-Blink-Location, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","jknot...@chromium.org","Detach Geolocation from Frame when Page destroyed.","Apr 06, 2013 05:02:32",1365224552,"Mar 09, 2011 14:38:27",1299681507,"Mar 22, 2011 23:42:37",1300837357,"infe...@chromium.org","2011-1457"
75496,"Medium","CVE-2011-1809, Cr-UI, Cr-UI-Accessibility, M-12, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","","chrome.dll!BrowserAccessibility..InternalReleaseReference ExecAV@NULL (cc7203fb809bd98728cf74b908e66edf)","Mar 21, 2013 21:00:50",1363899650,"Mar 09, 2011 20:13:54",1299701634,"Mar 18, 2011 00:55:06",1300409706,"skylined@chromium.org","2011-1809"
75560,"Low","Cr-UI, M-16, MovedFrom-17, MovedFrom18, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","creis@chromium.org","Security: address bar updates not  synchronized with document transitions","Mar 21, 2013 21:07:42",1363900062,"Mar 10, 2011 05:12:36",1299733956,"Apr 19, 2012 21:27:27",1334870847,"lcam...@gmail.com",""
75629,"Critical","Cr-Blink, Cr-Internals-GPU-WebGL, M-11, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security","Stable",,"","g...@chromium.org","Use after free in gpu::gles2::ShaderTranslator","Apr 06, 2013 01:41:27",1365212487,"Mar 10, 2011 16:28:04",1299774484,"Apr 01, 2011 00:14:07",1301616847,"infe...@chromium.org",""
75643,"Low","CVE-2011-1810, Cr-Blink, M-12, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","CSS visited history disclosure","Apr 06, 2013 01:41:25",1365212485,"Mar 10, 2011 18:02:26",1299780146,"Apr 08, 2011 22:46:47",1302302807,"jsc...@chromium.org","2011-1810"
75696,"Low","Cr-Blink, M-12, Pri-3, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","jsc...@chromium.org","Security: pushState() should be available only for origin-bearing schemes","Apr 06, 2013 01:41:21",1365212481,"Mar 10, 2011 22:14:25",1299795265,"May 02, 2011 22:31:52",1304375512,"lcam...@gmail.com",""
75712,"High","CVE-2011-1290, Cr-Blink, M-10, Pri-1, ReleaseBlock-Dev, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1337","Stable",1337,"accept","cev...@chromium.org","Integer overflow in style elements","Apr 06, 2013 01:41:20",1365212480,"Mar 11, 2011 00:34:03",1299803643,"Mar 11, 2011 01:23:53",1299806633,"scarybea...@gmail.com","2011-1290"
75801,"High","CVE-2011-1442, Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","jsc...@chromium.org","Current insertedIntoDocument() logic may be compromised","Apr 06, 2013 01:41:14",1365212474,"Mar 11, 2011 19:30:05",1299871805,"Mar 23, 2011 00:27:35",1300840055,"serg.gla...@gmail.com","2011-1442"
75821,"Medium","CVE-2011-2358, Cr-Internals, Cr-Platform-Extensions, M-13, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","asargent@chromium.org","Should we reconsider the no-client-UI decision for the web store?","Mar 21, 2013 21:00:50",1363899650,"Mar 11, 2011 21:38:15",1299879495,"Jun 10, 2011 17:28:28",1307726908,"a...@chromium.org","2011-2358"
75835,"High","CVE-2011-1458, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","use of freed pointer in WebCore::RenderCounter::originalText()","Apr 06, 2013 01:41:12",1365212472,"Mar 11, 2011 23:43:35",1299887015,"Mar 30, 2011 00:25:16",1301444716,"infe...@chromium.org","2011-1458"
76001,"High","CVE-2011-1443, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","enne@chromium.org","Stale pointer in WebCore::LayerRendererChromium::drawLayer","Apr 06, 2013 01:41:01",1365212461,"Mar 13, 2011 21:40:23",1300052423,"Apr 01, 2011 19:44:32",1301687072,"MartyBar...@gmail.com","2011-1443"
76034,"Low","CVE-2011-1811, Cr-Internals, Cr-UI-Browser-Autofill, M-12, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","isherman@chromium.org","Security:Instant hard-crash with JS code","Mar 21, 2013 20:55:13",1363899313,"Mar 14, 2011 10:49:52",1300099792,"Apr 06, 2011 21:08:09",1302124089,"Dimitris...@gmail.com","2011-1811"
76059,"High","Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","enne@chromium.org","WebCore::LayerTilerChromium::invalidateRect() - crash","Apr 06, 2013 01:40:56",1365212456,"Mar 14, 2011 16:06:11",1300118771,"Mar 18, 2011 22:30:29",1300487429,"slaweck",""
76474,"High","CVE-2011-1459, Cr-Blink, Cr-Internals-Plugins, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security","Stable",,"","chromium.cdn@gmail.com","crash in WebKit::WebPluginContainerImpl::handleEvent()","Apr 06, 2013 04:25:55",1365222355,"Mar 17, 2011 03:04:05",1300331045,"Mar 24, 2011 20:15:44",1300997744,"mal@google.com","2011-1459"
76542,"High","CVE-2011-1444, M-11, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","jln@chromium.org","Linux setuid sandbox allows local privilege escalation","Mar 21, 2013 20:55:12",1363899312,"Mar 17, 2011 17:15:54",1300382154,"Apr 06, 2011 21:13:49",1302124429,"dan.j.ro...@gmail.com","2011-1444"
76589,"Critical","Cr-Blink, HTML5, M-11, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Critical, Stability-Crash, Type-Bug-Security, bulkmove","Stable",,"","satish@chromium.org","Crash@ anonymous namespace'::PureCall() when navigate to previous page while speech input API fetching result text","Apr 06, 2013 01:40:15",1365212415,"Mar 17, 2011 21:49:18",1300398558,"Mar 18, 2011 23:08:57",1300489737,"vivi...@chromium.org",""
76646,"Medium","CVE-2011-1445, Cr-Blink, M-11, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","jsc...@chromium.org","OOB read in FEDisplacementMap::apply","Apr 06, 2013 01:40:08",1365212408,"Mar 18, 2011 08:19:47",1300436387,"Mar 23, 2011 00:24:03",1300839843,"woo...@gmail.com","2011-1445"
76666,"High","CVE-2011-1446, Cr-Blink, M-11, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","creis@chromium.org","URL bar spoof","Apr 06, 2013 01:40:07",1365212407,"Mar 18, 2011 12:27:43",1300451263,"Mar 30, 2011 01:10:21",1301447421,"kuz...@gmail.com","2011-1446"
76771,"High","CVE-2011-2830, Cr-Blink, Cr-Blink-JavaScript, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory, Stability-Memory-AddressSanitizer, Stability-Valgrind, Type-B","Stable",,"","ant...@chromium.org","use after free in WebCore::ScriptWrappable::wrapper","Apr 06, 2013 03:26:37",1365218797,"Mar 19, 2011 08:04:30",1300521870,"Aug 19, 2011 21:45:47",1313790347,"kcc@chromium.org","2011-2830"
76784,"High","CVE-2011-1460, Cr-Blink, Cr-Content-Core, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Bad cast to RenderBlock in accessibility assuming that anonymous blocks are renderblocks. ","Apr 06, 2013 01:40:00",1365212400,"Mar 19, 2011 15:50:18",1300549818,"Mar 23, 2011 04:29:17",1300854557,"infe...@chromium.org","2011-1460"
76966,"High","CVE-2011-1447, Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","tkent@chromium.org","RIP goes to zero with select tag, and form validation message with position:relative","Apr 06, 2013 01:39:51",1365212391,"Mar 21, 2011 20:58:55",1300741135,"Mar 24, 2011 19:58:32",1300996712,"miaubiz@gmail.com","2011-1447"
77026,"Medium","CVE-2011-1812, Cr-Internals, Cr-Platform-Extensions, M-12, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-1337","Stable",1337,"accept","a...@chromium.org","Bypass extension manifest permission","Mar 21, 2013 21:00:49",1363899649,"Mar 22, 2011 06:48:04",1300776484,"Apr 11, 2011 23:39:25",1302565165,"kuz...@gmail.com","2011-1812"
77130,"High","CVE-2011-1448, Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","stale entries in gPercentHeightDescendantsMap","Apr 06, 2013 01:39:39",1365212379,"Mar 23, 2011 05:18:34",1300857514,"Mar 24, 2011 19:31:42",1300995102,"woo...@gmail.com","2011-1448"
77181,"High","CVE-2011-1463, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","jsc...@chromium.org","OOB function pointer array call FEComponentTransfer::apply","Apr 06, 2013 01:39:36",1365212376,"Mar 23, 2011 18:31:13",1300905073,"Mar 29, 2011 23:54:53",1301442893,"jsc...@chromium.org","2011-1463"
77346,"High","CVE-2011-1449, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","ukai@chromium.org","Use After Free in Websockets - possible remote code execution within sandbox ","Apr 06, 2013 01:39:22",1365212362,"Mar 25, 2011 01:29:28",1301016568,"Mar 29, 2011 23:41:11",1301442071,"maje...@gmail.com","2011-1449"
77349,"Medium","CVE-2011-1450, Cr-Internals, Cr-Platform-Extensions, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","infe...@chromium.org","When object destroyed, its select file dialog is not informed to cleared its listener which can call back that destroyed object","Mar 21, 2013 21:00:49",1363899649,"Mar 25, 2011 01:40:53",1301017253,"Mar 29, 2011 23:30:29",1301441429,"kuz...@gmail.com","2011-1450"
77463,"High","CVE-2011-1451, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-2000","Stable",2000,"accept","","[WebKit] Call updateId() when removing a non-styled element from the document","Apr 06, 2013 01:39:15",1365212355,"Mar 25, 2011 21:43:47",1301089427,"Apr 08, 2011 00:33:48",1302222828,"serg.gla...@gmail.com","2011-1451"
77493,"Medium","CVE-2011-2345, Cr-Blink, Cr-Internals, Cr-Internals-Plugins-Flash, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-1000","Stable",1000,"accept","jsc...@chromium.org","OOB read with Flash","Apr 06, 2013 04:07:26",1365221246,"Mar 26, 2011 02:42:24",1301107344,"Jun 14, 2011 02:55:26",1308020126,"philippe...@gmail.com","2011-2345"
77507,"High","CVE-2011-1446, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","creis@chromium.org","URL Bar Spoof","Apr 06, 2013 01:39:12",1365212352,"Mar 26, 2011 09:40:36",1301132436,"Apr 15, 2011 20:16:34",1302898594,"kuz...@gmail.com","2011-1446"
77669,"High","CVE-2011-1790, Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Bad cast in WebCore::BreakBlockquoteCommand::doApply","Apr 06, 2013 01:38:58",1365212338,"Mar 28, 2011 18:44:01",1301337841,"Mar 31, 2011 23:27:39",1301614059,"infe...@chromium.org","2011-1790"
77690,"High","CVE-2011-1461, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","tsepez@chromium.org","Use after free in WebCore::ContainerNode::insertedIntoDocument / WebCore::SVGElement::insertedIntoDocument","Apr 06, 2013 01:38:57",1365212337,"Mar 28, 2011 22:08:57",1301350137,"Apr 01, 2011 22:02:55",1301695375,"infe...@chromium.org","2011-1461"
77703,"High","CVE-2011-1462, Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Use-after-free in WebCore::isDeletableElement","Apr 06, 2013 01:38:55",1365212335,"Mar 28, 2011 23:27:34",1301354854,"Mar 31, 2011 23:36:45",1301614605,"infe...@chromium.org","2011-1462"
77765,"High","CVE-2011-1791, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","12 bad cast in editing code relating to htmlelement conversions, isprimitivevalue problems.","Apr 06, 2013 01:38:50",1365212330,"Mar 29, 2011 16:15:27",1301415327,"Mar 31, 2011 23:51:42",1301615502,"infe...@chromium.org","2011-1791"
77786,"Medium","CVE-2011-1452, Cr-Internals, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Stable",500,"accept","creis@chromium.org","URL Bar Spoofing using redirection and location.reload();","Mar 21, 2013 21:00:47",1363899647,"Mar 29, 2011 18:13:19",1301422399,"Apr 06, 2011 20:57:10",1302123430,"jconsult...@gmail.com","2011-1452"
77940,"High","CVE-2011-1453, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, ZDI-CAN-1021","Stable",,"","infe...@chromium.org","ZDI-CAN-1021: Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability","Apr 06, 2013 01:38:30",1365212310,"Mar 30, 2011 18:54:11",1301511251,"Apr 01, 2011 19:51:32",1301687492,"infe...@chromium.org","2011-1453"
78031,"High","CVE-2011-1446, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","creis@chromium.org","Url bar spoof","Mar 21, 2013 20:55:05",1363899305,"Mar 31, 2011 12:03:14",1301572994,"Apr 08, 2011 22:43:07",1302302587,"kuz...@gmail.com","2011-1446"
78038,"Critical","Cr-Internals, Cr-Internals-Network-SSL, M-13, OS-Linux, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Critical, Stability-ThreadSanitizer, Type-Bug-Security","Stable",,"","gli...@chromium.org","ThreadSanitizer reports a potential use after free in net::X509Certificate::Verify","Apr 01, 2013 15:40:29",1364830829,"Mar 31, 2011 14:13:58",1301580838,"Jul 29, 2011 06:57:57",1311922677,"gli...@chromium.org",""
78053,"High","Cr-Blink, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Stale m_fontList in svgFontAndFontFaceElementForFontData","Apr 06, 2013 01:38:21",1365212301,"Mar 31, 2011 16:35:54",1301589354,"May 03, 2011 00:42:30",1304383350,"infe...@chromium.org",""
78071,"High","Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","mikelawt...@chromium.org","css parsing issue in calc","Apr 06, 2013 01:38:19",1365212299,"Mar 31, 2011 18:53:58",1301597638,"Mar 31, 2011 23:33:31",1301614411,"miaubiz@gmail.com",""
78106,"High","Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","ZDI-CAN-1108: WebKit ContentEditable Inline Style Remote Code Execution","Apr 06, 2013 01:38:16",1365212296,"Mar 31, 2011 23:51:26",1301615486,"Apr 08, 2011 23:59:06",1302307146,"c...@google.com",""
78270,"High","Cr-Internals, M-11, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","","[LangFuzz] V8: Crash in HeapObject::map_word on GC","Mar 21, 2013 20:45:54",1363898754,"Apr 03, 2011 11:51:49",1301831509,"Apr 07, 2011 14:01:52",1302184912,"decoder...@googlemail.com",""
78327,"High","CVE-2011-1794, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","chromium.cdn@gmail.com","Integer overflow in FilterEffect::copyImageBytes","Apr 06, 2013 01:38:02",1365212282,"Apr 04, 2011 15:55:43",1301932543,"May 02, 2011 23:38:28",1304379508,"infe...@chromium.org","2011-1794"
78427,"Low","CVE-2011-2840, Cr-Internals, M-14, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","sreeram@chromium.org","url spoof through bookmark bar click","Mar 21, 2013 20:55:03",1363899303,"Apr 05, 2011 13:00:25",1302008425,"Jul 15, 2011 22:24:40",1310768680,"kuz...@gmail.com","2011-2840"
78516,"High","CVE-2011-1813, Cr-Internals, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","jam@chromium.org","Looks like a stale frame in UserScriptSlave::InjectScripts","Mar 21, 2013 20:55:03",1363899303,"Apr 05, 2011 22:56:55",1302044215,"May 02, 2011 23:42:01",1304379721,"infe...@chromium.org","2011-1813"
78524,"Critical","Cr-Internals, Cr-Internals-GPU-WebGL, M-10, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security, reward-1000","Stable",1000,"accept","","ANGLE buffer overflow","Mar 21, 2013 21:08:00",1363900080,"Apr 06, 2011 00:22:16",1302049336,"Apr 06, 2011 00:22:16",1302049336,"scarybea...@gmail.com",""
78572,"High","ApprovedForMerge, CVE-2011-1802, Cr-Blink, Cr-Content-Core, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","CounterNode memory corruption","Apr 06, 2013 01:37:44",1365212264,"Apr 06, 2011 08:36:45",1302079005,"May 19, 2011 18:44:26",1305830666,"skylined@chromium.org","2011-1802"
78576,"High","Cr-Blink, Cr-Content-Core, M-10, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","compareDocumentPosition memory corruption","Apr 06, 2013 01:37:43",1365212263,"Apr 06, 2011 09:43:26",1302083006,"Apr 06, 2011 16:39:12",1302107952,"skylined@chromium.org",""
78639,"High","CVE-2011-2841, Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-14, Merge-Merged, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, reward-1000","Stable",1000,"accept","cev...@chromium.org","Memory corruption leading to OOB read symptom in PDF initialization","Apr 06, 2013 03:15:30",1365218130,"Apr 06, 2011 19:44:05",1302119045,"Jul 29, 2011 03:13:54",1311909234,"marioso...@gmail.com","2011-2841"
78798,"Low","Cr-Internals, Cr-Platform-DevTools, M-12, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","pfeld...@chromium.org","Security: XSS in dev tools HTML inspector","Mar 21, 2013 20:55:01",1363899301,"Apr 08, 2011 08:18:57",1302250737,"May 23, 2011 18:38:35",1306175915,"gazhe...@gmail.com",""
78841,"High","CVE-2011-2359, Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","invalid access with bad html","Apr 06, 2013 01:37:31",1365212251,"Apr 08, 2011 19:33:04",1302291184,"Jun 30, 2011 22:28:55",1309472935,"miaubiz@gmail.com","2011-2359"
78948,"High","CVE-2011-1795, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","ba...@chromium.org","Integer underflow in HTMLFormElement::m_associatedElementsAfterIndex","Apr 06, 2013 01:37:22",1365212242,"Apr 10, 2011 08:01:25",1302422485,"May 02, 2011 23:52:10",1304380330,"infe...@chromium.org","2011-1795"
79025,"High","CVE-2011-1792, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free when inline runin precedes details tag","Apr 06, 2013 01:37:15",1365212235,"Apr 11, 2011 12:32:33",1302525153,"Apr 15, 2011 19:49:58",1302896998,"infe...@chromium.org","2011-1792"
79055,"High","CVE-2011-1796, Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Freed m_viewportRenderer in FrameView::updateOverflowStatus","Apr 06, 2013 01:37:12",1365212232,"Apr 11, 2011 17:17:00",1302542220,"May 02, 2011 23:58:31",1304380711,"infe...@chromium.org","2011-1796"
79075,"High","CVE-2011-1797, Cr-Blink, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Stale node set as layout root, due to one caption not laid out in table with two captions","Apr 06, 2013 01:37:12",1365212232,"Apr 11, 2011 19:01:28",1302548488,"May 19, 2011 22:06:57",1305842817,"infe...@chromium.org","2011-1797"
79199,"High","CVE-2011-1454, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1500","Stable",1500,"accept","","Element::setAttribute should check the namespace of an id attribute","Apr 06, 2013 01:36:59",1365212219,"Apr 12, 2011 19:14:14",1302635654,"Apr 15, 2011 19:44:00",1302896640,"serg.gla...@gmail.com","2011-1454"
79266,"Low","CVE-2011-2360, Cr-Internals, M-13, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","abarth@chromium.org","Bypass unsafe file types dialog","Mar 21, 2013 20:54:59",1363899299,"Apr 13, 2011 02:23:53",1302661433,"Jun 06, 2011 22:22:56",1307398976,"kuz...@gmail.com","2011-2360"
79361,"Medium","CVE-2011-1455, Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-11, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Crash, Type-Bug-Security","Stable",,"","cev...@chromium.org","PDF crash on buyandread.com","Apr 06, 2013 03:15:27",1365218127,"Apr 13, 2011 18:18:03",1302718683,"Apr 15, 2011 18:09:19",1302890959,"eroman@chromium.org","2011-1455"
79362,"Medium","CVE-2011-1814, Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-12, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Crash, Type-Bug-Security","Stable",,"","cev...@chromium.org","Reproducible PDF crash (siryo3.pdf)","Apr 06, 2013 03:15:26",1365218126,"Apr 13, 2011 18:20:54",1302718854,"Apr 15, 2011 06:29:00",1302848940,"eroman@chromium.org","2011-1814"
79364,"High","CVE-2011-1456, Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-11, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security","Stable",,"","cev...@chromium.org","Reproducible pdf crash when entering form inputs","Apr 06, 2013 03:15:26",1365218126,"Apr 13, 2011 18:26:04",1302719164,"Apr 15, 2011 17:56:01",1302890161,"eroman@chromium.org","2011-1456"
79426,"Low","CVE-2011-2361, Cr-UI, M-13, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","tsepez@chromium.org","HTTP Basic Auth Realm Spoof","Mar 21, 2013 20:54:58",1363899298,"Apr 14, 2011 04:17:00",1302754620,"May 08, 2011 19:46:07",1304883967,"kuz...@gmail.com","2011-2361"
79566,"Medium","Cr-Platform-Extensions, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Stable",500,"accept","abarth@chromium.org","Bypass extensions permission","Mar 21, 2013 21:00:45",1363899645,"Apr 15, 2011 12:08:45",1302869325,"May 02, 2011 22:46:10",1304376370,"kuz...@gmail.com",""
79595,"High","CVE-2011-1798, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Bad cast due to childrenInline assumption in RenderSVGText","Apr 06, 2013 01:36:34",1365212194,"Apr 15, 2011 18:10:51",1302891051,"May 03, 2011 00:17:39",1304381859,"infe...@chromium.org","2011-1798"
79726,"Medium","Cr-Blink, Cr-Internals, Cr-UI-Accessibility, M-12, OS-All, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","ctg...@chromium.org","BrowserAccessibility browser process memory corruption","Apr 06, 2013 01:36:25",1365212185,"Apr 18, 2011 11:49:50",1303127390,"Apr 23, 2011 03:36:18",1303529778,"skylined@chromium.org",""
79746,"High","CVE-2011-1808, Cr-Blink, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","","Floats not cleared due to overflow (remaining usecase)","Apr 06, 2013 01:36:22",1365212182,"Apr 18, 2011 15:48:31",1303141711,"May 07, 2011 07:22:24",1304752944,"infe...@chromium.org","2011-1808"
79862,"Low","ApprovedForMerge, Cr-Internals, Cr-Platform-Extensions, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Bypass extensions permission app launch web_url should not allow javascript: chrome:","Mar 21, 2013 20:54:57",1363899297,"Apr 19, 2011 13:31:12",1303219872,"May 23, 2011 18:48:04",1306176484,"kuz...@gmail.com",""
80116,"High","Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","jsc...@chromium.org","Stale pointer in WebCore::Document::recalcStyleSelector","Apr 06, 2013 01:35:36",1365212136,"Apr 21, 2011 02:20:12",1303352412,"Apr 21, 2011 19:36:02",1303414562,"MartyBar...@gmail.com",""
80358,"Medium","ApprovedForMerge, CVE-2011-1816, Cr-Blink, Cr-Blink-JavaScript, Cr-Platform-DevTools, M-12, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","loi...@chromium.org","WebCore::InspectorBackendDispatcher::Runtime_evaluate user after free","Apr 06, 2013 03:26:30",1365218790,"Apr 23, 2011 08:50:52",1303548652,"May 27, 2011 09:39:52",1306489192,"kuz...@gmail.com","2011-1816"
80401,"Medium","Cr-Internals, Pri-1, Restrict-AddIssueComment-Commit, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","creis@chromium.org","Url bar spoof using onbeforeunload when user cancels navigation","Mar 21, 2013 21:00:44",1363899644,"Apr 24, 2011 10:45:28",1303641928,"Apr 29, 2011 19:08:18",1304104098,"kuz...@gmail.com",""
80608,"High","CVE-2011-1800, Cr-Blink, M-11, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","chromium.cdn@gmail.com","Multiple integer overflows in SVG filter effects","Apr 06, 2013 01:34:59",1365212099,"Apr 26, 2011 22:57:35",1303858655,"May 07, 2011 03:45:46",1304739946,"c...@google.com","2011-1800"
80680,"Low","CVE-2011-2842, Cr-Internals, OS-Mac, Pri-2, Restrict-AddIssueComment-Commit, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Security: .keystone_install_lock is insecurely handled in install.py","Mar 21, 2013 20:54:55",1363899295,"Apr 27, 2011 16:11:12",1303920672,"May 12, 2011 21:06:30",1305234390,"googlec...@vtty.com","2011-2842"
81307,"Medium","CVE-2011-2782, Cr-UI, M-13, OS-Linux, Pri-2, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","tony@chromium.org","Security: dropping file:/// URLs into gmail grants access to files","Mar 21, 2013 21:00:44",1363899644,"May 02, 2011 22:05:34",1304373934,"Jun 14, 2011 03:12:53",1308021173,"evan@chromium.org","2011-2782"
81348,"High","CVE-2011-2334, Cr-Blink, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Use after free when removing elements with reflections","Apr 06, 2013 01:34:07",1365212047,"May 03, 2011 06:24:28",1304403868,"May 07, 2011 07:52:35",1304754755,"infe...@chromium.org","2011-2334"
81351,"High","CVE-2011-2335, Cr-Blink, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","CSSSelector double frees","Apr 06, 2013 01:34:07",1365212047,"May 03, 2011 07:04:32",1304406272,"May 07, 2011 07:54:38",1304754878,"infe...@chromium.org","2011-2335"
81753,"Medium","Cr-Internals, Cr-UI-Internationalization, M-16, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-CodeYellow, Stability-Memory-DrMemory, Stability-Valgrind, Type-Bug-Security, Uniniti","Stable",,"","bradchen@chromium.org","Valgrind reports issues in icu_46::RegexMatcher","Apr 01, 2013 15:52:11",1364831531,"May 06, 2011 00:58:31",1304643511,"Sep 15, 2011 22:18:37",1316125117,"dhollowa@chromium.org",""
81916,"Medium","ApprovedForMerge, CVE-2011-1817, Cr-Internals, M-12, Pri-3, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Stable",500,"accept","csilv@chromium.org","Stale observer in BrowsingDataRemover's observer_list_","Mar 21, 2013 21:00:42",1363899642,"May 07, 2011 16:08:24",1304784504,"Jun 14, 2011 03:57:27",1308023847,"therealh...@gmail.com","2011-1817"
81949,"High","ApprovedForMerge, CVE-2011-1818, Cr-Blink, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","chromium.cdn@gmail.com","use-after-free in imageloader with fallbackcontent","Apr 06, 2013 01:32:27",1365211947,"May 08, 2011 08:12:17",1304842337,"May 23, 2011 18:52:29",1306176749,"miaubiz@gmail.com","2011-1818"
82096,"High","CVE-2011-2336, Cr-Blink, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Merge http://trac.webkit.org/changeset/85693","Apr 06, 2013 01:31:30",1365211890,"May 10, 2011 03:19:53",1304997593,"May 10, 2011 03:24:35",1304997875,"infe...@chromium.org","2011-2336"
82152,"High","CVE-2011-2337, M-12, OS-Linux, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","Need to merge WebKit 64-bit issue http://trac.webkit.org/changeset/86106","Mar 21, 2013 20:54:52",1363899292,"May 10, 2011 18:30:14",1305052214,"May 10, 2011 18:32:17",1305052337,"scarybea...@gmail.com","2011-2337"
82154,"Medium","Cr-Blink, M-12, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","","out-of-bound access in  third_party/WebKit/Source/WebKit/chromium/src/WebFrameImpl.cpp","Apr 06, 2013 01:31:10",1365211870,"May 10, 2011 18:40:53",1305052853,"May 17, 2011 22:32:50",1305671570,"kcc@chromium.org",""
82438,"Medium","CVE-2011-2843, Cr-Internals, Cr-Internals-Media, M-14, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Crash, Stability-Memory, Stability-Memory-AddressSanitizer, Type-Bug-Security,","Stable",,"","cev...@chromium.org","OOB read in media::FFmpegVideoDecodeEngine::Initialize","Apr 01, 2013 15:45:17",1364831117,"May 12, 2011 18:14:01",1305224041,"Jun 08, 2011 17:33:02",1307554382,"kcc@chromium.org","2011-2843"
82444,"Low","Cr-Blink, M-13, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","rn...@chromium.org","Local file disclosure when pasting stuff from Excel, etc.","Apr 06, 2013 01:30:31",1365211831,"May 12, 2011 18:30:19",1305225019,"Jun 14, 2011 05:09:23",1308028163,"infe...@chromium.org",""
82516,"High","ApprovedForMerge, CVE-2011-1803, Cr-Blink, M-11, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","write-after-free in third_party/WebKit/Source/WebCore/svg/animation/SVGSMILElement.h:58","Apr 06, 2013 01:30:18",1365211818,"May 13, 2011 07:44:19",1305272659,"May 19, 2011 18:46:32",1305830792,"kcc@chromium.org","2011-1803"
82546,"High","ApprovedForMerge, CVE-2011-1804, Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Stale pointer in WebCore::RenderBlock::marginBeforeForChild","Apr 06, 2013 01:30:08",1365211808,"May 13, 2011 15:35:01",1305300901,"May 19, 2011 18:41:30",1305830490,"MartyBar...@gmail.com","2011-1804"
82552,"High","CVE-2011-2823, Cr-Blink, Cr-Content-Core, M-13, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","REGRESSION (83075): Use after free in line box culling optimization","Apr 06, 2013 01:30:07",1365211807,"May 13, 2011 16:26:01",1305303961,"Jul 28, 2011 13:56:23",1311861383,"skylined@chromium.org","2011-2823"
82633,"High","ApprovedForMerge, CVE-2011-1805, Cr-Blink, M-11, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","Bad cast in CSSParser::createFontFaceRule","Apr 06, 2013 01:29:55",1365211795,"May 14, 2011 01:50:49",1305337849,"May 19, 2011 18:36:20",1305830180,"infe...@chromium.org","2011-1805"
82653,"High","CVE-2011-2352, Cr-Blink, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free due to incorrectly setting document.body to non body elements, elements from other docs.","Apr 06, 2013 01:29:54",1365211794,"May 14, 2011 10:38:32",1305369512,"Jun 14, 2011 16:34:43",1308069283,"infe...@chromium.org","2011-2352"
82873,"Critical","CVE-2011-1806, Cr-Internals, Cr-Internals-GPU-WebGL, M-12, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Critical, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","g...@chromium.org","Memory corruption in GPU command buffer","Apr 01, 2013 15:39:03",1364830743,"May 17, 2011 03:29:58",1305602998,"May 20, 2011 19:02:09",1305918129,"infe...@chromium.org","2011-1806"
82903,"Critical","ApprovedForMerge, CVE-2011-1807, Cr-Blink, M-11, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Critical, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","OOB write in BlobURLRequestJob::HeadersCompleted","Apr 06, 2013 01:29:36",1365211776,"May 17, 2011 12:32:23",1305635543,"May 19, 2011 18:25:12",1305829512,"infe...@chromium.org","2011-1807"
83010,"Medium","ApprovedForMerge, CVE-2011-1819, Cr-Platform-Extensions, M-12, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-1000","Stable",1000,"accept","secur...@chromium.org","An extension can access and modify all chrome:// pages, options, etc.","Mar 21, 2013 21:00:40",1363899640,"May 18, 2011 03:30:08",1305689408,"May 23, 2011 19:03:35",1306177415,"twittermoo","2011-1819"
83012,"High","CVE-2011-2338, Cr-Blink, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","simonjam@chromium.org","Use after free in XMLDocumentParser","Apr 06, 2013 01:29:29",1365211769,"May 18, 2011 04:25:14",1305692714,"May 23, 2011 22:13:24",1306188804,"infe...@chromium.org","2011-2338"
83031,"Low","CVE-2011-2840, Cr-UI, M-14, MovedFrom-13, OS-All, Pri-3, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","creis@chromium.org","Chrome spoof on 302 redirect","Mar 21, 2013 20:54:48",1363899288,"May 18, 2011 07:45:18",1305704718,"Jun 14, 2011 01:29:45",1308014985,"kuz...@gmail.com","2011-2840"
83096,"Critical","M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security","Stable",,"","","Cross-origin access using window.execScript + code execution","Mar 21, 2013 21:07:58",1363900078,"May 18, 2011 19:40:52",1305747652,"Jun 03, 2011 17:03:32",1307120612,"serg.gla...@gmail.com",""
83235,"High","ApprovedForMerge, CVE-2011-2339, Cr-Blink, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Bad cast in RenderBlock::createLineBoxes due to double attach in htmlformelement","Apr 06, 2013 01:29:07",1365211747,"May 19, 2011 16:22:46",1305822166,"May 23, 2011 18:45:16",1306176316,"infe...@chromium.org","2011-2339"
83270,"High","CVE-2011-2354, Cr-Blink, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","oob read in WebCore::ImageBufferData::getData","Apr 06, 2013 01:29:05",1365211745,"May 19, 2011 19:17:09",1305832629,"Jun 14, 2011 21:03:47",1308085427,"infe...@chromium.org","2011-2354"
83273,"Medium","ApprovedForMerge, CVE-2011-2783, Cr-Internals, Cr-Platform-Extensions, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","mpcomplete@chromium.org","Browser prompt when installing unpacked npapi extensions","Mar 21, 2013 21:00:39",1363899639,"May 19, 2011 19:58:15",1305835095,"Jun 14, 2011 01:14:57",1308014097,"c...@chromium.org","2011-2783"
83275,"High","CVE-2011-2332, Cr-Internals, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-3133","Stable",3133,"accept","a...@chromium.org","UXSS with window.execScript","Mar 21, 2013 20:54:46",1363899286,"May 19, 2011 20:11:22",1305835882,"May 23, 2011 08:32:16",1306139536,"c...@chromium.org","2011-2332"
83598,"Medium","ApprovedForMerge, CVE-2011-2340, Cr-Blink, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","OOB read in WebCore::parseColorIntOrPercentage","Apr 06, 2013 01:28:40",1365211720,"May 23, 2011 16:03:16",1306166596,"May 23, 2011 18:43:09",1306176189,"infe...@chromium.org","2011-2340"
83672,"High","CVE-2011-3233, Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","jchaffraix@chromium.org","Stale layout root set as input element when child of a keygen with autofocus","Apr 06, 2013 01:28:33",1365211713,"May 23, 2011 23:30:03",1306193403,"Jul 12, 2011 21:25:24",1310505924,"infe...@chromium.org","2011-3233"
83743,"High","CVE-2011-3243, Cr-Blink, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","abarth@chromium.org","Universal XSS using contentWindow.eval","Apr 06, 2013 01:28:27",1365211707,"May 24, 2011 16:16:06",1306253766,"Jun 04, 2011 01:59:17",1307152757,"infe...@chromium.org","2011-3243"
83841,"Low","CVE-2011-2784, Cr-Blink, Cr-Internals-GPU-WebGL, M-13, OS-All, Pri-3, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-782","Stable",,"","vangelis@chromium.org","User information leakage esp local paths, username in webgl getProgramInfoLog","Apr 06, 2013 01:28:18",1365211698,"May 25, 2011 04:10:05",1306296605,"Jun 14, 2011 06:04:06",1308031446,"kuz...@gmail.com","2011-2784"
84002,"Medium","CVE-2011-2809, Cr-Blink, M-13, OS-Linux, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","OOB read in ComplexTextController constructor (ComplexTextControllerLinux.cpp) + OOB read in WidthIterator","Apr 06, 2013 01:28:05",1365211685,"May 26, 2011 05:14:23",1306386863,"Jun 14, 2011 06:12:39",1308031959,"infe...@chromium.org","2011-2809"
84160,"Medium","Cr-Blink, M-14, Merge-Merged-835, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-CodeYellow, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","","Use after free in accessibility notifications.","Apr 06, 2013 01:27:55",1365211675,"May 27, 2011 02:48:19",1306464499,"Sep 15, 2011 13:46:31",1316094391,"infe...@chromium.org",""
84234,"High","Cr-Blink, Cr-Blink-JavaScript, Cr-Internals, M-12, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","erik.corry","[LangFuzz] Crash @ MarkCompactCollector::SweepSpaces() or SeqTwoByteString::SeqTwoByteStringReadBlockIntoBuffer() (64 bit)","Apr 06, 2013 03:26:15",1365218775,"May 27, 2011 19:57:17",1306526237,"Jun 04, 2011 02:06:20",1307153180,"decoder...@googlemail.com",""
84333,"High","CVE-2011-2341, Cr-Blink, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","use after free in WebCore::ContainerNode::firstChild / WebCore::XMLDocumentParser::insertErrorMessageBlock","Apr 06, 2013 01:27:43",1365211663,"May 28, 2011 18:02:04",1306605724,"Jun 14, 2011 04:01:47",1308024107,"infe...@chromium.org","2011-2341"
84355,"High","CVE-2011-2346, Cr-Blink, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","use-after-free in svg fontfacelement","Apr 06, 2013 01:27:41",1365211661,"May 29, 2011 08:48:17",1306658897,"Jun 14, 2011 03:49:59",1308023399,"miaubiz@gmail.com","2011-2346"
84402,"Low","CVE-2011-2785, Cr-Platform-Extensions, M-13, OS-All, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","c...@chromium.org","Extensions permission elevevation using javascript: in homepage_url","Mar 21, 2013 20:54:43",1363899283,"May 30, 2011 03:30:42",1306726242,"Jun 14, 2011 16:19:16",1308068356,"kuz...@gmail.com","2011-2785"
84452,"High","CVE-2011-3238, Cr-Blink, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","infe...@chromium.org","Bad cast in HTMLMediaElement::mediaControls","Apr 06, 2013 01:27:33",1365211653,"May 31, 2011 02:14:49",1306808089,"Jun 03, 2011 17:08:35",1307120915,"MartyBar...@gmail.com","2011-3238"
84600,"Low","CVE-2011-2786, Cr-Blink, M-13, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","allan...@chromium.org","Security: Web page can initiate speech recognition without user knowing about it","Apr 06, 2013 01:27:22",1365211642,"Jun 01, 2011 14:17:32",1306937852,"Jul 12, 2011 22:03:22",1310508202,"olli.pet...@gmail.com","2011-2786"
84805,"Medium","ApprovedForMerge, CVE-2011-2787, Cr-Blink, Cr-Internals, Cr-Internals-GPU, Cr-Internals-Graphics, Cr-Internals-Plugins-Flash, M-13, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium","Stable",,"","zmo@chromium.org","Flash/GPU memory corruption in critical section.","Apr 06, 2013 04:06:30",1365221190,"Jun 03, 2011 01:41:13",1307065273,"Jun 14, 2011 04:29:39",1308025779,"kuz...@gmail.com","2011-2787"
84885,"High","Cr-Blink, M-14, Merge-Merged-835, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","dmazzoni@chromium.org","ASSERT obj->parentObject() == this in accessibility tree","Apr 06, 2013 01:27:02",1365211622,"Jun 03, 2011 18:43:39",1307126619,"Sep 09, 2011 18:07:13",1315591633,"infe...@chromium.org",""
84946,"High","CVE-2011-2353, Cr-Blink, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","cev...@chromium.org","Merge http://trac.webkit.org/changeset/87959 and http://trac.webkit.org/changeset/87756 for documentloader use after frees","Apr 06, 2013 01:26:59",1365211619,"Jun 04, 2011 16:54:18",1307206458,"Jun 14, 2011 17:47:45",1308073665,"infe...@chromium.org","2011-2353"
84950,"Medium","CVE-2011-2810, Cr-Blink, M-13, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","cev...@chromium.org","Merge http://trac.webkit.org/changeset/87856","Apr 06, 2013 01:26:58",1365211618,"Jun 04, 2011 17:28:49",1307208529,"Jun 05, 2011 04:42:11",1307248931,"infe...@chromium.org","2011-2810"
85003,"High","CVE-2011-2347, Cr-Blink, M-12, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","mikelawt...@chromium.org","Parsing issue with -webkit-calc","Apr 06, 2013 01:26:53",1365211613,"Jun 05, 2011 21:20:51",1307308851,"Jun 14, 2011 02:09:08",1308017348,"miaubiz@gmail.com","2011-2347"
85041,"Medium","CVE-2011-2844, Cr-Internals, Cr-Internals-Core, Cr-Internals-Media, M-14, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, testcasenotadded","Stable",,"","cev...@chromium.org","Memory Corruption in video decoding","Mar 21, 2013 21:00:36",1363899636,"Jun 06, 2011 11:34:20",1307360060,"Jun 08, 2011 22:29:57",1307572197,"skylined@chromium.org","2011-2844"
85102,"High","CVE-2011-2350, Cr-Blink, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","abarth@chromium.org","Use after free in WebCore::ContainerNode::parserAddChild","Apr 06, 2013 01:26:41",1365211601,"Jun 06, 2011 20:46:54",1307393214,"Jun 14, 2011 18:27:18",1308076038,"miaubiz@gmail.com","2011-2350"
85177,"High","CVE-2011-2348, M-12, OS-Linux, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","fschneider@chromium.org","Renderer crash with javascript + setInterval","Mar 21, 2013 20:54:41",1363899281,"Jun 07, 2011 12:59:37",1307451577,"Jun 09, 2011 17:04:58",1307639098,"aohelin","2011-2348"
85211,"High","CVE-2011-2351, Cr-Blink, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Use after free in SVGUseElement::buildShadowTree","Apr 06, 2013 01:26:36",1365211596,"Jun 07, 2011 18:18:10",1307470690,"Jun 14, 2011 19:40:26",1308080426,"miaubiz@gmail.com","2011-2351"
85256,"Medium","CVE-2011-2809, Cr-Blink, M-13, OS-All, OS-Chrome, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","infe...@chromium.org","OOB read in UniscribleController::advance","Apr 06, 2013 01:26:33",1365211593,"Jun 07, 2011 22:48:05",1307486885,"Jun 14, 2011 18:05:41",1308074741,"infe...@chromium.org","2011-2809"
85302,"High","CVE-2011-2811, Cr-Blink, M-13, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","Crasher in WebCore::StyleBase::stylesheet","Apr 06, 2013 01:26:26",1365211586,"Jun 08, 2011 05:41:45",1307511705,"Aug 22, 2011 20:58:56",1314046736,"infe...@chromium.org","2011-2811"
85418,"High","CVE-2011-2349, Cr-Blink, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-DrMemory, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Use-after-free in WebCore::RenderTextControl::isSelectableElement","Apr 06, 2013 01:26:21",1365211581,"Jun 08, 2011 19:15:52",1307560552,"Jun 14, 2011 05:48:55",1308030535,"miaubiz@gmail.com","2011-2349"
85559,"Low","CVE-2011-2788, Cr-Blink, M-13, OS-All, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","infe...@chromium.org","Web Inspector: Crash by buffer overrun crash when serializing inspector object tree.","Apr 06, 2013 01:26:11",1365211571,"Jun 09, 2011 14:51:15",1307631075,"Jun 14, 2011 04:06:30",1308024390,"infe...@chromium.org","2011-2788"
85808,"High","CVE-2011-2789, Cr-Blink, Cr-Internals, Cr-Internals-Plugins, Cr-Internals-Plugins-Pepper, M-13, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","c...@chromium.org","chrome_1c30000!webkit::ppapi::PPB_Widget_Impl::Invalidate crash","Apr 06, 2013 04:39:40",1365223180,"Jun 11, 2011 16:34:41",1307810081,"Jun 22, 2011 18:20:41",1308766841,"kuz...@gmail.com","2011-2789"
85943,"High","CVE-2011-2355, Cr-Blink, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free in Stylesheet due to issue in CLONE nodes ","Apr 06, 2013 01:25:47",1365211547,"Jun 13, 2011 19:26:11",1307993171,"Jun 16, 2011 02:08:16",1308190096,"infe...@chromium.org","2011-2355"
86133,"","M-12, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Type-Bug-Security","Stable",,"","cev...@chromium.org","Add GRP to dangerous file list","Mar 21, 2013 20:54:38",1363899278,"Jun 15, 2011 02:32:28",1308105148,"Jun 15, 2011 02:53:53",1308106433,"scarybea...@gmail.com",""
86191,"Low","Cr-Internals, Cr-Platform-Extensions, Cr-Webstore, M-12, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Security: web-exposed manifest from Chrome extensions diverges from the real manifest in regards to NPAPI","Mar 21, 2013 20:54:38",1363899278,"Jun 15, 2011 16:55:19",1308156919,"Jun 20, 2011 17:10:46",1308589846,"jln@chromium.org",""
86367,"High","CVE-2011-2356, Cr-Blink, M-12, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free of frame in Document::finishedParsing","Apr 06, 2013 01:25:14",1365211514,"Jun 16, 2011 20:24:05",1308255845,"Jun 16, 2011 22:06:16",1308261976,"infe...@chromium.org","2011-2356"
86502,"High","CVE-2011-2790, Cr-Blink, M-13, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Use after free due to floats not cleared from parent's next siblings blocks (on losing ability to intrude floats)","Apr 06, 2013 01:25:03",1365211503,"Jun 17, 2011 14:34:31",1308321271,"Jun 20, 2011 20:28:04",1308601684,"miaubiz@gmail.com","2011-2790"
86609,"High","CVE-2011-2812, Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","OOB read in fontfallbacklist due to issue in CSSPrimitiveValues clamping","Apr 06, 2013 01:24:53",1365211493,"Jun 18, 2011 02:40:31",1308364831,"Jun 30, 2011 22:17:25",1309472245,"infe...@chromium.org","2011-2812"
86648,"High","CVE-2011-2813, Cr-Blink, M-13, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","abarth@chromium.org","Use after free in formassociatedelement not removed from m_formElementsWithFormAttribute","Apr 06, 2013 01:24:51",1365211491,"Jun 18, 2011 16:10:46",1308413446,"Jun 28, 2011 07:22:20",1309245740,"infe...@chromium.org","2011-2813"
86705,"High","CVE-2011-2814, Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","jknot...@chromium.org","Use after free in Geolocation::fatalErrorOccurred","Apr 06, 2013 01:24:47",1365211487,"Jun 19, 2011 15:09:44",1308496184,"Jul 16, 2011 02:08:46",1310782126,"infe...@chromium.org","2011-2814"
86758,"High","CVE-2011-2845, Cr-Internals, M-15, Merge-Merged, Merge-Merged-874, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","creis@chromium.org","URL Bar Spoofing using History.back() and History.forward","Mar 21, 2013 20:54:36",1363899276,"Jun 20, 2011 09:42:02",1308562922,"Jul 25, 2011 17:16:41",1311614201,"jconsult...@gmail.com","2011-2845"
86900,"High","CVE-2011-2791, Cr-Internals, M-13, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-782, reward-1000","Stable",1000,"accept","jshin@chromium.org","Heap memory corruption in web database support (SQLite/ICU)","Mar 21, 2013 20:54:36",1363899276,"Jun 21, 2011 04:57:23",1308632243,"Jun 29, 2011 20:33:10",1309379590,"yangding...@gmail.com","2011-2791"
87148,"High","CVE-2011-2792, M-13, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","use after free due to floats not removed","Mar 21, 2013 20:54:35",1363899275,"Jun 22, 2011 21:00:30",1308776430,"Jun 28, 2011 05:59:17",1309240757,"miaubiz@gmail.com","2011-2792"
87227,"High","CVE-2011-2793, Cr-Blink, M-13, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Use after free due to refcounting issue in MediaQueryMatcher::prepareEvaluator","Apr 06, 2013 01:24:10",1365211450,"Jun 23, 2011 09:48:10",1308822490,"Jun 28, 2011 07:26:06",1309245966,"miaubiz@gmail.com","2011-2793"
87298,"Medium","CVE-2011-2794, Cr-Blink, M-13, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Stability-Memory-DrMemory, Type-Bug-Security, reward-500","Stable",500,"accept","rn...@chromium.org","OOB read due to iterating over wrong textbox in TextIterator::emitText (first-letter + RTL)","Apr 06, 2013 01:24:06",1365211446,"Jun 23, 2011 20:37:04",1308861424,"Jul 12, 2011 22:15:27",1310508927,"miaubiz@gmail.com","2011-2794"
87339,"Medium","CVE-2011-2795, Cr-Blink, M-13, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Stable",500,"accept","abarth@chromium.org","XSS injection via prototype chain","Apr 06, 2013 01:24:01",1365211441,"Jun 24, 2011 01:31:23",1308879083,"Jun 28, 2011 05:22:06",1309238526,"shih.wei...@gmail.com","2011-2795"
87478,"High","M-14, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","a...@chromium.org","[LangFuzz] Crash on heap with invalid read","Mar 21, 2013 20:45:21",1363898721,"Jun 25, 2011 00:52:17",1308963137,"Jun 27, 2011 13:15:52",1309180552,"decoder...@googlemail.com",""
87548,"High","CVE-2011-2796, Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","r...@google.com","use after free in skia blitter","Apr 06, 2013 01:23:49",1365211429,"Jun 26, 2011 15:55:36",1309103736,"Jul 19, 2011 16:46:57",1311094017,"infe...@chromium.org","2011-2796"
87728,"High","Cr-Blink, M-14, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","None",1000,"accept","infe...@chromium.org","Regression(89733): Use after free in fast/forms/text-control-intrinsic-widths.html","Apr 06, 2013 01:23:37",1365211417,"Jun 28, 2011 08:52:25",1309251145,"Jun 28, 2011 19:43:00",1309290180,"miaubiz@gmail.com",""
87729,"High","CVE-2011-2797, Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Stable",1000,"accept","gavinp@chromium.org","Use after free in third_party/WebKit/LayoutTests/fast/dom/HTMLLinkElement/link-and-subresource-test.html","Apr 06, 2013 01:23:36",1365211416,"Jun 28, 2011 08:56:30",1309251390,"Jul 12, 2011 22:08:13",1310508493,"miaubiz@gmail.com","2011-2797"
87815,"Low","CVE-2011-2798, Cr-Internals, Cr-Platform-DevTools, M-13, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","c...@chromium.org","chrome-devtools:// can be navigated from http","Mar 21, 2013 20:54:33",1363899273,"Jun 28, 2011 20:58:09",1309294689,"Jun 30, 2011 22:01:25",1309471285,"evn@google.com","2011-2798"
87861,"Medium","CVE-2011-2865, Cr-Blink, M-14, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","","Security: OOB read in svg text run","Apr 06, 2013 01:23:29",1365211409,"Jun 29, 2011 03:13:20",1309317200,"Jul 19, 2011 18:26:46",1311100006,"infe...@chromium.org","2011-2865"
87862,"High","CVE-2011-2815, Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","jchaffraix@chromium.org","Security: Use after free in svg text","Apr 06, 2013 01:23:28",1365211408,"Jun 29, 2011 03:28:29",1309318109,"Jul 12, 2011 23:04:59",1310511899,"infe...@chromium.org","2011-2815"
87925,"High","CVE-2011-2799, Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Use after free in range extract contents","Apr 06, 2013 01:23:22",1365211402,"Jun 29, 2011 18:04:17",1309370657,"Jul 12, 2011 20:57:51",1310504271,"miaubiz@gmail.com","2011-2799"
88093,"High","M-14, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000, reward-decline","None",1000,"decline","kmillikin@chromium.org","Security: out-of-bounds read in v8 with defineProperty and arguments","Mar 21, 2013 20:45:17",1363898717,"Jun 30, 2011 20:22:42",1309465362,"Jun 30, 2011 20:22:42",1309465362,"scarybea...@gmail.com",""
88216,"High","CVE-2011-2824, Cr-Blink, M-13, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","c...@chromium.org","Regression: Use-after-free in CounterNode::insertAfter","Apr 06, 2013 01:23:00",1365211380,"Jul 01, 2011 19:15:58",1309547758,"Aug 08, 2011 23:50:10",1312847410,"miaubiz@gmail.com","2011-2824"
88337,"Medium","CVE-2011-2800, Cr-Blink, M-13, OS-All, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Stable",500,"accept","abarth@chromium.org","The beforeload event allows tracking URI changes in a frame","Apr 06, 2013 01:22:48",1365211368,"Jul 03, 2011 13:08:23",1309698503,"Jul 16, 2011 02:04:24",1310781864,"juhon...@gmail.com","2011-2800"
88591,"High","CVE-2011-2802, Cr-Blink, Cr-Blink-JavaScript, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","kmillikin@chromium.org","[LangFuzz] CHECK(!value->IsTheHole()) failed // Crash with invalid read in shell","Apr 06, 2013 03:26:07",1365218767,"Jul 06, 2011 20:53:15",1309985595,"Jul 11, 2011 14:18:42",1310393922,"decoder...@googlemail.com","2011-2802"
88670,"High","CVE-2011-2825, Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, ZDI-CAN-1283","Stable",,"","cev...@chromium.org","ZDI-CAN-1283: Webkit fontface Invalid Font Family Remote Code Execution Vulnerability","Apr 06, 2013 01:22:22",1365211342,"Jul 07, 2011 16:25:45",1310055945,"Sep 07, 2011 16:15:34",1315412134,"infe...@chromium.org","2011-2825"
88684,"High","CVE-2011-2866, Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","Stale m_owner in RenderScrollbar (m_owner is deleted body element)","Apr 06, 2013 01:22:21",1365211341,"Jul 07, 2011 18:28:01",1310063281,"Aug 30, 2011 20:44:59",1314737099,"infe...@chromium.org","2011-2866"
88723,"High","CVE-2011-2820, Cr-Blink, Cr-Content-Core, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","","REGRESSION (r85964): Use after free in WebCore::RenderObject::localToAbsolute","Apr 06, 2013 01:22:19",1365211339,"Jul 08, 2011 00:57:05",1310086625,"Jul 26, 2011 20:06:54",1311710814,"rtenneti@chromium.org","2011-2820"
88730,"High","CVE-2011-2816, Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Use after free in SVGUseElement::invalidateShadowTree / SVGElementInstance::invalidateAllInstancesOfElement","Apr 06, 2013 01:22:18",1365211338,"Jul 08, 2011 05:22:09",1310102529,"Jul 16, 2011 19:06:35",1310843195,"infe...@chromium.org","2011-2816"
88827,"Medium","CVE-2011-2803, Cr-Internals, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","r...@google.com","OOB read due to Integer overflow in SkDashPathEffect constructor (len and phase)","Apr 01, 2013 15:38:51",1364830731,"Jul 09, 2011 21:20:27",1310246427,"Jul 19, 2011 17:01:29",1311094889,"infe...@chromium.org","2011-2803"
88846,"High","CVE-2011-2801, Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Use-after-free in FrameLoader with no form post method","Apr 06, 2013 01:22:12",1365211332,"Jul 10, 2011 07:36:39",1310283399,"Jul 16, 2011 02:11:47",1310782307,"miaubiz@gmail.com","2011-2801"
88850,"High","Cr-Blink, Cr-Internals-Media, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","cev...@chromium.org","Use after free with fuzzed ogv file","Apr 06, 2013 01:22:11",1365211331,"Jul 10, 2011 09:18:10",1310289490,"Jul 28, 2011 13:56:23",1311861383,"chamal.d...@gmail.com",""
88858,"High","Cr-Blink, Cr-Blink-JavaScript, M-14, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","kmillikin@chromium.org","[LangFuzz] Crash at JSObject::LocalLookupRealNamedProperty with invalid read on gc","Apr 06, 2013 03:26:07",1365218767,"Jul 10, 2011 12:36:27",1310301387,"Jul 11, 2011 06:49:41",1310366981,"decoder...@googlemail.com",""
88889,"High","CVE-2011-2818, Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Stale pointer due to floats not removed (flexible box display)","Apr 06, 2013 01:22:07",1365211327,"Jul 11, 2011 06:28:30",1310365710,"Jul 25, 2011 18:32:49",1311618769,"MartyBar...@gmail.com","2011-2818"
88944,"Critical","Cr-Blink, Cr-Blink-Storage-IndexedDB, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-Critical, Type-Bug-Security, reward-3133","None",3133,"accept","dgrogan@chromium.org","Use-after free in leveldb","Apr 06, 2013 03:07:48",1365217668,"Jul 11, 2011 17:53:22",1310406802,"Jul 28, 2011 13:56:23",1311861383,"miaubiz@gmail.com",""
88949,"Medium","CVE-2011-3875, Cr-UI, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-874","Stable",,"","creis@chromium.org","Security: Location Bar Spoofing using very long string on a web address in the location bar","Mar 21, 2013 21:00:33",1363899633,"Jul 11, 2011 18:35:59",1310409359,"Oct 03, 2011 18:23:34",1317666214,"jconsult...@gmail.com","2011-3875"
89142,"High","Area-Internal, CVE-2011-2804, Cr-Blink, Cr-Internals-Plugins-PDF, M-13, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","cev...@chromium.org","PDF viewer crash","Apr 06, 2013 03:14:29",1365218069,"Jul 13, 2011 08:54:05",1310547245,"Jul 13, 2011 18:55:40",1310583340,"aohelin","2011-2804"
89219,"High","CVE-2011-2846, Cr-Blink, M-14, Merge-Merged, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Stable",1000,"accept","jap...@chromium.org","Use after free due to document destruction within unload event","Apr 06, 2013 01:21:42",1365211302,"Jul 13, 2011 19:00:16",1310583616,"Aug 24, 2011 21:26:19",1314221179,"Ax3...@gmail.com","2011-2846"
89330,"High","CVE-2011-2847, Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Stable",1000,"accept","abarth@chromium.org","DocumentLoader use after free in KURL::strippedForUseAsReferrer","Apr 06, 2013 01:21:34",1365211294,"Jul 14, 2011 17:45:39",1310665539,"Aug 30, 2011 21:31:39",1314739899,"miaubiz@gmail.com","2011-2847"
89402,"High","CVE-2011-2821, M-13, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-DrMemory, Type-Bug-Security, reward-1000","Stable",1000,"accept","cev...@chromium.org","Memory corruption (double free) caused by malformed XPath expression in XSLT","Apr 01, 2013 15:42:50",1364830970,"Jul 15, 2011 09:16:11",1310721371,"Aug 04, 2011 04:55:18",1312433718,"yangding...@gmail.com","2011-2821"
89453,"High","CVE-2011-2826, Cr-Blink, M-13, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","abarth@chromium.org","UXSS with empty SecurityOrigin","Apr 06, 2013 01:21:24",1365211284,"Jul 15, 2011 19:34:51",1310758491,"Jul 28, 2011 23:51:49",1311897109,"serg.gla...@gmail.com","2011-2826"
89493,"High","Cr-Blink, Cr-Blink-Rendering, Cr-Blink-SVG, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-CodeYellow, Stability-Memory-AddressSanitizer, Ty","Beta, Stable",,"","ke...@chromium.org","Use after free in SVG foreignobject rendering.","Apr 06, 2013 03:45:13",1365219913,"Jul 16, 2011 07:26:28",1310801188,"Nov 09, 2011 18:09:12",1320862152,"infe...@chromium.org",""
89520,"High","CVE-2011-2805, Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1500","Stable",1500,"accept","","UXSS / frame escape with window.open","Apr 06, 2013 01:21:17",1365211277,"Jul 16, 2011 18:46:21",1310841981,"Jul 17, 2011 05:40:53",1310881253,"serg.gla...@gmail.com","2011-2805"
89522,"High","CVE-2011-2867, Cr-Blink, M-14, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","","SVG animation API crashes on SVGAnimateTransform","Apr 06, 2013 01:21:17",1365211277,"Jul 16, 2011 19:52:18",1310845938,"Jul 19, 2011 18:33:57",1311100437,"infe...@chromium.org","2011-2867"
89552,"High","CVE-2011-2831, Cr-Blink, M-13, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Stability-Memory-DrMemory, Type-Bug-Security","Stable",,"","gavinp@chromium.org","Use after free in CSSStyleSheet::checkLoaded","Apr 06, 2013 01:21:13",1365211273,"Jul 17, 2011 16:13:11",1310919191,"Jul 28, 2011 13:56:23",1311861383,"infe...@chromium.org","2011-2831"
89558,"High","Cr-Blink, M-14, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","None",500,"accept","simonjam@chromium.org","Use after free in SVGUseElement::buildShadowTree","Apr 06, 2013 01:21:13",1365211273,"Jul 17, 2011 18:37:30",1310927850,"Jul 27, 2011 17:23:40",1311787420,"miaubiz@gmail.com",""
89564,"Medium","CVE-2011-2848, Cr-Internals, Cr-UI-Browser-Navigation, M-14, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-835, reward-500","Stable",500,"accept","creis@chromium.org","Possible URL Bar Spoofing when history.forward() is ignored using forward button","Mar 21, 2013 21:00:33",1363899633,"Jul 17, 2011 20:14:38",1310933678,"Aug 31, 2011 20:36:25",1314822985,"jconsult...@gmail.com","2011-2848"
89575,"High","CVE-2011-2832, Cr-Blink, M-13, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","morrita@google.com","Use after free of markers in CompositeEditCommand::replaceTextInNodePreservingMarkers","Apr 06, 2013 01:21:12",1365211272,"Jul 18, 2011 06:49:52",1310971792,"Jul 28, 2011 13:56:23",1311861383,"infe...@chromium.org","2011-2832"
89580,"High","CVE-2011-2868, Cr-Blink, M-14, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free due to continuation splitting issues in -webkit-column-span","Apr 06, 2013 01:21:11",1365211271,"Jul 18, 2011 08:11:48",1310976708,"Sep 06, 2011 01:55:53",1315274153,"infe...@chromium.org","2011-2868"
89599,"High","CVE-2011-3240, Cr-Blink, M-14, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","","Freed SVGTRefElement used in SVGStyledElement::buildPendingResourcesIfNeeded","Apr 06, 2013 01:21:09",1365211269,"Jul 18, 2011 14:05:54",1310997954,"Jul 28, 2011 13:56:23",1311861383,"infe...@chromium.org","2011-3240"
89678,"High","CVE-2011-2817, Cr-Blink, M-13, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free in ReplacementFragment::removeUnrenderedNodes","Apr 06, 2013 01:21:04",1365211264,"Jul 19, 2011 03:15:11",1311045311,"Jul 19, 2011 18:36:31",1311100591,"infe...@chromium.org","2011-2817"
89795,"Low","CVE-2011-2849, Cr-Internals, M-14, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","ukai@chromium.org","Browser crash in net::WebSocketJob::SendPending","Mar 21, 2013 20:54:23",1363899263,"Jul 19, 2011 22:43:06",1311115386,"Jul 25, 2011 06:00:10",1311573610,"Ax3...@gmail.com","2011-2849"
89836,"Critical","CVE-2011-2806, M-13, Merge-Merged, OS-Windows, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security, reward-1337","Stable",1337,"accept","vangelis@chromium.org","Tracking bug for ANGLE memory corruption on Windows","Mar 21, 2013 21:07:57",1363900077,"Jul 20, 2011 03:55:16",1311134116,"Aug 04, 2011 01:24:47",1312421087,"scarybea...@gmail.com","2011-2806"
89991,"Medium","CVE-2011-3234, Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","Stable",500,"accept","infe...@chromium.org","Regression(82144): OOB InlineIterator read in TrailingObjects::updateMidpointsForTrailingBoxes","Apr 06, 2013 01:20:44",1365211244,"Jul 21, 2011 05:04:37",1311224677,"Aug 01, 2011 18:04:31",1312221871,"miaubiz@gmail.com","2011-3234"
90105,"Medium","Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-65147, merge-merged-963","Beta, Stable",,"","ke...@chromium.org","Heap-buffer-overflow in WebCore::RenderBlock::LineBreaker::nextLineBreak","Apr 06, 2013 01:20:38",1365211238,"Jul 21, 2011 23:19:33",1311290373,"Jan 06, 2012 20:31:47",1325881907,"infe...@chromium.org",""
90134,"Medium","CVE-2011-2850, Cr-Blink, M-14, Merge-Merged, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","ba...@chromium.org","OOB read in harfbuzz with khmer character","Apr 06, 2013 01:20:36",1365211236,"Jul 22, 2011 04:32:52",1311309172,"Jul 29, 2011 07:21:02",1311924062,"miaubiz@gmail.com","2011-2850"
90173,"Medium","CVE-2011-2851, Cr-Blink, Cr-Internals-Media, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-835","Stable",,"","scherkus@chromium.org","OOB read in media::ScaleYUVToRGB32 due to failure to account for zero source width and accessing negative indices","Apr 06, 2013 01:20:32",1365211232,"Jul 22, 2011 14:02:28",1311343348,"Sep 01, 2011 04:18:46",1314850726,"infe...@chromium.org","2011-2851"
90217,"Low","CVE-2011-3876, Cr-Internals, Cr-UI-Browser-Downloads, M-15, OS-Windows, Pri-3, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","ke...@chromium.org","Prevent silent truncation of trailing characters in downloaded file names","Mar 21, 2013 20:54:21",1363899261,"Jul 22, 2011 18:17:00",1311358620,"Aug 26, 2011 04:57:45",1314334665,"evn@google.com","2011-3876"
90222,"High","CVE-2011-2819, Cr-Blink, M-13, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1500","Stable",1500,"accept","","UXSS with document.baseURI","Apr 06, 2013 01:20:28",1365211228,"Jul 22, 2011 18:36:24",1311359784,"Jul 25, 2011 18:34:53",1311618893,"serg.gla...@gmail.com","2011-2819"
90357,"Medium","CVE-2011-2869, Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","rn...@chromium.org","OOB read in WebCore::previousBoundary","Apr 06, 2013 01:20:20",1365211220,"Jul 25, 2011 04:43:07",1311568987,"Aug 19, 2011 19:53:54",1313783634,"infe...@chromium.org","2011-2869"
90668,"High","CVE-2011-2827, Cr-Blink, M-13, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Stable",1000,"accept","rn...@chromium.org","Use after free in WebCore::findPlainText","Apr 06, 2013 01:20:03",1365211203,"Jul 27, 2011 15:19:53",1311779993,"Jul 28, 2011 13:56:23",1311861383,"miaubiz@gmail.com","2011-2827"
90978,"Medium","Cr-Blink, M-15, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","","read out of bounds in sUnpremultiplyData_RGBA8888 / ImageBufferData::getData (WEBKIT 65352)","Apr 06, 2013 01:19:26",1365211166,"Jul 29, 2011 13:26:44",1311946004,"Sep 04, 2011 05:06:32",1315112792,"jsc...@chromium.org",""
91008,"High","M-15, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","danno@chromium.org","[LangFuzz] Crash at JSObject::PrepareElementsForSort with invalid read","Mar 21, 2013 20:44:58",1363898698,"Jul 29, 2011 18:03:29",1311962609,"Aug 02, 2011 14:19:11",1312294751,"decoder...@googlemail.com",""
91010,"High","M-15, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","danno@chromium.org","[LangFuzz] Crash at JSObject::SetDictionaryElement with invalid read (32 bit)","Mar 21, 2013 20:44:58",1363898698,"Jul 29, 2011 18:11:41",1311963101,"Aug 02, 2011 09:30:22",1312277422,"decoder...@googlemail.com",""
91013,"High","M-15, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","vegorov@chromium.org","[LangFuzz] Crash at RootMarkingVisitor::VisitPointers (32 bit)","Mar 21, 2013 20:44:58",1363898698,"Jul 29, 2011 18:20:20",1311963620,"Aug 02, 2011 19:39:14",1312313954,"decoder...@googlemail.com",""
91016,"Medium","Cr-Blink, M-14, Merge-Merged, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-Medium, Type-Bug-Security, reward-500","None",500,"accept","bsalo...@google.com","Security: Canvas toDataURL security error: It is taking page information and not the canvas when making the image","Apr 06, 2013 01:19:25",1365211165,"Jul 29, 2011 18:26:03",1311963963,"Aug 04, 2011 19:36:44",1312486604,"simon.sa...@gmail.com",""
91092,"High","Cr-Blink, M-14, Merge-Merged-835, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-CodeYellow, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","ke...@chromium.org","Use after free in SVGUseElement::buildShadowTree","Apr 06, 2013 01:19:21",1365211161,"Jul 30, 2011 13:59:09",1312034349,"Sep 10, 2011 13:49:24",1315662564,"infe...@chromium.org",""
91093,"High","CVE-2011-2870, Cr-Blink, Cr-Blink-Video, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","tkent@chromium.org","Bad cast in paintMediaPlayButton","Apr 06, 2013 05:03:46",1365224626,"Jul 30, 2011 14:10:18",1312035018,"Aug 04, 2011 04:52:50",1312433570,"infe...@chromium.org","2011-2870"
91120,"High","CVE-2011-2852, M-14, Merge-Merged, Pri-0, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","kmillikin@chromium.org","[LangFuzz] Crash at Runtime_QuoteJSONString with invalid write","Mar 21, 2013 20:54:18",1363899258,"Jul 31, 2011 09:44:18",1312105458,"Aug 03, 2011 09:28:16",1312363696,"decoder...@googlemail.com","2011-2852"
91139,"High","M-13, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","cev...@chromium.org","HTML5 FileSystem API directory traversal","Mar 21, 2013 20:54:18",1363899258,"Jul 31, 2011 20:49:26",1312145366,"Aug 03, 2011 00:10:14",1312330214,"serg.gla...@gmail.com",""
91197,"High","CVE-2011-2853, Cr-Blink, Cr-Internals, Cr-Internals-Core, Cr-Internals-Plugins, Cr-Internals-Plugins-Flash, M-14, Merge-Merged, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stab","Stable",,"","wez@chromium.org","Use after free or bad cast with empty .swf file","Apr 06, 2013 04:23:51",1365222231,"Aug 01, 2011 12:41:48",1312202508,"Aug 31, 2011 22:43:59",1314830639,"skylined@chromium.org","2011-2853"
91218,"Low","CVE-2011-3877, Pri-0, Restrict-AddIssueComment-Commit, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","tsepez@chromium.org","XSS in chrome://appcache-internals","Mar 21, 2013 20:54:17",1363899257,"Aug 01, 2011 17:20:34",1312219234,"Aug 02, 2011 16:55:32",1312304132,"tsepez@chromium.org","2011-3877"
91517,"High","CVE-2011-2828, Cr-Internals, M-13, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","danno@chromium.org","Security: V8 asserts (crashes) when entering simple JS snippit","Mar 21, 2013 20:54:17",1363899257,"Aug 03, 2011 15:13:38",1312384418,"Aug 04, 2011 13:07:49",1312463269,"danno@chromium.org","2011-2828"
91577,"Low","Cr-Internals, M-14, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-835","Stable",,"","jstritar@chromium.org","file:// URL access is defaulting to opt-in","Mar 21, 2013 20:54:16",1363899256,"Aug 03, 2011 20:39:56",1312403996,"Aug 10, 2011 03:30:12",1312947012,"erik...@chromium.org",""
91598,"High","CVE-2011-2829, M-13, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1500","Stable",1500,"accept","","Integer overflow in v8 custom bindings for WebGLRenderingContext","Mar 21, 2013 20:54:16",1363899256,"Aug 03, 2011 22:03:15",1312408995,"Aug 04, 2011 21:53:12",1312494792,"serg.gla...@gmail.com","2011-2829"
91665,"High","CVE-2011-2839, M-13, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","cev...@chromium.org","Crash on bad rip when opening a PDF","Mar 21, 2013 20:54:16",1363899256,"Aug 04, 2011 13:54:00",1312466040,"Aug 04, 2011 19:35:29",1312486529,"aohelin","2011-2839"
91801,"High","CVE-2011-3236, Cr-Blink, M-14, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free of RootInlineBox","Apr 06, 2013 01:18:40",1365211120,"Aug 05, 2011 14:14:24",1312553664,"Aug 09, 2011 18:20:08",1312914008,"infe...@chromium.org","2011-3236"
91911,"High","CVE-2011-2871, Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Stability-Memory-DrMemory, Type-Bug-Security","Stable",,"","","Freed m_renderer used in InlineBox::deleteLine","Apr 06, 2013 01:18:32",1365211112,"Aug 06, 2011 07:44:37",1312616677,"Nov 07, 2011 20:51:46",1320699106,"infe...@chromium.org","2011-2871"
91921,"High","Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-CodeYellow, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-835, merge-merged-874","Stable",,"","infe...@chromium.org","Use after free in RenderRubyBase","Apr 06, 2013 01:18:32",1365211112,"Aug 06, 2011 14:27:29",1312640849,"Sep 25, 2011 21:42:53",1316986973,"infe...@chromium.org",""
91972,"High","CVE-2011-2872, Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","Regression(85705): Use after free on m_originatingLine in floats","Apr 06, 2013 01:18:29",1365211109,"Aug 07, 2011 15:29:01",1312730941,"Aug 10, 2011 21:49:15",1313012955,"infe...@chromium.org","2011-2872"
92226,"High","Cr-Blink, M-14, Merge-Merged, Merge-Merged-835, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-CodeYellow, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","c...@chromium.org","Use after free in CounterNode::lastDescendant","Apr 06, 2013 01:18:06",1365211086,"Aug 09, 2011 21:25:33",1312925133,"Sep 13, 2011 22:51:17",1315954277,"infe...@chromium.org",""
92550,"Low","CVE-2011-3954, Cr-Blink, Cr-Blink-Storage-IndexedDB, Cr-Internals, M-17, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","dgrogan@chromium.org","Chrome (main process) crashes when setVersion is called when all (Indexed) database name space is used up","Apr 06, 2013 03:07:41",1365217661,"Aug 11, 2011 21:51:20",1313099480,"Oct 29, 2011 16:02:04",1319904124,"therealh...@gmail.com","2011-3954"
92621,"High","CVE-2011-2833, Cr-Blink, M-13, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free in VisibleSelection::selectionFromContentsOfNode","Apr 06, 2013 01:17:39",1365211059,"Aug 12, 2011 07:14:17",1313133257,"Aug 12, 2011 16:30:31",1313166631,"infe...@chromium.org","2011-2833"
92651,"High","CVE-2011-2854, Cr-Blink, M-14, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Use after free due to style not updated for ANONYMOUS boxes (e.g RenderRow), inline-blocks (e.g. RenderRubyRun)","Apr 06, 2013 01:17:39",1365211059,"Aug 12, 2011 14:33:07",1313159587,"Sep 06, 2011 01:54:20",1315274060,"infe...@chromium.org","2011-2854"
92769,"High","CVE-2011-2873, Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","Use after free in TreeBuilder","Apr 06, 2013 01:17:32",1365211052,"Aug 13, 2011 14:37:00",1313246220,"Aug 14, 2011 23:09:02",1313363342,"infe...@chromium.org","2011-2873"
92959,"High","CVE-2011-2855, Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Stale node in StyleSheetCandidateListHashSet","Apr 06, 2013 01:17:13",1365211033,"Aug 15, 2011 22:07:19",1313446039,"Aug 17, 2011 18:30:50",1313605850,"Ax3...@gmail.com","2011-2855"
93106,"High","CVE-2011-3955, Cr-Blink, Cr-Blink-Storage-IndexedDB, M-17, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","jsbell@chromium.org","Failing assertion in IDBTransaction.cpp","Apr 06, 2013 03:07:39",1365217659,"Aug 16, 2011 18:36:40",1313519800,"Nov 23, 2011 16:57:46",1322067466,"dgrogan@chromium.org","2011-3955"
93416,"High","CVE-2011-2856, M-14, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-2000","Stable",2000,"accept","l...@chromium.org","Security: Arbitrary cross-origin bypass using __defineGetter__ prototype override","Mar 21, 2013 20:54:12",1363899252,"Aug 18, 2011 20:46:37",1313700397,"Aug 22, 2011 17:23:28",1314033808,"divric...@gmail.com","2011-2856"
93420,"High","CVE-2011-2857, Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Use after free in FocusController::advanceFocusInDocumentOrder","Apr 06, 2013 01:16:50",1365211010,"Aug 18, 2011 21:04:32",1313701472,"Aug 22, 2011 17:35:07",1314034507,"miaubiz@gmail.com","2011-2857"
93472,"","CVE-2011-2834, M-14, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Type-Bug-Security, reward-1000","Stable",1000,"accept","cev...@chromium.org","Yet another double-free caused by malformed XPath expression in XSLT","Mar 21, 2013 20:54:11",1363899251,"Aug 19, 2011 03:30:38",1313724638,"Aug 26, 2011 00:16:56",1314317816,"yangding...@gmail.com","2011-2834"
93497,"Medium","CVE-2011-2859, Cr-Internals, M-14, Merge-Merged, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-835","Stable",,"","asargent@chromium.org","Security: Accessibility of the chrome.webstorePrivate-API","Mar 21, 2013 21:00:29",1363899629,"Aug 19, 2011 13:13:07",1313759587,"Aug 24, 2011 04:32:30",1314160350,"sinbad.g...@recurity-labs.com","2011-2859"
93587,"High","CVE-2011-2860, Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Use after free in WebCore::Text::recalcStyle due to before after content issue in table parts","Apr 06, 2013 01:16:21",1365210981,"Aug 20, 2011 05:13:58",1313817238,"Aug 25, 2011 17:02:32",1314291752,"infe...@chromium.org","2011-2860"
93596,"Medium","CVE-2011-2861, M-14, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","cev...@chromium.org","Bad read in bundled PDF viewer","Mar 21, 2013 21:00:29",1363899629,"Aug 20, 2011 09:42:44",1313833364,"Aug 22, 2011 18:53:30",1314039210,"aohelin","2011-2861"
93759,"High","CVE-2011-2863, Cr-Blink, Cr-Blink-JavaScript, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-2000","Stable",2000,"accept","l...@chromium.org","UXSS using Object.getPrototypeOf","Apr 06, 2013 03:25:46",1365218746,"Aug 22, 2011 17:50:05",1314035405,"Aug 26, 2011 15:44:16",1314373456,"serg.gla...@gmail.com","2011-2863"
93788,"High","CVE-2011-2876, Cr-Blink, Cr-Content-Core, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-835, reward-1000","Stable",1000,"accept","morr...@chromium.org","Use after free in RenderText lineboxes.","Apr 06, 2013 01:16:06",1365210966,"Aug 22, 2011 20:48:12",1314046092,"Sep 21, 2011 06:03:00",1316584980,"miaubiz@gmail.com","2011-2876"
93906,"High","CVE-2011-2862, M-14, Merge-Merged, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-2337","Stable",2337,"accept","l...@chromium.org","V8 builtins object can be accessed using Function.prototype.caller","Mar 21, 2013 20:54:09",1363899249,"Aug 23, 2011 16:30:18",1314117018,"Aug 29, 2011 14:46:43",1314629203,"serg.gla...@gmail.com","2011-2862"
94273,"High","Cr-Blink, M-14, Merge-Merged, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","crog...@google.com","V8 custom bindings for AudioNode must do proper object checking and throw exception in case of error","Apr 06, 2013 01:15:33",1365210933,"Aug 25, 2011 18:29:04",1314296944,"Aug 25, 2011 19:38:41",1314301121,"crog...@google.com",""
94487,"Medium","CVE-2011-3878, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-CodeYellow, Stability-Memory-AddressSanitizer, Type-Bug-Security, ","Beta, Stable",,"","jsc...@chromium.org","Security: JSC::Yarr regexp 32/48 to the left of 768 with workers","Apr 06, 2013 01:15:11",1365210911,"Aug 27, 2011 19:11:43",1314472303,"Oct 08, 2011 13:12:26",1318079546,"miaubiz@gmail.com","2011-3878"
94578,"Low","M-19, MovedFrom-16, MovedFrom-17, MovedFrom15, MovedFrom18, OS-All, Pri-3, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, bulkmove","Beta, Stable",,"","tsepez@chromium.org","Security: Brute forcing Intranet WWW-Auth with script element","Mar 21, 2013 21:07:39",1363900059,"Aug 29, 2011 01:54:36",1314582876,"Feb 10, 2012 23:38:20",1328917100,"philippe...@gmail.com",""
94809,"High","Cr-Blink, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-CodeYellow, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-Merged-835","Stable",,"","infe...@chromium.org","Use after free in ruby overhang.","Apr 06, 2013 01:14:47",1365210887,"Aug 30, 2011 21:57:36",1314741456,"Sep 19, 2011 20:48:01",1316465281,"infe...@chromium.org",""
94810,"High","Cr-Blink, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-CodeYellow, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-835","Stable",,"","","Use after free with Floats and Ruby","Apr 06, 2013 01:14:46",1365210886,"Aug 30, 2011 22:08:01",1314742081,"Sep 13, 2011 01:31:02",1315877462,"infe...@chromium.org",""
95072,"High","CVE-2011-2877, Cr-Blink, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-CodeYellow, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-","Stable",1000,"accept","infe...@chromium.org","Use after free due to style not updated for svg text runs.","Apr 06, 2013 01:14:31",1365210871,"Sep 01, 2011 17:16:48",1314897408,"Sep 16, 2011 17:23:44",1316193824,"infe...@chromium.org","2011-2877"
95359,"High","Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-874","Stable",,"","infe...@chromium.org","Use after free in WebCore::SVGTRefElement::updateReferencedText","Apr 06, 2013 01:14:15",1365210855,"Sep 04, 2011 05:00:45",1315112445,"Oct 05, 2011 15:40:20",1317829220,"infe...@chromium.org",""
95360,"High","Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-835","Stable",,"","infe...@chromium.org","use after free in WebCore::ContainerNode::removeChild via Range.deleteContents()","Apr 06, 2013 01:14:14",1365210854,"Sep 04, 2011 05:04:17",1315112657,"Sep 05, 2011 05:22:55",1315200175,"infe...@chromium.org",""
95374,"Medium","CVE-2011-3879, Cr-Internals, M-15, Merge-Merged, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-874","Stable",,"","ke...@chromium.org","Redirect to chrome:// URIs via Location: header","Mar 21, 2013 21:00:28",1363899628,"Sep 04, 2011 14:30:24",1315146624,"Oct 04, 2011 18:02:05",1317751325,"masatoki...@gmail.com","2011-3879"
95465,"Low","Cr-Blink, M-16, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","cev...@chromium.org","4 OOB reads in XMLDocumentParser::doWrite","Apr 06, 2013 01:14:08",1365210848,"Sep 06, 2011 07:14:27",1315293267,"Sep 13, 2011 22:47:18",1315954038,"infe...@chromium.org",""
95485,"High","Cr-Blink, Cr-Blink-JavaScript, M-15, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","kmillikin@chromium.org","[LangFuzz] Crash at v8::internal::Object::Lookup","Apr 06, 2013 03:25:40",1365218740,"Sep 06, 2011 13:02:39",1315314159,"Sep 07, 2011 09:39:49",1315388389,"decoder...@googlemail.com",""
95499,"High","Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","","Use after free due to style not updated and having stale fonts.","Apr 06, 2013 01:14:04",1365210844,"Sep 06, 2011 16:28:34",1315326514,"Sep 06, 2011 16:28:34",1315326514,"infe...@chromium.org",""
95520,"High","Cr-Blink, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","infe...@chromium.org","Child not placed correctly when :before, :after placed in same table part container causing stale style","Apr 06, 2013 01:14:03",1365210843,"Sep 06, 2011 17:55:06",1315331706,"Sep 21, 2011 22:06:51",1316642811,"infe...@chromium.org",""
95563,"Medium","CVE-2011-2864, Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-CodeYellow, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-835","Stable",,"","ba...@chromium.org","OOB read in tibetan_nextSyllableBoundary","Apr 06, 2013 01:14:00",1365210840,"Sep 06, 2011 21:19:16",1315343956,"Sep 08, 2011 05:22:53",1315459373,"infe...@chromium.org","2011-2864"
95625,"Medium","CVE-2011-2858, Cr-Blink, Cr-Internals-GPU-WebGL, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-CodeYellow, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","g...@chromium.org","OOB read in gpu::gles2::GLES2DecoderImpl::HandleDrawArrays","Apr 06, 2013 01:13:54",1365210834,"Sep 07, 2011 02:50:38",1315363838,"Sep 11, 2011 05:22:37",1315718557,"infe...@chromium.org","2011-2858"
95671,"High","CVE-2011-2878, Cr-Blink, Cr-Blink-JavaScript, M-14, Merge-Merged, Merge-Merged-874, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-835, reward-2000","Stable",2000,"accept","abarth@chromium.org","Security: Cross-origin access to window.__proto__","Apr 06, 2013 03:25:39",1365218739,"Sep 07, 2011 16:38:13",1315413493,"Sep 19, 2011 23:11:31",1316473891,"serg.gla...@gmail.com","2011-2878"
95672,"High","Cr-Blink, M-15, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Use after free in ListIterms and RunIns rendering (from bug 88680)","Apr 06, 2013 01:13:48",1365210828,"Sep 07, 2011 16:38:52",1315413532,"Sep 09, 2011 16:23:59",1315585439,"infe...@chromium.org",""
95761,"High","Cr-Blink, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-835","Stable",,"","simonjam@chromium.org","Use after free in ContainerNode::removeChild (looks related to plugin)","Apr 06, 2013 01:13:42",1365210822,"Sep 08, 2011 03:11:44",1315451504,"Sep 15, 2011 18:39:55",1316111995,"infe...@chromium.org",""
95917,"Low","CVE-2011-2874, M-14, OS-Windows, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"",""," SSL cert. changes","Mar 21, 2013 20:54:01",1363899241,"Sep 08, 2011 22:26:26",1315520786,"Sep 15, 2011 21:48:56",1316123336,"chris.ely@gmail.com","2011-2874"
95920,"High","CVE-2011-2875, Cr-Blink, Cr-Blink-JavaScript, M-14, Merge-Merged, Pri-0, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","danno@chromium.org","[LangFuzz] Crash at v8::internal::ElementsAccessorBase with invalid read","Apr 06, 2013 03:25:37",1365218737,"Sep 08, 2011 22:59:24",1315522764,"Sep 12, 2011 12:45:18",1315831518,"decoder...@googlemail.com","2011-2875"
95992,"Low","CVE-2011-3880, Cr-Internals, Cr-Internals-Network-HTTP, M-15, Merge-Merged, Merge-Merged-874, Pri-3, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","eroman@chromium.org","Security: header injection when using embeded \0 in headerline","Mar 21, 2013 20:54:01",1363899241,"Sep 09, 2011 10:42:41",1315564961,"Sep 13, 2011 05:15:40",1315890940,"d0z...@gmail.com","2011-3880"
96047,"High","CVE-2011-3881, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-874, reward-2337","Beta, Stable",2337,"accept","abarth@chromium.org","UXSS and use-after-free when DOMWindow is accessed after navigation","Apr 06, 2013 01:13:23",1365210803,"Sep 09, 2011 18:54:42",1315594482,"Oct 13, 2011 09:06:37",1318496797,"serg.gla...@gmail.com","2011-3881"
96131,"High","Cr-Blink, Cr-Blink-JavaScript, Cr-Internals, M-15, Merge-Merged, OS-Mac, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-CodeYellow, Stability-Crash, Type-Bug-Security, m","Stable",,"","dim...@chromium.org","Closing parent then child in gmail = sad tab","Apr 06, 2013 03:25:36",1365218736,"Sep 10, 2011 08:07:17",1315642037,"Oct 17, 2011 20:49:35",1318884575,"g...@chromium.org",""
96150,"High","CVE-2011-2879, Cr-Blink, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-835","Stable",,"","crog...@google.com","Use after free in OfflineAudioDestinationNode::notifyCompleteDispatch","Apr 06, 2013 01:13:15",1365210795,"Sep 10, 2011 16:49:36",1315673376,"Sep 15, 2011 03:31:56",1316057516,"infe...@chromium.org","2011-2879"
96170,"Medium","Cr-Blink, Cr-Platform-DevTools, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-835","Stable",,"","pfeld...@chromium.org","Use after free in  InspectorPageAgent::resourceContent","Apr 06, 2013 01:13:13",1365210793,"Sep 11, 2011 02:12:59",1315707179,"Sep 14, 2011 17:04:21",1316019861,"infe...@chromium.org",""
96292,"High","CVE-2011-3882, Cr-Internals-Media, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-874","Stable",,"","fischman@chromium.org","Use after free in media BufferedResourceLoader::Start","Apr 01, 2013 15:38:22",1364830702,"Sep 12, 2011 18:35:43",1315852543,"Sep 27, 2011 21:10:14",1317157814,"infe...@chromium.org","2011-3882"
96382,"Medium","Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Stable",,"","","out-of-bounds access in Gradient::sortStopsIfNecessary","Apr 06, 2013 01:13:01",1365210781,"Sep 13, 2011 04:21:12",1315887672,"Sep 13, 2011 04:21:12",1315887672,"infe...@chromium.org",""
96444,"High","Cr-Blink, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-CodeYellow, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-835","Stable",,"","infe...@chromium.org","Freed scrollbar used in RenderScrollbarPart::imageChanged [not related to previous stale m_owner issues]","Apr 06, 2013 01:12:54",1365210774,"Sep 13, 2011 16:45:12",1315932312,"Sep 14, 2011 04:19:30",1315973970,"infe...@chromium.org",""
96479,"","Cr-Internals, Cr-Internals-Network-Cache, M-16, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Severity-None, Type-Bug-Security, reward-500","None",500,"accept","rvargas@chromium.org","Security: use after free in disk cache","Mar 21, 2013 20:31:40",1363897900,"Sep 13, 2011 20:04:47",1315944287,"Sep 14, 2011 00:44:49",1315961089,"miaubiz@gmail.com",""
96665,"High","Cr-Blink, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-835","Stable",,"","simonjam@chromium.org","Use after free in Element::recalcStyle due to reparenting issues in treebuilder","Apr 06, 2013 01:12:41",1365210761,"Sep 15, 2011 07:51:47",1316073107,"Sep 16, 2011 18:26:49",1316197609,"infe...@chromium.org",""
96885,"High","CVE-2011-3881, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-874, reward-2337","Stable",2337,"accept","abarth@chromium.org","UXSS via Object::GetRealNamedPropertyInPrototypeChain","Apr 06, 2013 01:12:25",1365210745,"Sep 16, 2011 18:57:56",1316199476,"Sep 29, 2011 17:55:59",1317318959,"serg.gla...@gmail.com","2011-3881"
96902,"High","CVE-2011-3883, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-874, reward-1000","Stable",1000,"accept","c...@chromium.org","Use-after-free in findPlaceForCounter","Apr 06, 2013 01:12:24",1365210744,"Sep 16, 2011 20:57:01",1316206621,"Oct 04, 2011 19:51:39",1317757899,"miaubiz@gmail.com","2011-3883"
97006,"High","Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-874","Beta, Stable",,"","jere...@chromium.org","Use after free due to issues in element detachment when entering fullscreen","Apr 06, 2013 01:12:17",1365210737,"Sep 18, 2011 06:28:30",1316327310,"Oct 10, 2011 21:48:01",1318283281,"infe...@chromium.org",""
97092,"High","Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, merge-merged-874, reward-1000","None",1000,"accept","jamesr@chromium.org","Stale canvas used in WebCore::PlatformContextSkia::save()","Apr 06, 2013 01:12:09",1365210729,"Sep 19, 2011 14:09:13",1316441353,"Sep 20, 2011 05:16:34",1316495794,"slaweck",""
97148,"High","CVE-2011-3884, Cr-Internals, Cr-UI-Browser-SafeBrowsing, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, merge-merged-874","Stable",,"","bryner@chromium.org","Crashes in PhishingDOMFeatureExtractor::ExtractFeaturesWithTimeout","Mar 21, 2013 20:53:56",1363899236,"Sep 19, 2011 22:13:42",1316470422,"Sep 23, 2011 19:11:40",1316805100,"bryner@chromium.org","2011-3884"
97278,"Medium","Cr-Blink, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-835","Stable",,"","jochen@chromium.org","Security: Tracking bug for CachedResourceLoader::canRequest in a redirect chain","Apr 06, 2013 01:11:57",1365210717,"Sep 20, 2011 18:26:19",1316543179,"Sep 21, 2011 00:13:03",1316563983,"ke...@chromium.org",""
97451,"High","CVE-2011-2880, Cr-Blink, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-835, reward-1500","Stable",1500,"accept","","Protect the Frame in V8HTMLDocument::openCallback","Apr 06, 2013 01:11:43",1365210703,"Sep 21, 2011 18:58:22",1316631502,"Sep 21, 2011 20:27:34",1316636854,"serg.gla...@gmail.com","2011-2880"
97520,"High","CVE-2011-2880, Cr-Blink, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-835, reward-1500","Stable",1500,"accept","","Protect message ports from being deleted in V8MessageEvent::portsAccessorGetter","Apr 06, 2013 01:11:37",1365210697,"Sep 21, 2011 23:17:36",1316647056,"Sep 22, 2011 02:02:53",1316656973,"serg.gla...@gmail.com","2011-2880"
97546,"High","Cr-Blink, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-835","Stable",,"","infe...@chromium.org","Use after free in ruby text :after, :before content due to stale styles.","Apr 06, 2013 01:11:35",1365210695,"Sep 22, 2011 02:42:26",1316659346,"Sep 23, 2011 21:01:52",1316811712,"infe...@chromium.org",""
97553,"Low","Cr-UI, Cr-UI-Browser-FullScreen, M-21, Merge-Merged, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1180","Beta, Stable",,"","koz@chromium.org","Clicking a link on a page that has been fullscreened by JS doesn't exit fullscreen","Mar 21, 2013 21:07:36",1363900056,"Sep 22, 2011 03:48:27",1316663307,"Dec 20, 2012 15:52:00",1356018720,"koz@chromium.org",""
97599,"High","CVE-2011-3885, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-874, reward","Beta, Stable",1000,"accept","infe...@chromium.org","More stale styles in listmarkers","Apr 06, 2013 01:11:32",1365210692,"Sep 22, 2011 15:32:39",1316705559,"Oct 10, 2011 19:47:22",1318276042,"infe...@chromium.org","2011-3885"
97608,"High","Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","","Use after free in counters in :before, :after content","Apr 06, 2013 01:11:31",1365210691,"Sep 22, 2011 16:04:15",1316707455,"Oct 20, 2011 20:28:04",1319142484,"infe...@chromium.org",""
97615,"High","CVE-2011-2880, Cr-Blink, Cr-Internals-GPU-WebGL, M-14, Merge-Merged, Merge-Merged-874, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-835, reward-1500","Stable",1500,"accept","","Ref protect shaders in V8WebGLRenderingContext::getAttachedShadersCallback","Apr 06, 2013 01:11:31",1365210691,"Sep 22, 2011 16:39:15",1316709555,"Sep 22, 2011 17:38:08",1316713088,"serg.gla...@gmail.com","2011-2880"
97674,"Medium","Cr-Internals, Cr-Platform-Extensions, M-15, Merge-Merged, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-874","Stable",,"","mi...@chromium.org","Security: Extension can get at tabs details (url/title) without requesting tabs permission","Mar 21, 2013 21:00:25",1363899625,"Sep 22, 2011 20:45:12",1316724312,"Sep 28, 2011 02:14:40",1317176080,"mihaip@chromium.org",""
97784,"High","CVE-2011-2881, Cr-Blink, Cr-Blink-JavaScript, M-14, Merge-Merged, OS-All, Pri-1, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1500","Stable",1500,"accept","ricow@chromium.org","[v8] Stale pointer in CSSStyleSheet, Invalid cast in V8ListenerList::doFindWrapper","Apr 06, 2013 03:25:31",1365218731,"Sep 23, 2011 18:18:21",1316801901,"Sep 26, 2011 20:51:57",1317070317,"infe...@chromium.org","2011-2881"
97952,"High","Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-874","Stable",,"","","Stale layout root generic fix from Mitz","Apr 06, 2013 01:11:09",1365210669,"Sep 25, 2011 05:47:30",1316929650,"Sep 26, 2011 00:10:35",1316995835,"infe...@chromium.org",""
97994,"High","Cr-Blink, M-14, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-835, merge-merged-874","Stable",,"","infe...@chromium.org","Use after free due to stale fonts","Apr 06, 2013 01:11:07",1365210667,"Sep 26, 2011 03:14:13",1317006853,"Sep 26, 2011 17:12:59",1317057179,"infe...@chromium.org",""
98053,"High","CVE-2011-3881, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-874, reward-2500","Beta, Stable",2500,"accept","","UXSS via HTMLObjectElement","Apr 06, 2013 01:11:03",1365210663,"Sep 26, 2011 17:38:11",1317058691,"Oct 06, 2011 17:15:41",1317921341,"serg.gla...@gmail.com","2011-3881"
98064,"High","CVE-2011-3885, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-874, reward-1000","Stable",1000,"accept","","Use-after-free when font is missing","Apr 06, 2013 01:11:02",1365210662,"Sep 26, 2011 18:36:31",1317062191,"Sep 29, 2011 04:17:50",1317269870,"miaubiz@gmail.com","2011-3885"
98089,"Critical","CVE-2011-3873, Cr-Internals, Cr-Internals-GPU-Internals, M-14, Merge-Merged, OS-Windows, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security","Stable",,"","zmo@chromium.org","memory corruption in ANGLE shader translator","Mar 21, 2013 21:07:56",1363900076,"Sep 26, 2011 21:15:55",1317071755,"Sep 28, 2011 00:45:37",1317170737,"zhen...@gmail.com","2011-3873"
98161,"Medium","Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-874","Stable",,"","","Bug 68816 - Rapidly refreshing a feMorphology[erode] with r=0 can sometimes cause display corruption","Apr 06, 2013 01:10:58",1365210658,"Sep 27, 2011 02:27:25",1317090445,"Sep 27, 2011 20:54:21",1317156861,"infe...@chromium.org",""
98407,"Medium","CVE-2011-3887, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-874, reward-1500","Stable",1500,"accept","","Cookie theft via DocumentWriter::begin","Apr 06, 2013 01:10:44",1365210644,"Sep 28, 2011 15:00:21",1317222021,"Sep 28, 2011 21:12:12",1317244332,"serg.gla...@gmail.com","2011-3887"
98556,"High","CVE-2011-3885, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-874, reward-1000","Stable",1000,"accept","","Use after free with first-letter","Apr 06, 2013 01:10:38",1365210638,"Sep 29, 2011 15:57:05",1317311825,"Oct 02, 2011 02:38:32",1317523112,"miaubiz@gmail.com","2011-3885"
98582,"High","Cr-Blink, Cr-Internals, Cr-Internals-Plugins, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-874","Beta, Stable",,"","ana...@chromium.org","Security: invalid memory reference to window object","Apr 06, 2013 04:22:40",1365222160,"Sep 29, 2011 18:20:31",1317320431,"Oct 08, 2011 13:18:24",1318079904,"brettw@chromium.org",""
98773,"High","CVE-2011-3886, Cr-Internals, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Valgrind, Type-Bug-Security, merge-merged-874, reward-1000","Beta, Stable",1000,"accept","mstarzinger@chromium.org","[LangFuzz] Crash at v8::Object::SlowGetPointerFromInternalField with invalid read","Apr 01, 2013 15:50:52",1364831452,"Oct 01, 2011 13:11:52",1317474712,"Oct 12, 2011 08:01:53",1318406513,"decoder...@googlemail.com","2011-3886"
98809,"Medium","Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-16, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","cev...@chromium.org","Renderer crash with PDF at isalnum","Apr 06, 2013 03:13:53",1365218033,"Oct 02, 2011 13:31:23",1317562283,"Oct 11, 2011 00:30:43",1318293043,"aohelin",""
99016,"High","Cr-Internals, M-16, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","creis@chromium.org","Security: HTTPS Address Bar Spoofing Using View-source And Redirection","Mar 21, 2013 21:07:34",1363900054,"Oct 04, 2011 13:13:26",1317734006,"Oct 13, 2011 20:09:07",1318536547,"mitja.ko...@acrossecurity.com",""
99104,"High","Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-874","Stable",,"","rn...@chromium.org","WebKit: invalid cast in WebCore::toRenderBlock / WebCore::RenderBlock::blockSelectionGaps","Apr 06, 2013 01:09:59",1365210599,"Oct 04, 2011 22:43:23",1317768203,"Oct 06, 2011 18:39:31",1317926371,"jsc...@chromium.org",""
99138,"High","CVE-2011-3888, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-874, reward-1000","Stable",1000,"accept","infe...@chromium.org","Use-after-free with plugin and editing","Apr 06, 2013 01:09:57",1365210597,"Oct 05, 2011 07:22:00",1317799320,"Oct 06, 2011 23:01:39",1317942099,"miaubiz@gmail.com","2011-3888"
99167,"High","CVE-2011-3886, Cr-Blink, Cr-Blink-JavaScript, Cr-Internals, M-15, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Valgrind, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","kmillikin@chromium.org","[LangFuzz] Crash on Heap involving GC (invalid write)","Apr 06, 2013 03:25:28",1365218728,"Oct 05, 2011 14:51:54",1317826314,"Oct 10, 2011 11:23:19",1318245799,"decoder...@googlemail.com","2011-3886"
99211,"High","CVE-2011-3889, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, mer","Beta, Stable",2000,"accept","crog...@google.com","Heap buffer overflow in Webaudio FFTFrame::doFFT","Apr 06, 2013 01:09:52",1365210592,"Oct 05, 2011 18:19:31",1317838771,"Oct 12, 2011 05:11:20",1318396280,"miaubiz@gmail.com","2011-3889"
99229,"High","CVE-2012-3669, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","","WebKit: Use after free in ~Node because ~HTMLLinkElement triggers script execution","Apr 06, 2013 01:09:50",1365210590,"Oct 05, 2011 20:18:42",1317845922,"Oct 06, 2011 16:49:13",1317919753,"infe...@chromium.org","2012-3669"
99294,"High","CVE-2011-3885, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-874, reward","Beta, Stable",1000,"accept","infe...@chromium.org","Use after free with :after in display table and :first-letter","Apr 06, 2013 01:09:47",1365210587,"Oct 06, 2011 06:56:59",1317884219,"Oct 11, 2011 05:11:59",1318309919,"miaubiz@gmail.com","2011-3885"
99338,"High","Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-874","Beta, Stable",,"","infe...@chromium.org","Use after free in RenderTableSection::splitColumn","Apr 06, 2013 01:09:45",1365210585,"Oct 06, 2011 16:33:18",1317918798,"Oct 10, 2011 18:59:52",1318273192,"mbarbe...@chromium.org",""
99348,"High","Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-874","Beta, Stable",,"","","Use after free in tables","Apr 06, 2013 01:09:43",1365210583,"Oct 06, 2011 17:27:10",1317922030,"Oct 11, 2011 00:56:42",1318294602,"infe...@chromium.org",""
99465,"High","Cr-Blink, M-16, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","dmazzoni@chromium.org","Security: AccessibilityImageMapLink holds onto it's parent even after it's been freed","Apr 06, 2013 01:09:34",1365210574,"Oct 07, 2011 15:31:55",1318001515,"Oct 11, 2011 23:28:11",1318375691,"chris.fl...@gmail.com",""
99512,"High","CVE-2011-3881, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-874, reward-2500","Beta, Stable",2500,"accept","","UXSS: XSLT-generated document should inherit its SecurityOrigin from the source document","Apr 06, 2013 01:09:32",1365210572,"Oct 07, 2011 20:11:24",1318018284,"Oct 08, 2011 13:14:46",1318079686,"serg.gla...@gmail.com","2011-3881"
99553,"High","CVE-2011-3890, Cr-Blink, Cr-Internals-GPU-Video, Cr-Internals-Media, M-15, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Secu","Beta, Stable",,"","vrk@chromium.org","repeatedly re-setting video.src crashes in WebCore::VideoLayerChromium::updateCompositorResources","Apr 06, 2013 01:09:31",1365210571,"Oct 07, 2011 23:11:30",1318029090,"Oct 14, 2011 15:21:00",1318605660,"fischman@chromium.org","2011-3890"
99596,"High","Cr-Blink, Cr-Internals-Media, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, SecTest, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merg","Beta, Stable",,"","ddor...@chromium.org","Use after free in media::FFmpegDemuxerStream::Read","Apr 06, 2013 01:09:28",1365210568,"Oct 08, 2011 22:00:27",1318111227,"Oct 17, 2011 16:42:49",1318869769,"infe...@chromium.org",""
99597,"High","Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Use after free in tables, float, :after content","Apr 06, 2013 01:09:27",1365210567,"Oct 08, 2011 22:03:00",1318111380,"Oct 28, 2011 21:31:01",1319837461,"infe...@chromium.org",""
99603,"High","Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","jchaffraix@chromium.org","Use after free due to flexible box not laying some of its children.","Apr 06, 2013 01:09:27",1365210567,"Oct 08, 2011 23:21:12",1318116072,"Oct 20, 2011 22:59:45",1319151585,"infe...@chromium.org",""
99615,"High","CVE-2012-3593, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-963","Beta, Stable",,"","","Heap-use-after-free in WebCore::GraphicsContext::paintingDisabled","Apr 06, 2013 01:09:26",1365210566,"Oct 09, 2011 05:32:12",1318138332,"Jan 26, 2012 16:59:30",1327597170,"infe...@chromium.org","2012-3593"
99652,"High","Cr-Blink, Cr-Internals-Media, M-15, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, SecTest, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-","Beta",1000,"accept","scherkus@chromium.org","OOB read in vp8_decode_frame","Apr 06, 2013 01:09:23",1365210563,"Oct 10, 2011 04:27:52",1318220872,"Oct 14, 2011 22:51:16",1318632676,"infe...@chromium.org",""
99732,"High","CVE-2012-3633, Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","jchaffraix@chromium.org","Use after free in table parts.","Apr 06, 2013 01:09:20",1365210560,"Oct 10, 2011 18:59:47",1318273187,"Nov 09, 2011 20:08:49",1320869329,"infe...@chromium.org","2012-3633"
99750,"High","CVE-2011-3881, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-874, reward-2500","Beta, Stable",2500,"accept","","UXSS: executeIfJavaScriptURL gets confused by synchronous frame loads","Apr 06, 2013 01:09:18",1365210558,"Oct 10, 2011 20:29:32",1318278572,"Oct 10, 2011 21:33:13",1318282393,"serg.gla...@gmail.com","2011-3881"
99880,"High","CVE-2011-3885, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-874, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Use after free in table :before, :after content.","Apr 06, 2013 01:09:09",1365210549,"Oct 11, 2011 18:22:45",1318357365,"Oct 11, 2011 21:11:32",1318367492,"infe...@chromium.org","2011-3885"
99901,"Low","Cr-Internals, Cr-Internals-Media, M-16, Merge-Merged, OS-Windows, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","scherkus@chromium.org","BinScope reports SafeSEH not supported on video DLLs","Mar 21, 2013 21:07:28",1363900048,"Oct 11, 2011 20:31:07",1318365067,"Nov 14, 2011 20:51:42",1321303902,"jsc...@chromium.org",""
100059,"High","CVE-2011-3885, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-874, reward-1337","Beta, Stable",1337,"accept","infe...@chromium.org","Generic fix: Register custom fonts at creation time, rather than retire time.","Apr 06, 2013 01:08:48",1365210528,"Oct 12, 2011 16:46:36",1318437996,"Oct 13, 2011 21:40:08",1318542008,"miaubiz@gmail.com","2011-3885"
100149,"Medium","Cr-Blink, M-16, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","","Use after free in AX Scrollbars","Apr 06, 2013 01:08:41",1365210521,"Oct 13, 2011 09:55:45",1318499745,"Oct 13, 2011 09:55:45",1318499745,"infe...@chromium.org",""
100177,"High","Cr-Blink, M-15, Merge-Merged, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Use after free in first-letter container destruction handling.","Apr 06, 2013 01:08:37",1365210517,"Oct 13, 2011 16:11:07",1318522267,"Oct 20, 2011 19:35:32",1319139332,"mbarbe...@chromium.org",""
100322,"High","CVE-2011-3891, Cr-Blink, Cr-Blink-JavaScript, M-15, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","kmillikin@chromium.org","Security: Calling arbitrary V8 native functions from JavaScript","Apr 06, 2013 03:25:26",1365218726,"Oct 14, 2011 12:45:14",1318596314,"Oct 18, 2011 07:22:20",1318922540,"keuc...@chromium.org","2011-3891"
100459,"High","Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-874","Beta, Stable",,"","jchaffraix@chromium.org","Use after free in RenderDeprecatedFlexibleBox::layoutHorizontalBox(bool) [and first-letter]","Apr 06, 2013 01:08:21",1365210501,"Oct 15, 2011 15:11:52",1318691512,"Oct 18, 2011 20:44:51",1318970691,"infe...@chromium.org",""
100464,"High","Cr-Internals, Cr-Internals-Media, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-874, reward-1000","Beta",1000,"accept","rbul...@google.com","Use-after-free in WebM at decode_mb_mode","Apr 01, 2013 15:38:07",1364830687,"Oct 15, 2011 18:16:38",1318702598,"Oct 18, 2011 03:22:41",1318908161,"aohelin",""
100465,"High","CVE-2011-3892, M-15, Merge-Merged, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","rbul...@google.com","OOB read in OGV at unpack_vlcs","Apr 01, 2013 15:38:06",1364830686,"Oct 15, 2011 18:25:53",1318703153,"Oct 28, 2011 00:24:17",1319761457,"aohelin","2011-3892"
100492,"Medium","CVE-2011-3893, M-15, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","Use after free in WebM/matroska at matroska_execute_seekhead()","Apr 01, 2013 15:38:06",1364830686,"Oct 16, 2011 07:27:10",1318750030,"Oct 20, 2011 22:02:22",1319148142,"aohelin","2011-3893"
100526,"High","Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Use after free in floats and first-letter ","Apr 06, 2013 01:08:17",1365210497,"Oct 17, 2011 01:09:27",1318813767,"Oct 27, 2011 13:28:53",1319722133,"infe...@chromium.org",""
100543,"Medium","CVE-2011-3893, M-15, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500, reward-decline","Beta, Stable",500,"decline","cev...@chromium.org","OOB read in WebM/vorbis at render_line()","Mar 21, 2013 21:07:24",1363900044,"Oct 17, 2011 09:24:01",1318843441,"Oct 20, 2011 23:22:42",1319152962,"aohelin","2011-3893"
100863,"Low","Cr-Blink, M-16, Merge-Merged, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","jsc...@chromium.org","OOB read in SVG at WebCore::parseArcFlag","Apr 06, 2013 01:07:53",1365210473,"Oct 19, 2011 11:38:54",1319024334,"Oct 25, 2011 14:52:51",1319554371,"aohelin",""
100958,"High","Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Heap-use-after-free WebCore::RenderBlock::layoutPositionedObjects","Apr 06, 2013 01:07:45",1365210465,"Oct 19, 2011 23:53:34",1319068414,"Nov 18, 2011 01:45:28",1321580728,"infe...@chromium.org",""
101010,"Medium","Cr-Blink, M-16, Merge-Merged, OS-Linux, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","Security: css/CSSParser.cpp memory corruption bug","Apr 06, 2013 01:07:40",1365210460,"Oct 20, 2011 11:56:39",1319111799,"Oct 25, 2011 19:45:16",1319571916,"hashcoll...@gmail.com",""
101018,"High","Cr-Blink, Cr-UI-Browser-FullScreen, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","jere...@chromium.org","Use after free in fullscreen unwraprenderer","Apr 06, 2013 01:07:39",1365210459,"Oct 20, 2011 15:41:34",1319125294,"Nov 01, 2011 04:41:49",1320122509,"infe...@chromium.org",""
101065,"High","Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Use after free with counters and inline-table and :before content","Apr 06, 2013 01:07:35",1365210455,"Oct 20, 2011 20:31:31",1319142691,"Nov 17, 2011 17:37:12",1321551432,"infe...@chromium.org",""
101172,"High","CVE-2011-3894, Cr-Blink, Cr-Internals-Media, M-15, Merge-Merged, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","rbul...@google.com","Seeking on webm 1080p video causes crash","Apr 06, 2013 01:07:28",1365210448,"Oct 21, 2011 17:57:10",1319219830,"Oct 28, 2011 00:23:00",1319761380,"ldobb...@chromium.org","2011-3894"
101235,"High","Cr-Blink, Cr-UI-Browser-History, M-16, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, WebKit-ID-65895","Beta, Stable",,"","jsc...@chromium.org","Security: Location bar spoofing when using replaceState in unload event handler","Apr 06, 2013 01:07:22",1365210442,"Oct 22, 2011 01:43:50",1319247830,"Nov 08, 2011 17:48:43",1320774523,"mihaip@chromium.org",""
101458,"High","CVE-2011-3895, M-15, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Stability-Valgrind, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","cev...@chromium.org","OOB read in WebM/vorbis vorbis_decode_frame()","Apr 01, 2013 15:50:35",1364831435,"Oct 25, 2011 07:27:25",1319527645,"Oct 28, 2011 00:14:51",1319760891,"aohelin","2011-3895"
101580,"High","CVE-2012-3634, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-70848","Beta, Stable",,"","ke...@chromium.org","Heap-use-after-free in WebCore::RenderObject::enclosingLayer","Apr 06, 2013 01:06:55",1365210415,"Oct 25, 2011 20:50:33",1319575833,"Jan 05, 2012 19:29:48",1325791788,"mbarbe...@chromium.org","2012-3634"
101624,"High","CVE-2011-3896, Cr-Internals, Cr-Internals-GPU-Internals, Cr-Internals-Graphics, M-15, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","kbr@chromium.org","Security: buffer overrun leading to heap corruption in ANGLE shader translator","Mar 21, 2013 21:07:20",1363900040,"Oct 26, 2011 01:31:21",1319592681,"Oct 26, 2011 19:25:12",1319657112,"kbr@chromium.org","2011-3896"
101779,"Medium","Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-16, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Valgrind, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read with corrupt PDF; possible stability issue too","Apr 06, 2013 03:13:41",1365218021,"Oct 26, 2011 18:40:40",1319654440,"Oct 26, 2011 21:25:21",1319664321,"scarybea...@gmail.com",""
102037,"High","Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Stability-Valgrind, Type-Bug-Security, WebKit-ID-71860","Beta, Stable",,"","cev...@chromium.org","Security: Use after free in CSSStyleDeclarationInternal::parentRuleAttrGetter","Apr 06, 2013 01:06:30",1365210390,"Oct 28, 2011 05:46:17",1319780777,"Nov 09, 2011 04:28:28",1320812908,"infe...@chromium.org",""
102242,"High","CVE-2011-3897, Cr-Blink, M-15, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, WebKit-ID-71145","Beta, Stable",,"","rn...@chromium.org","ZDI-CAN-1416: WebKit ContentEditable swapInNode Use-After-Free Remote Code Execution Vulnerability","Apr 06, 2013 01:06:15",1365210375,"Oct 29, 2011 07:58:02",1319875082,"Oct 29, 2011 07:58:02",1319875082,"infe...@chromium.org","2011-3897"
102359,"High","Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-71741, reward-1000","Beta, Stable",1000,"accept","jsc...@chromium.org","Use-after-free in SVG renderer","Apr 06, 2013 01:06:11",1365210371,"Oct 31, 2011 13:42:24",1320068544,"Nov 16, 2011 22:09:40",1321481380,"Ax3...@gmail.com",""
102461,"Low","CVE-2011-3898, M-15, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-874, merge-merged-912","Beta, Stable",,"","cev...@chromium.org","Failure to infobar JRE7","Mar 21, 2013 21:07:18",1363900038,"Nov 01, 2011 03:06:08",1320116768,"Nov 01, 2011 19:07:31",1320174451,"scarybea...@gmail.com","2011-3898"
102628,"High","M-17, Pri-0, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-71514, reward-1000","None",1000,"accept","","Security: Adobe regions use-after-free with multiple region css thingies","Apr 01, 2013 15:38:00",1364830680,"Nov 02, 2011 07:31:53",1320219113,"Nov 04, 2011 21:55:18",1320443718,"miaubiz@gmail.com",""
102810,"High","Cr-Blink, M-16, Merge-Merged, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Stability-Valgrind, Type-Bug-Security, reward-1000","Beta",1000,"accept","gavinp@chromium.org","Security: buffer overflow in link prefetching","Apr 06, 2013 01:05:38",1365210338,"Nov 03, 2011 09:39:13",1320313153,"Nov 08, 2011 16:14:11",1320768851,"miaubiz@gmail.com",""
103058,"High","M-17, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Stability-Valgrind, Type-Bug-Security, reward-1000","None",1000,"accept","gavinp@chromium.org","Security: missing xslt import causes crash w/preloading","Apr 01, 2013 15:50:29",1364831429,"Nov 04, 2011 19:58:28",1320436708,"Nov 12, 2011 02:42:30",1321065750,"miaubiz@gmail.com",""
103126,"High","Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Stability-Valgrind, Type-Bug-Security, WebKit-ID-72759, me","Beta, Stable",,"","ke...@chromium.org","Heap-use-after-free in WebCore::RenderTextFragment::styleDidChange","Apr 06, 2013 01:05:14",1365210314,"Nov 05, 2011 15:35:22",1320507322,"Dec 12, 2011 22:54:07",1323730447,"jsc...@chromium.org",""
103239,"High","Cr-Internals, Cr-Internals-Skia, M-17, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Valgrind, Type-Bug-Security, reward-1000","None",1000,"accept","r...@google.com","Security: INVALID_POINTER_READ/WRITE_EXPLOITABLE_chrome!SkRgnBuilder::blitH","Apr 01, 2013 15:50:27",1364831427,"Nov 07, 2011 15:17:43",1320679063,"Nov 10, 2011 02:54:28",1320893668,"attek...@gmail.com",""
103244,"Low","Cr-Internals, M-16, Merge-Merged, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","a...@chromium.org","Pinning checks aren't enforced in the case of a minor error.","Mar 21, 2013 21:07:17",1363900037,"Nov 07, 2011 17:19:48",1320686388,"Nov 07, 2011 23:28:01",1320708481,"a...@chromium.org",""
103259,"High","CVE-2011-3900, Cr-Blink, Cr-Blink-JavaScript, M-15, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","yangguo@chromium.org","[LangFuzz] Crash at v8::internal::WriteQuoteJsonString with invalid write","Apr 06, 2013 03:25:16",1365218716,"Nov 07, 2011 20:14:44",1320696884,"Nov 08, 2011 15:33:30",1320766410,"decoder...@googlemail.com","2011-3900"
103630,"Low","CVE-2011-3956, Cr-Internals, Cr-Platform-Extensions, M-17, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, extensions-cleanup","Beta, Stable",,"","abarth@chromium.org","Security: iFrame SandBox Unique Origin not enforced in extensions","Mar 21, 2013 21:07:16",1363900036,"Nov 09, 2011 21:51:11",1320875471,"Dec 08, 2011 07:21:39",1323328899,"dev.akh...@gmail.com","2011-3956"
103867,"Low","Cr-Internals, Cr-Platform-Extensions, OS-All, Pri-3, Restrict-AddIssueComment-Commit, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","yoz@chromium.org","Security: chrome.test.resetQuota extension API exposed to all extensions","Mar 21, 2013 21:07:16",1363900036,"Nov 11, 2011 02:42:27",1320979347,"Jan 09, 2012 23:19:48",1326151188,"a...@chromium.org",""
103921,"High","Cr-Blink, Cr-Blink-DOM, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-72757, reward-1","Beta, Stable",1000,"accept","cev...@chromium.org","Use-after-free in DOM Range ","Apr 06, 2013 03:40:38",1365219638,"Nov 11, 2011 17:47:46",1321033666,"Nov 19, 2011 01:58:24",1321667904,"Ax3...@gmail.com",""
104011,"High","Cr-Blink, Cr-Blink-JavaScript, M-16, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-912, reward-1000","Beta, Stable",1000,"accept","c...@chromium.org","v8_i18n::BCP47ToICUFormat() - crash","Apr 06, 2013 03:25:15",1365218715,"Nov 12, 2011 13:11:45",1321103505,"Nov 15, 2011 22:56:59",1321397819,"slaweck",""
104056,"High","CVE-2011-3957, Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-17, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","cev...@chromium.org","Crash with PDF at bad IP","Apr 06, 2013 03:13:36",1365218016,"Nov 13, 2011 14:09:27",1321193367,"Nov 16, 2011 20:32:35",1321475555,"aohelin","2011-3957"
104151,"High","Cr-Blink, M-16, Merge-merged-912, OS-Mac, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","","Bad cast in WebCore::RenderThemeMac::paintMediaToggleClosedCaptionsButton","Apr 06, 2013 01:04:07",1365210247,"Nov 14, 2011 17:34:00",1321292040,"Nov 16, 2011 07:05:20",1321427120,"ke...@chromium.org",""
104223,"Medium","Cr-Internals, M-16, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","jcive...@chromium.org","Security: MHTML can be used to steal cookies","Mar 21, 2013 21:07:14",1363900034,"Nov 14, 2011 23:29:41",1321313381,"Nov 17, 2011 05:27:08",1321507628,"jcive...@chromium.org",""
104266,"Medium","CVE-2012-3637, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","","Heap-use-after-free in WebCore::nextBreakablePosition","Apr 06, 2013 01:03:57",1365210237,"Nov 15, 2011 07:39:34",1321342774,"Feb 14, 2012 22:07:45",1329257265,"infe...@chromium.org","2012-3637"
104317,"High","CVE-2012-3636, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Stale RenderObject in RenderBlock::addChildIgnoringAnonymousColumnBlocks()","Apr 06, 2013 01:03:52",1365210232,"Nov 15, 2011 16:02:37",1321372957,"Feb 04, 2012 23:41:42",1328398902,"infe...@chromium.org","2012-3636"
104325,"High","CVE-2012-3635, ClusterFuzz, Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merge","Beta, Stable",,"","","Heap-use-after-free in WebCore::RenderBlock::determineStartPosition","Apr 06, 2013 01:03:51",1365210231,"Nov 15, 2011 17:12:19",1321377139,"Jan 03, 2012 06:32:17",1325572337,"infe...@chromium.org","2012-3635"
104461,"Medium","Cr-Internals, M-22, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","yurys@chromium.org","Security: chrome://workers/ crash","Mar 21, 2013 21:07:12",1363900032,"Nov 16, 2011 15:18:51",1321456731,"Aug 16, 2012 16:15:55",1345133755,"kuz...@gmail.com",""
104529,"High","Cr-Blink, Cr-Internals-Plugins-PDF, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-2000","Beta, Stable",2000,"accept","cev...@chromium.org","PDF-reader tab-crash with editable crash address.","Apr 06, 2013 03:13:34",1365218014,"Nov 16, 2011 22:18:44",1321481924,"Nov 17, 2011 00:17:07",1321489027,"attek...@gmail.com",""
104859,"High","Cr-Blink, M-16, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-912, reward-1000","Beta, Stable",1000,"accept","ke...@chromium.org","Heap-use-after-free in WebCore::InlineFlowBox::computeOverAnnotationAdjustment","Apr 06, 2013 01:03:20",1365210200,"Nov 19, 2011 11:48:45",1321703325,"Nov 28, 2011 20:10:41",1322511041,"slaweck",""
104863,"High","CVE-2012-3594, Cr-Blink, M-17, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","None",1000,"accept","","Heap-use-after-free in WebCore::SubresourceLoader::didFail","Apr 06, 2013 01:03:20",1365210200,"Nov 19, 2011 14:08:17",1321711697,"Nov 30, 2011 21:31:09",1322688669,"miaubiz@gmail.com","2012-3594"
104935,"Low","Cr-Internals, M-19, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","pal...@chromium.org"," do not obey expected policy.","Mar 21, 2013 21:07:11",1363900031,"Nov 21, 2011 04:11:06",1321848666,"May 07, 2012 20:17:30",1336421850,"e...@elie.im",""
104959,"Medium","Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","cev...@chromium.org","Nasty looking crash on internal pdf-reader","Apr 06, 2013 03:13:31",1365218011,"Nov 21, 2011 11:31:57",1321875117,"Nov 21, 2011 22:30:52",1321914652,"attek...@gmail.com",""
105143,"Low","Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","","Cross-origin drag-and-drop prevention ineffective","Apr 06, 2013 01:02:56",1365210176,"Nov 22, 2011 19:26:49",1321990009,"Nov 23, 2011 03:29:19",1322018959,"infe...@chromium.org",""
105157,"High","CVE-2012-3638, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merge","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::InlineFlowBox::removeChild","Apr 06, 2013 01:02:55",1365210175,"Nov 22, 2011 20:27:25",1321993645,"Jan 24, 2012 19:10:24",1327432224,"infe...@chromium.org","2012-3638"
105162,"Medium","ClusterFuzz, Cr-Internals, M-16, Merge-Merged, OS-All, OS-Linux, Pri-1, Restrict-AddIssueComment-EditIssue, Security-Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","mnissler@chromium.org","Stack-buffer-overflow in base::files::(anonymous namespace)::InotifyReaderTask::Run","Apr 01, 2013 15:37:50",1364830670,"Nov 22, 2011 20:47:33",1321994853,"Nov 23, 2011 18:36:47",1322073407,"infe...@chromium.org",""
105459,"High","CVE-2011-3958, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-963, reward","Beta, Stable",2000,"accept","infe...@chromium.org","Use-after frees and bad casts with -webkit-column-span","Apr 06, 2013 01:02:36",1365210156,"Nov 26, 2011 07:47:49",1322293669,"Jan 24, 2012 20:05:22",1327435522,"miaubiz@gmail.com","2011-3958"
105482,"Low","Cr-Blink, Cr-Blink-Workers, Pri-2, Restrict-AddIssueComment-Commit, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","tsepez@chromium.org","Security: CSP connect-src and script-src not enforced on workers","Apr 06, 2013 04:54:19",1365224059,"Nov 27, 2011 00:29:14",1322353754,"Jan 24, 2012 20:17:13",1327436233,"dev.akh...@gmail.com",""
105714,"Medium","Cr-Internals, M-16, Merge-Merged, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","cev...@chromium.org","Nasty looking INVALID_POINTER_READ in internal PDF-reader","Mar 21, 2013 21:06:45",1363900005,"Nov 29, 2011 15:59:23",1322582363,"Nov 30, 2011 05:15:18",1322630118,"attek...@gmail.com",""
105803,"High","CVE-2011-3015, Cr-Blink, Cr-Internals-Plugins-PDF, M-17, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF missing integer validation for Flate / LZW / Fax prediction codes and other parameters","Apr 06, 2013 03:13:29",1365218009,"Nov 30, 2011 00:20:08",1322612408,"Feb 03, 2012 00:39:33",1328229573,"scarybea...@gmail.com","2011-3015"
105867,"High","CVE-2011-3031, Cr-Blink, Cr-Blink-JavaScript, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, rew","Beta, Stable",1000,"accept","adamk@chromium.org","Use after free in V8HTMLElementWrapperFactory.cpp","Apr 06, 2013 03:25:11",1365218711,"Nov 30, 2011 13:02:14",1322658134,"Feb 18, 2012 06:56:04",1329548164,"chamal.d...@gmail.com","2011-3031"
106200,"High","CVE-2012-3641, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-74311, merge-merged-963, ","None",500,"accept","ke...@chromium.org","Heap-use-after-free in WebCore::InlineBox::deleteLine","Apr 06, 2013 01:01:33",1365210093,"Dec 02, 2011 18:53:44",1322852024,"Dec 15, 2011 04:29:41",1323923381,"infe...@chromium.org","2012-3641"
106309,"High","ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","","Heap-buffer-overflow in WebCore::InlineFlowBox::addToLine (regions issue)","Apr 06, 2013 01:01:27",1365210087,"Dec 04, 2011 03:40:35",1322970035,"Jan 06, 2012 21:16:22",1325884582,"infe...@chromium.org",""
106336,"Medium","CVE-2011-3016, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","c...@chromium.org","Heap-use-after-free in WebCore::CounterNode::insertAfter","Apr 06, 2013 01:01:26",1365210086,"Dec 04, 2011 19:54:51",1323028491,"Feb 06, 2012 22:46:13",1328568373,"miaubiz@gmail.com","2011-3016"
106413,"High","CVE-2011-3078, ClusterFuzz, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::checkFloatsInCleanLine","Apr 06, 2013 01:01:20",1365210080,"Dec 05, 2011 17:51:45",1323107505,"Apr 02, 2012 20:59:48",1333400388,"infe...@chromium.org","2011-3078"
106441,"High","CVE-2011-3959, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-963, reward","Beta, Stable",1000,"accept","falken@chromium.org","Stack-buffer-overflow in _canonicalize","Apr 06, 2013 01:01:19",1365210079,"Dec 05, 2011 20:22:39",1323116559,"Dec 08, 2011 03:43:10",1323315790,"aohelin","2011-3959"
106484,"High","CVE-2011-3924, Cr-Blink, Cr-Blink-DOM, Cr-Blink-SVG, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Securi","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::RenderObject::childAt","Apr 06, 2013 03:44:56",1365219896,"Dec 05, 2011 23:46:10",1323128770,"Jan 06, 2012 20:17:11",1325881031,"Ax3...@gmail.com","2011-3924"
106577,"Medium","CVE-2011-3066, Cr-Internals, Cr-Internals-Graphics, Cr-Internals-Skia, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSaniti","Beta, Stable",500,"accept","epo...@chromium.org","Heap-buffer-overflow in SkAAClipBlitter::blitAntiH","Apr 01, 2013 15:37:41",1364830661,"Dec 06, 2011 19:12:46",1323198766,"Mar 23, 2012 23:36:52",1332545812,"miaubiz@gmail.com","2011-3066"
106671,"Medium","CVE-2012-3599, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-mer","Beta, Stable",,"","aboxh...@chromium.org","Heap-use-after-free in WebCore::InlineFlowBox::deleteLine","Apr 06, 2013 01:00:57",1365210057,"Dec 07, 2011 06:57:59",1323241079,"Dec 31, 2011 08:20:37",1325319637,"infe...@chromium.org","2012-3599"
106672,"High","CVE-2011-3921, Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-912, merge-merged-963, reward-1000","Beta, Stable",1000,"accept","jamesr@chromium.org","Security: Crash in requestAnimationFrame when removing a frame","Apr 06, 2013 01:00:57",1365210057,"Dec 07, 2011 07:07:26",1323241646,"Dec 09, 2011 18:35:11",1323455711,"jamesr@chromium.org","2011-3921"
107128,"High","CVE-2011-3919, Cr-Internals, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-912, merge-merged-963, reward-4000","Stable",4000,"accept","cev...@chromium.org","Heap-buffer-overflow in xmlStringLenDecodeEntities","Mar 21, 2013 20:53:18",1363899198,"Dec 11, 2011 05:55:47",1323582947,"Jan 03, 2012 22:03:36",1325628216,"a...@ut.ee","2011-3919"
107182,"Critical","CVE-2011-3925, Cr-UI, Cr-UI-Browser-Navigation, Cr-UI-Browser-SafeBrowsing, M-16, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security, merg","Beta, Stable",3133,"accept","creis@chromium.org","Heap use after free with malware blocking page","Mar 21, 2013 21:07:55",1363900075,"Dec 12, 2011 07:08:53",1323673733,"Dec 21, 2011 00:14:57",1324426497,"chamal.d...@gmail.com","2011-3925"
107244,"High","Cr-Blink, M-18, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","None",1000,"accept","levin@chromium.org","Heap-use-after-free in DatabaseObserver","Apr 06, 2013 01:00:11",1365210011,"Dec 12, 2011 19:45:58",1323719158,"Dec 15, 2011 18:58:43",1323975523,"miaubiz@gmail.com",""
107258,"High","CVE-2011-3904, Cr-Blink, M-16, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, WEBKIT-ID-66015","Beta, Stable",,"","","Freed m_renderer used in InlineBox::deleteLine","Apr 06, 2013 01:00:11",1365210011,"Dec 12, 2011 21:05:25",1323723925,"Dec 12, 2011 21:05:25",1323723925,"jsc...@chromium.org","2011-3904"
107277,"High","CVE-2012-3639, Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Stability-Valgrind, Type-Bug-Security, WebK","Beta, Stable",,"","ke...@chromium.org","Heap-use-after-free in WebCore::RenderTextFragment::willBeDestroyed","Apr 06, 2013 01:00:08",1365210008,"Dec 12, 2011 22:52:46",1323730366,"Jan 05, 2012 13:41:37",1325770897,"ke...@chromium.org","2012-3639"
107565,"Low","Cr-UI, M-19, OS-All, Pri-3, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","tsepez@chromium.org","Security: dragging a file URL between two http-spawned windows goes remote->local","Mar 21, 2013 21:06:35",1363899995,"Dec 14, 2011 17:43:30",1323884610,"Feb 03, 2012 19:44:43",1328298283,"googlec...@vtty.com",""
107616,"High","Cr-Blink, M-16, Merge-Merged, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-912, merge-merged-963","Beta, Stable",,"","yzs...@chromium.org","UXSS in v8 bindings npCreateV8ScriptObject()","Apr 06, 2013 00:59:42",1365209982,"Dec 14, 2011 22:35:57",1323902157,"Jan 03, 2012 23:43:42",1325634222,"tsepez@chromium.org",""
107758,"High","CVE-2012-3642, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-963, reward-1000","Beta",1000,"accept","","Heap-use-after-free in WebCore::RenderRegion::offsetFromLogicalTopOfFirstPage","Apr 06, 2013 00:59:27",1365209967,"Dec 15, 2011 20:30:27",1323981027,"Jan 05, 2012 16:53:57",1325782437,"miaubiz@gmail.com","2012-3642"
107873,"High","Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-912, merge-merged-963","Beta, Stable",,"","dslomov@chromium.org","Heap-use-after-free in WebCore::DatabaseTracker::interruptAllDatabasesForContext","Apr 06, 2013 00:59:22",1365209962,"Dec 16, 2011 17:20:17",1324056017,"Dec 21, 2011 21:13:32",1324502012,"infe...@chromium.org",""
107939,"High","ClusterFuzz, Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-912, merge-me","Beta, Stable",,"","","Heap-buffer-overflow in WebCore::RenderBlock::layoutRunsAndFloatsInRange","Apr 06, 2013 00:59:19",1365209959,"Dec 17, 2011 03:16:00",1324091760,"Dec 19, 2011 03:35:04",1324265704,"infe...@chromium.org",""
108006,"High","CVE-2011-3922, ClusterFuzz, Cr-Internals, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-m","Beta, Stable",,"","ba...@chromium.org","Stack-buffer-overflow in HB_MyanmarShape","Apr 01, 2013 15:37:36",1364830656,"Dec 19, 2011 00:24:52",1324254292,"Dec 28, 2011 02:14:05",1325038445,"infe...@chromium.org","2011-3922"
108037,"High","CVE-2011-3032, Cr-Blink, Cr-Blink-SVG, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WEBKIT-ID-","Beta, Stable",1000,"accept","schen...@chromium.org","Heap-buffer-overflow in WebCore::SVGLength::valueAsString","Apr 06, 2013 03:44:54",1365219894,"Dec 19, 2011 09:43:32",1324287812,"Feb 20, 2012 15:39:43",1329752383,"Ax3...@gmail.com","2011-3032"
108071,"Critical","Cr-Blink, Cr-Blink-Storage-IndexedDB, Cr-Internals, M-17, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-Critical, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-75596-N","Beta",3133,"accept","dgrogan@chromium.org","Browser process heap-use-after-free with indexeddb cursors","Apr 06, 2013 03:07:10",1365217630,"Dec 19, 2011 17:10:16",1324314616,"Jan 06, 2012 02:00:37",1325815237,"aohelin",""
108207,"High","CVE-2012-3644, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-963, reward-1000","Beta",1000,"accept","jchaffraix@chromium.org","Heap-use-after-free in WebCore::RenderTable::borderBefore","Apr 06, 2013 00:58:46",1365209926,"Dec 20, 2011 19:49:55",1324410595,"Jan 20, 2012 22:18:10",1327097890,"miaubiz@gmail.com","2012-3644"
108267,"High","ClusterFuzz, Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-912, merge-me","Beta, Stable",,"","","Heap-use-after-free in WebCore::RenderBlock::selectionGaps","Apr 06, 2013 00:58:41",1365209921,"Dec 21, 2011 08:34:02",1324456442,"Jan 17, 2012 02:50:32",1326768632,"infe...@chromium.org",""
108416,"Medium","CVE-2011-3960, Cr-Internals, Cr-Internals-Media, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",500,"accept","scherkus@chromium.org","Global-buffer-overflow in render_line","Apr 01, 2013 15:37:33",1364830653,"Dec 22, 2011 11:44:03",1324554243,"Jan 23, 2012 20:00:40",1327348840,"aohelin","2011-3960"
108461,"High","CVE-2011-3928, ClusterFuzz, Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-","Beta, Stable",,"","tkent@chromium.org","Heap-use-after-free in WebCore::HTMLInputElement::copyNonAttributeProperties","Apr 06, 2013 00:58:18",1365209898,"Dec 22, 2011 19:38:27",1324582707,"Jan 06, 2012 16:52:44",1325868764,"infe...@chromium.org","2011-3928"
108476,"Medium","Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-963, reward-500","Beta",500,"accept","tony@chromium.org","Heap-buffer-overflow in WebCore::Font::codePath","Apr 06, 2013 00:58:17",1365209897,"Dec 22, 2011 21:10:31",1324588231,"Jan 11, 2012 18:43:29",1326307409,"miaubiz@gmail.com",""
108544,"High","Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-963, reward-1000","Beta",1000,"accept","jap...@chromium.org","Heap-use-after-free in SubresourceLoader::didFinishLoading","Apr 06, 2013 00:58:13",1365209893,"Dec 23, 2011 13:58:36",1324648716,"Jan 19, 2012 02:02:49",1326938569,"chamal.d...@gmail.com",""
108605,"High","CVE-2011-3927, Cr-Internals, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Valgrind, Type-Bug-Security, merge-merged-912, merge-merged-963,","Beta, Stable",1000,"accept","r...@chromium.org","Use of uninitialized value in SkAlphaRuns::Break","Apr 01, 2013 15:49:56",1364831396,"Dec 25, 2011 20:43:34",1324845814,"Jan 10, 2012 21:14:12",1326230052,"miaubiz@gmail.com","2011-3927"
108648,"Low","CVE-2011-3049, Cr-Internals, Cr-Platform-Extensions, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-963","Beta, Stable",,"","battre@chromium.org","Security: Malicious extension could avoid being blacklisted via extension blacklist","Mar 21, 2013 21:06:29",1363899989,"Dec 26, 2011 18:25:47",1324923947,"Mar 06, 2012 04:25:48",1331007948,"adblockforchrome","2011-3049"
108695,"High","CVE-2011-3017, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","scarybea...@gmail.com","Heap-use-after-free in WebKit::WebFrameImpl::viewImpl","Apr 06, 2013 00:57:57",1365209877,"Dec 27, 2011 19:17:03",1325013423,"Feb 09, 2012 05:05:00",1328763900,"miaubiz@gmail.com","2011-3017"
108871,"Critical","CVE-2011-3961, Cr-Blink, Cr-Blink-Storage-IndexedDB, M-17, Merge-Merged, OS-All, Pri-0, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Critical, Stability-Crash, Type-Bug","Beta, Stable",1000,"accept","dgrogan@chromium.org","IndexedDB with autoincrement fails on object put and crashes chrome","Apr 06, 2013 03:07:08",1365217628,"Dec 30, 2011 19:05:37",1325271937,"Jan 27, 2012 02:31:48",1327631508,"sgoert...@gmail.com","2011-3961"
108901,"Medium","CVE-2011-3962, Cr-Internals, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-963, ","Beta, Stable",500,"accept","r...@chromium.org","Heap-buffer-overflow in compute_pos_tan","Apr 01, 2013 15:37:29",1364830649,"Jan 01, 2012 11:28:20",1325417300,"Jan 17, 2012 18:05:46",1326823546,"aohelin","2011-3962"
108958,"High","CVE-2012-3645, ClusterFuzz, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::determineStartPosition","Apr 06, 2013 00:57:32",1365209852,"Jan 03, 2012 06:04:20",1325570660,"Apr 26, 2012 20:07:18",1335470838,"infe...@chromium.org","2012-3645"
109094,"Medium","CVE-2011-3963, Cr-Internals, M-17, Merge-Merged, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-963","Beta, Stable",,"","cev...@chromium.org","Possible wild read in internal PDF-reader","Mar 21, 2013 21:06:28",1363899988,"Jan 04, 2012 05:59:48",1325656788,"Jan 09, 2012 03:24:49",1326079489,"attek...@gmail.com","2011-3963"
109245,"Low","CVE-2011-3964, Cr-UI, M-17, Merge-Merged, OS-Mac, OS-Windows, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-963","Beta, Stable",,"","c...@chromium.org","Security: Chrome Drag Spoofing","Mar 21, 2013 21:06:27",1363899987,"Jan 05, 2012 08:29:28",1325752168,"Jan 06, 2012 18:35:14",1325874914,"vulnh...@gmail.com","2011-3964"
109556,"High","CVE-2011-3926, Cr-Blink, M-16, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-912, merge-","Beta, Stable",1000,"accept","abarth@chromium.org","Heap-buffer-overflow in WebCore::HTMLTreeBuilder::HTMLTreeBuilder","Apr 06, 2013 00:56:38",1365209798,"Jan 08, 2012 18:17:51",1326046671,"Jan 09, 2012 09:32:30",1326101550,"Ax3...@gmail.com","2011-3926"
109574,"Medium","CVE-2011-3058, Cr-Blink, M-18, OS-All, Pri-2, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1025, reward-500","Beta, Stable",500,"accept","jshin@chromium.org","Potential XSS attack with [0x8E][0xE3] in EUC-JP page","Apr 06, 2013 00:56:37",1365209797,"Jan 09, 2012 03:44:08",1326080648,"Feb 03, 2012 17:11:53",1328289113,"masatoki...@gmail.com","2011-3058"
109664,"Low","CVE-2011-3965, Cr-Internals, Cr-UI-Browser-SafeBrowsing, M-17, Merge-Merged, OS-Windows, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-963","Beta, Stable",,"","c...@chromium.org","safe_browsing::SignatureUtil::CheckSignature() - crash","Mar 21, 2013 21:06:26",1363899986,"Jan 09, 2012 21:09:01",1326143341,"Jan 10, 2012 19:43:30",1326224610,"slaweck","2011-3965"
109716,"High","CVE-2011-3966, Cr-Blink, M-17, Merge-merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-963, reward","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in xsltParseGlobalVariable","Apr 06, 2013 00:56:26",1365209786,"Jan 10, 2012 07:15:37",1326179737,"Jan 20, 2012 18:18:41",1327083521,"aohelin","2011-3966"
109717,"Low","CVE-2011-3967, Cr-Internals, M-17, Merge-Merged, OS-Linux, Pri-3, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-963","Beta, Stable",,"","c...@chromium.org","Security: crash when viewing a certificate without issuer signature","Mar 21, 2013 21:06:25",1363899985,"Jan 10, 2012 09:43:11",1326188591,"Jan 11, 2012 19:14:52",1326309292,"bennomadic","2011-3967"
109743,"High","CVE-2011-3968, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-963, reward","Beta, Stable",1000,"accept","","Heap-use-after-free in WebCore::CSSStyleSelector::matchRulesForList","Apr 06, 2013 00:56:24",1365209784,"Jan 10, 2012 16:06:57",1326211617,"Jan 16, 2012 03:25:03",1326684303,"Ax3...@gmail.com","2011-3968"
109912,"Low","Cr-Internals, Cr-Platform-NaCl, M-18, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","kschi...@chromium.org","Security: read sandbox escape: NaCl validator for x86-64 allow REP string instructions to have out-of-bound source addresses","Mar 21, 2013 21:06:24",1363899984,"Jan 11, 2012 20:39:58",1326314398,"Feb 22, 2012 00:13:31",1329869611,"b...@chromium.org",""
110112,"High","CVE-2011-3969, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-963, reward","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::FrameView::forceLayoutParentViewIfNeeded","Apr 06, 2013 00:55:45",1365209745,"Jan 13, 2012 00:52:54",1326415974,"Jan 18, 2012 15:23:55",1326900235,"Ax3...@gmail.com","2011-3969"
110172,"High","CVE-2011-3018, Cr-Internals, Cr-Internals-Skia, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, r","Beta, Stable",1000,"accept","r...@chromium.org","Heap-buffer-overflow in SkAlphaRuns::add","Apr 01, 2013 15:37:21",1364830641,"Jan 13, 2012 16:53:02",1326473582,"Jan 30, 2012 18:43:42",1327949022,"aohelin","2011-3018"
110277,"Medium","CVE-2011-3970, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-963, rewa","Beta, Stable",500,"decline","infe...@chromium.org","Heap-buffer-overflow in xsltCompilePatternInternal","Apr 06, 2013 00:55:30",1365209730,"Jan 14, 2012 09:14:47",1326532487,"Jan 23, 2012 05:14:00",1327295640,"aohelin","2011-3970"
110374,"High","CVE-2011-3971, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-963, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::EventHandler::mouseMoved","Apr 06, 2013 00:55:23",1365209723,"Jan 16, 2012 14:23:57",1326723837,"Jan 18, 2012 00:45:47",1326847547,"Ax3...@gmail.com","2011-3971"
110545,"Low","Cr-Blink, M-18, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","bbudge@chromium.org","Security: AssociatedURLLoader exposes non-whitelisted response headers when loading with access control (CORS)","Apr 06, 2013 00:55:09",1365209709,"Jan 18, 2012 01:57:18",1326851838,"Jan 18, 2012 02:10:44",1326852644,"bbu...@gmail.com",""
110559,"Medium","CVE-2011-3972, ClusterFuzz, Cr-Blink, Cr-Internals-GPU-WebGL, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type","Beta, Stable",,"","zmo@chromium.org","Heap-buffer-overflow in GPU ShaderTranslator","Apr 06, 2013 00:55:07",1365209707,"Jan 18, 2012 06:04:08",1326866648,"Jan 26, 2012 02:05:16",1327543516,"infe...@chromium.org","2011-3972"
110764,"High","Cr-Blink, M-18, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","None",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::DocumentLoader::detachFromFrame","Apr 06, 2013 00:54:52",1365209692,"Jan 19, 2012 20:15:57",1327004157,"Jan 27, 2012 18:44:25",1327689865,"miaubiz@gmail.com",""
110849,"High","CVE-2011-3019, ClusterFuzz, Cr-Internals, Cr-Internals-Media-FFmpeg, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer,","Beta, Stable",,"","cev...@chromium.org","Heap-buffer-overflow in matroska_parse_block","Apr 01, 2013 15:37:18",1364830638,"Jan 20, 2012 06:09:21",1327039761,"Feb 02, 2012 21:04:32",1328216672,"infe...@chromium.org","2011-3019"
111088,"High","CVE-2012-3595, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","pal...@chromium.org","Heap-use-after-free in WebCore::FrameLoader::checkTimerFired","Apr 06, 2013 00:54:25",1365209665,"Jan 23, 2012 20:30:16",1327350616,"Feb 08, 2012 02:53:46",1328669626,"infe...@chromium.org","2012-3595"
111467,"High","Cr-Blink, M-18, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","None",1000,"accept","infe...@chromium.org","Heap-buffer-overflow in WebCore::SVGSVGElement::currentViewBoxRect","Apr 06, 2013 00:53:43",1365209623,"Jan 26, 2012 10:25:13",1327573513,"Jan 26, 2012 21:36:59",1327613819,"attek...@gmail.com",""
111575,"Medium","CVE-2011-3020, Cr-Internals, Cr-Platform-NaCl, M-17, Merge-Merged, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","ncb...@google.com","Security: NaCl dynamic code modification allows direct calls inside existing super instructions.","Mar 21, 2013 21:06:21",1363899981,"Jan 27, 2012 01:36:48",1327628208,"Feb 06, 2012 20:20:46",1328559646,"ncb...@google.com","2011-3020"
111656,"Medium","CVE-2012-3663, Cr-Blink, Cr-Content-Core, Cr-UI-Accessibility, M-19, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","dmazzoni@chromium.org","Security: Accessibility bad cast","Apr 06, 2013 00:53:24",1365209604,"Jan 27, 2012 18:22:15",1327688535,"Dec 20, 2012 15:52:54",1356018774,"skylined@chromium.org","2012-3663"
111748,"High","CVE-2011-3034, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta",1000,"accept","rn...@chromium.org","Heap-use-after-free in WebCore::SVGElement::removedFromDocument","Apr 06, 2013 00:53:18",1365209598,"Jan 28, 2012 02:24:57",1327717497,"Feb 15, 2012 00:50:31",1329267031,"Ax3...@gmail.com","2011-3034"
111779,"High","CVE-2011-3021, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::SubframeLoader::loadSubframe","Apr 06, 2013 00:53:16",1365209596,"Jan 28, 2012 16:34:56",1327768496,"Feb 06, 2012 18:27:47",1328552867,"Ax3...@gmail.com","2011-3021"
112093,"High","CVE-2012-3608, CVE-2012-3620, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Securi","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::Node::dispatchSubtreeModifiedEvent","Apr 06, 2013 00:52:59",1365209579,"Jan 31, 2012 15:33:31",1328024011,"Feb 07, 2012 20:06:39",1328645199,"infe...@chromium.org","2012-3608, 2012-3620"
112151,"High","Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta",1000,"accept","","Heap-use-after-free in WebCore::RenderRegion::setRegionBoxesRegionStyle","Apr 06, 2013 00:52:55",1365209575,"Jan 31, 2012 20:32:16",1328041936,"Feb 04, 2012 02:31:24",1328322684,"miaubiz@gmail.com",""
112212,"High","CVE-2011-3035, Cr-Blink, Cr-Blink-SVG, Cr-Content-Core, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Sec","Beta, Stable",2000,"accept","schen...@chromium.org","Heap-use-after-free in WebCore::ContainerNode::appendChild","Apr 06, 2013 03:44:45",1365219885,"Feb 01, 2012 00:03:34",1328054614,"Mar 02, 2012 02:06:12",1330653972,"Ax3...@gmail.com","2011-3035"
112236,"Medium","CVE-2011-3022, Cr-UI, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1025, merge-merged-963","Beta, Stable",,"","pal...@chromium.org","Security: Chrome translation script downloaded over HTTP","Mar 21, 2013 21:06:18",1363899978,"Feb 01, 2012 02:28:14",1328063294,"Feb 07, 2012 23:30:59",1328657459,"jorg...@chromium.org","2011-3022"
112259,"Medium","CVE-2011-3023, Cr-Blink, Cr-Content-Core, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, rewar","Beta, Stable",500,"decline","rn...@chromium.org","Heap-use-after-free in WebCore::EventTarget::dispatchEvent","Apr 06, 2013 00:52:45",1365209565,"Feb 01, 2012 09:18:05",1328087885,"Feb 01, 2012 21:44:00",1328132640,"paw...@gmail.com","2011-3023"
112317,"Medium","CVE-2011-3059, Cr-Blink, Cr-Blink-SVG, M-18, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-B","Beta, Stable",500,"accept","pdr@chromium.org","Heap-buffer-overflow in WebCore::Font::codePath","Apr 06, 2013 03:44:44",1365219884,"Feb 01, 2012 18:42:26",1328121746,"Mar 13, 2012 20:09:03",1331669343,"Ax3...@gmail.com","2011-3059"
112339,"Low","Cr-Internals, Cr-Internals-GPU, Cr-Internals-GPU-WebGL, Cr-Internals-Graphics, M-25, OS-Windows, Pri-2, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","kbr@chromium.org","Security: chrome allows TDR looping leading to win7 OS crash through page refresh html tag + WebGL","Mar 21, 2013 20:53:00",1363899180,"Feb 01, 2012 20:02:26",1328126546,"Dec 11, 2012 23:44:15",1355269455,"n8bix...@gmail.com",""
112411,"High","Cr-Blink, Cr-Blink-SVG, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta",1000,"accept","schen...@chromium.org","Heap-use-after-free in WebCore::SVGUseElement::expandSymbolElementsInShadowTree","Apr 06, 2013 03:44:43",1365219883,"Feb 02, 2012 05:43:06",1328161386,"Feb 17, 2012 19:31:34",1329507094,"aohelin",""
112443,"Low","Cr-Internals, Cr-Internals-Network-SSL, M-17, M-18, Merge-Merged-1025, Merge-Merged-963, OS-Mac, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","mark@chromium.org","[Mac] Regular SSL certificate incorrectly displayed with EV color badge","Mar 21, 2013 21:06:15",1363899975,"Feb 02, 2012 11:16:13",1328181373,"Feb 06, 2012 23:04:47",1328569487,"jro...@gmail.com",""
112451,"Low","CVE-2011-3024, Cr-Internals, Cr-Internals-Network-SSL, M-17, Merge-Merged, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Stability-Crash, Type-Bug-Security, merge-merged-1025, me","Beta, Stable",,"","rsleevi@chromium.org","X509UserCertResourceHandler::OnResponseCompleted crash","Mar 21, 2013 21:06:15",1363899975,"Feb 02, 2012 13:26:09",1328189169,"Feb 09, 2012 02:04:58",1328753098,"chrome...@gmail.com","2011-3024"
112542,"High","ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","rn...@chromium.org","Heap-use-after-free in WebCore::TextIterator::rangeFromLocationAndLength","Apr 06, 2013 00:52:11",1365209531,"Feb 02, 2012 23:47:53",1328226473,"Feb 17, 2012 02:32:57",1329445977,"infe...@chromium.org",""
112670,"Medium","CVE-2011-3025, M-17, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","cev...@chromium.org","avcodec_53!ff_h264_get_profile - crash","Mar 21, 2013 21:06:14",1363899974,"Feb 04, 2012 00:23:38",1328315018,"Feb 07, 2012 01:16:54",1328577414,"slaweck","2011-3025"
112694,"High","CVE-2012-3596, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::Node::normalize","Apr 06, 2013 00:51:56",1365209516,"Feb 04, 2012 09:21:22",1328347282,"Feb 08, 2012 20:56:18",1328734578,"infe...@chromium.org","2012-3596"
112735,"High","CVE-2012-3603, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Bad cast in FormSubmission::create","Apr 06, 2013 00:51:51",1365209511,"Feb 05, 2012 03:17:42",1328411862,"Feb 06, 2012 03:58:22",1328500702,"infe...@chromium.org","2012-3603"
112738,"Low","Cr-Internals, M-26, MovedFrom18, OS-All, Pri-2, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","koz@chromium.org","Security: User Interface - infobar confusion, spamming, and spoofing","Apr 03, 2013 16:57:22",1365008242,"Feb 05, 2012 04:14:23",1328415263,"",0,"ch...@lookout.net",""
112764,"Medium","ClusterFuzz, Cr-Blink, M-19, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","dmazzoni@chromium.org","Heap-use-after-free in RendererAccessibility::SendPendingAccessibilityNotifications","Apr 06, 2013 00:51:48",1365209508,"Feb 05, 2012 19:45:43",1328471143,"Dec 20, 2012 15:52:27",1356018747,"infe...@chromium.org",""
112775,"High","CVE-2012-3609, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","rn...@chromium.org","Heap-use-after-free in WebCore::Node::traverseNextNode","Apr 06, 2013 00:51:46",1365209506,"Feb 06, 2012 05:27:59",1328506079,"Feb 15, 2012 01:26:09",1329269169,"infe...@chromium.org","2012-3609"
112814,"Low","Cr-Internals, Cr-UI-Browser-SafeBrowsing, M-19, MovedFrom18, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","mattm@chromium.org","Safe Browsing client doesn't always check for MAC field in response","Mar 21, 2013 21:06:12",1363899972,"Feb 06, 2012 15:39:27",1328542767,"Dec 20, 2012 15:52:00",1356018720,"ke...@chromium.org",""
112822,"High","CVE-2011-3026, M-17, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1025, merge-merged-963, reward-1337","Beta, Stable",1337,"accept","cev...@chromium.org","Security: Heap-buffer-overflow in png_decompress_chunk","Mar 21, 2013 21:06:12",1363899972,"Feb 06, 2012 16:55:41",1328547341,"Feb 09, 2012 21:11:54",1328821914,"a...@ut.ee","2011-3026"
112833,"High","Cr-Internals, Cr-Internals-Media, M-18, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1025,","Beta",1000,"accept","scherkus@chromium.org","Heap-use-after-free in webkit_media::BufferedResourceLoader::Start","Apr 01, 2013 15:36:57",1364830617,"Feb 06, 2012 18:05:58",1328551558,"Feb 09, 2012 20:18:12",1328818692,"miaubiz@gmail.com",""
112847,"High","CVE-2011-3027, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Bad cast in addChildToAnonymousColumnBlocks","Apr 06, 2013 00:51:40",1365209500,"Feb 06, 2012 19:14:39",1328555679,"Feb 07, 2012 19:38:54",1328643534,"miaubiz@gmail.com","2011-3027"
112961,"Low","Cr-Blink, Cr-Internals, Cr-Internals-Plugins, Cr-Internals-Plugins-Pepper, Iteration-49, M-17, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug","Beta, Stable",,"","dpolukhin@chromium.org","TCP and UDP IPCs should not be exposed to arbitrary renderers","Apr 06, 2013 04:37:51",1365223071,"Feb 07, 2012 02:02:12",1328580132,"Mar 02, 2012 03:40:32",1330659632,"jsc...@chromium.org",""
113119,"Low","Cr-UI, M-19, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","pal...@chromium.org","Security: Report bad translation link uses http://","Mar 21, 2013 21:06:10",1363899970,"Feb 07, 2012 23:30:09",1328657409,"May 23, 2012 23:42:19",1337816539,"pal...@chromium.org",""
113258,"High","CVE-2011-3036, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Bad cast in WebCore::RenderBlock::createLineBoxes","Apr 06, 2013 00:51:04",1365209464,"Feb 08, 2012 20:29:52",1328732992,"Feb 13, 2012 22:29:02",1329172142,"miaubiz@gmail.com","2011-3036"
113415,"High","ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Heap-use-after-free in WebCore::InlineFlowBox::deleteLine","Apr 06, 2013 00:50:51",1365209451,"Feb 09, 2012 17:44:31",1328809471,"Feb 22, 2012 21:58:25",1329947905,"aa...@google.com",""
113439,"High","CVE-2011-3037, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Bad casts due to issues in splitAnonymousBlocksAroundChild","Apr 06, 2013 00:50:47",1365209447,"Feb 09, 2012 18:58:23",1328813903,"Feb 23, 2012 05:38:31",1329975511,"miaubiz@gmail.com","2011-3037"
113496,"Low","CVE-2011-3084, Cr-Internals-Core, Cr-UI, M-19, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","creis@chromium.org","Links in settings page (like learn more, google dashboard) are opened in the webui renderer process","Mar 21, 2013 21:06:08",1363899968,"Feb 09, 2012 20:06:49",1328818009,"Mar 15, 2012 20:46:36",1331844396,"atwilson@chromium.org","2011-3084"
113497,"High","CVE-2011-3038, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::InlineFlowBox::computeUnderAnnotationAdjustment","Apr 06, 2013 00:50:19",1365209419,"Feb 09, 2012 20:07:53",1328818073,"Feb 22, 2012 21:10:44",1329945044,"miaubiz@gmail.com","2011-3038"
113562,"High","CVE-2012-3597, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::NavigationScheduler::schedule","Apr 06, 2013 00:50:13",1365209413,"Feb 10, 2012 00:43:53",1328834633,"Feb 14, 2012 21:05:18",1329253518,"infe...@chromium.org","2012-3597"
113690,"High","CVE-2012-1520, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderButton::removeChild","Apr 06, 2013 00:50:00",1365209400,"Feb 10, 2012 19:37:02",1328902622,"Feb 14, 2012 01:49:15",1329184155,"infe...@chromium.org","2012-1520"
113707,"High","CVE-2011-3039, Cr-Blink, M-17, Merge-Merged, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::RenderQuote::placeQuote","Apr 06, 2013 00:49:58",1365209398,"Feb 10, 2012 20:36:40",1328906200,"Feb 17, 2012 20:52:59",1329511979,"miaubiz@gmail.com","2011-3039"
113755,"High","CVE-2012-3610, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderObjectChildList::destroyLeftoverChildren","Apr 06, 2013 00:49:51",1365209391,"Feb 11, 2012 00:01:44",1328918504,"Mar 01, 2012 18:24:37",1330626277,"infe...@chromium.org","2012-3610"
113799,"High","ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderTable::layout","Apr 06, 2013 00:49:48",1365209388,"Feb 11, 2012 08:40:31",1328949631,"Feb 16, 2012 23:36:41",1329435401,"infe...@chromium.org",""
113800,"High","ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::computeOverflow","Apr 06, 2013 00:49:48",1365209388,"Feb 11, 2012 08:42:24",1328949744,"Feb 25, 2012 02:59:41",1330138781,"infe...@chromium.org",""
113801,"High","CVE-2012-3653, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::outlineStyleForRepaint","Apr 06, 2013 00:49:48",1365209388,"Feb 11, 2012 08:43:52",1328949832,"Feb 28, 2012 21:03:10",1330462990,"infe...@chromium.org","2012-3653"
113837,"High","Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::Document::unregisterForPageCacheSuspensionCallbacks","Apr 06, 2013 00:49:45",1365209385,"Feb 11, 2012 17:35:41",1328981741,"Feb 13, 2012 02:40:09",1329100809,"Ax3...@gmail.com",""
113902,"High","CVE-2011-3050, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::InlineBox::root","Apr 06, 2013 00:49:38",1365209378,"Feb 12, 2012 19:32:47",1329075167,"Mar 09, 2012 21:13:45",1331327625,"miaubiz@gmail.com","2011-3050"
113924,"High","Cr-Internals, M-19, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","danno@chromium.org","[LangFuzz] Crash at v8::internal::HashTable<...>::FindEntry with invalid read","Mar 21, 2013 20:43:14",1363898594,"Feb 13, 2012 02:16:12",1329099372,"Feb 14, 2012 15:25:40",1329233140,"decoder...@googlemail.com",""
114054,"Medium","CVE-2011-3040, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","rn...@chromium.org","Heap-buffer-overflow in void WTF::Vector<unsigned short, 0ul>::append<unsigned short>","Apr 06, 2013 00:49:26",1365209366,"Feb 13, 2012 20:02:31",1329163351,"Feb 22, 2012 00:47:48",1329871668,"miaubiz@gmail.com","2011-3040"
114056,"Medium","CVE-2011-3060, Cr-Blink, M-18, Merge-Merged, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","ke...@chromium.org","Heap-buffer-overflow in WebCore::previousBoundary","Apr 06, 2013 00:49:26",1365209366,"Feb 13, 2012 20:06:30",1329163590,"Mar 09, 2012 22:39:49",1331332789,"miaubiz@gmail.com","2011-3060"
114068,"High","CVE-2011-3041, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::HTMLElement::isPresentationAttribute","Apr 06, 2013 00:49:25",1365209365,"Feb 13, 2012 20:57:50",1329166670,"Feb 14, 2012 20:47:13",1329252433,"miaubiz@gmail.com","2011-3041"
114144,"High","Cr-Blink, M-17, Merge-Merged, Needs-Reduction, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Crash by clicking the time field of maps.google.com","Apr 06, 2013 00:49:19",1365209359,"Feb 14, 2012 05:56:56",1329199016,"Feb 27, 2012 19:50:20",1330372220,"tkent@chromium.org",""
114219,"High","CVE-2011-3042, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::RenderTableSection::nodeAtPoint","Apr 06, 2013 00:49:12",1365209352,"Feb 14, 2012 19:41:51",1329248511,"Feb 21, 2012 20:53:52",1329857632,"miaubiz@gmail.com","2011-3042"
114342,"High","Cr-Internals, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1025, reward-1000","Beta",1000,"accept","jshin@chromium.org","Stack-buffer-overflow at strcpy","Apr 01, 2013 15:36:45",1364830605,"Feb 15, 2012 09:12:10",1329297130,"Feb 16, 2012 22:12:18",1329430338,"aohelin",""
114911,"High","CVE-2012-3611, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","abarth@chromium.org","Heap-buffer-overflow in WebCore::Element::setAttribute","Apr 06, 2013 00:47:56",1365209276,"Feb 19, 2012 01:28:44",1329614924,"Feb 21, 2012 07:59:21",1329811161,"cev...@google.com","2012-3611"
114924,"High","CVE-2011-3037, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Bad cast in splitAnonymousBlocksAroundChild","Apr 06, 2013 00:47:54",1365209274,"Feb 19, 2012 08:39:48",1329640788,"Feb 19, 2012 20:29:10",1329683350,"miaubiz@gmail.com","2011-3037"
114960,"High","ClusterFuzz, Cr-Blink, Cr-Blink-SVG, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::SVGTextLayoutAttributesBuilder::fillCharacterDataMap","Apr 06, 2013 03:44:37",1365219877,"Feb 20, 2012 00:16:44",1329697004,"Mar 09, 2012 19:15:03",1331320503,"infe...@chromium.org",""
115028,"High","CVE-2011-3037, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Bad cast in splitAnonymousBlocksAroundChild (part 3)","Apr 06, 2013 00:47:47",1365209267,"Feb 20, 2012 19:55:47",1329767747,"Feb 28, 2012 20:56:38",1330462598,"miaubiz@gmail.com","2011-3037"
115159,"High","Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","adamk@chromium.org","Security: Setting innerText allows DOMSubtreeModified listeners to cause crashes","Apr 06, 2013 00:47:35",1365209255,"Feb 21, 2012 21:08:43",1329858523,"Feb 22, 2012 01:56:40",1329875800,"adamk@chromium.org",""
115299,"Medium","Cr-Internals, M-19, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","None",500,"accept","tommi@chromium.org","Use-after-free in AudioDeviceThread::Callback::InitializeOnAudioThread","Apr 01, 2013 15:36:42",1364830602,"Feb 22, 2012 18:49:34",1329936574,"Mar 01, 2012 07:31:15",1330587075,"miaubiz@gmail.com",""
115471,"High","CVE-2011-3033, Cr-Internals, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","r...@chromium.org","Heap-buffer-overflow in SkAlphaRuns::add","Apr 01, 2013 15:36:42",1364830602,"Feb 23, 2012 15:29:23",1330010963,"Feb 23, 2012 23:43:59",1330040639,"aohelin","2011-3033"
115681,"High","CVE-2011-3043, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::RenderBox::enclosingFloatPaintingLayer","Apr 06, 2013 00:46:54",1365209214,"Feb 24, 2012 19:22:19",1330111339,"Feb 24, 2012 22:42:07",1330123327,"miaubiz@gmail.com","2011-3043"
115695,"High","Cr-Blink, M-19, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000, reward-decline","None",1000,"decline","infe...@chromium.org","Heap-buffer-overflow in WebCore::StaticNodeList::itemWithName","Apr 06, 2013 00:46:52",1365209212,"Feb 24, 2012 20:53:38",1330116818,"Feb 25, 2012 02:58:12",1330138692,"aohelin",""
115754,"High","Cr-Blink, M-19, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","None",1000,"accept","alokp@chromium.org","Heap-use-after-free in WebCore::RenderLayer::addChild","Apr 06, 2013 00:46:46",1365209206,"Feb 25, 2012 07:06:52",1330153612,"Feb 28, 2012 19:16:18",1330456578,"aohelin",""
116027,"High","ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Heap-buffer-overflow in WebCore::InlineFlowBox::addToLine","Apr 06, 2013 00:46:17",1365209177,"Feb 28, 2012 06:01:42",1330408902,"Feb 28, 2012 19:13:49",1330456429,"infe...@chromium.org",""
116069,"Medium","Cr-Blink, Cr-Blink-Audio, M-19, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-Medium, Type-Bug-Security, reward-500","None",500,"accept","tommyw@chromium.org","WebCore::MediaStreamListInternal::itemCallback","Apr 06, 2013 05:07:45",1365224865,"Feb 28, 2012 16:50:22",1330447822,"Feb 29, 2012 22:15:24",1330553724,"slaweck",""
116093,"High","CVE-2011-3044, Cr-Blink, Cr-Blink-SVG, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-100","Beta, Stable",1000,"accept","schen...@chromium.org","Heap-buffer-overflow in WebCore::SVGDocumentExtensions::removeAnimationElementFromTarget","Apr 06, 2013 03:44:34",1365219874,"Feb 28, 2012 18:00:24",1330452024,"Mar 01, 2012 15:26:16",1330615576,"Ax3...@gmail.com","2011-3044"
116162,"High","CVE-2011-3045, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1025, merge-merged-963","Beta, Stable",,"","cev...@chromium.org","Heap-buffer-overflow in wk_png_inflate","Apr 06, 2013 00:46:04",1365209164,"Feb 28, 2012 22:32:16",1330468336,"Mar 07, 2012 03:19:05",1331090345,"glen...@gmail.com","2011-3045"
116224,"High","CVE-2012-3668, ClusterFuzz, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","tsepez@chromium.org","Heap-use-after-free in WebCore::FrameLoader::urlSelected","Apr 06, 2013 00:45:55",1365209155,"Feb 29, 2012 08:30:41",1330504241,"Mar 01, 2012 18:58:08",1330628288,"infe...@chromium.org","2012-3668"
116398,"High","CVE-2011-3061, Cr-Internals, Cr-Internals-Network-Proxy, Cr-Internals-Network-SPDY, Cr-Internals-Network-SSL, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity","Beta, Stable",,"","a...@chromium.org","Security: SSL proxy seems to not care about the cert","Mar 21, 2013 21:05:57",1363899957,"Mar 01, 2012 16:42:13",1330620133,"Mar 06, 2012 03:33:23",1331004803,"kthan...@google.com","2011-3061"
116405,"High","Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Mitigate stale layout root bugs","Apr 06, 2013 00:45:36",1365209136,"Mar 01, 2012 18:12:35",1330625555,"Mar 01, 2012 21:28:27",1330637307,"infe...@chromium.org",""
116461,"High","CVE-2011-3051, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","tsepez@chromium.org","Heap-use-after-free in WebCore::CSSCrossfadeValue::~CSSCrossfadeValue","Apr 06, 2013 00:45:29",1365209129,"Mar 01, 2012 23:27:08",1330644428,"Mar 09, 2012 21:37:14",1331329034,"Ax3...@gmail.com","2011-3051"
116524,"High","CVE-2011-3062, Cr-Internals, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1025","Beta, Stable",,"","ba...@chromium.org","Security: Off-by-one in OTS resulting in arbitrary code execution","Mar 21, 2013 21:05:56",1363899956,"Mar 02, 2012 12:02:15",1330689735,"Mar 03, 2012 13:02:14",1330779734,"mjurc...@google.com","2011-3062"
116637,"High","CVE-2011-3052, Cr-Blink, Cr-Internals-GPU-WebGL, M-17, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-9","Beta, Stable",,"","kbr@chromium.org","Renderer process crash when doing WebGL canvas to 2D canvas drawImage()","Apr 06, 2013 00:45:18",1365209118,"Mar 03, 2012 00:20:08",1330734008,"Mar 07, 2012 02:53:42",1331088822,"benvanik@google.com","2011-3052"
116661,"","Cr-Internals, Pri-2, Restrict-AddIssueComment-Commit, SecSeverity-OMGOMGOMG, Type-Bug-Security, reward-10000","None",10000,"accept","cev...@chromium.org","miaubiz is a Rockstar","Mar 10, 2013 00:32:32",1362875552,"Mar 03, 2012 06:00:02",1330754402,"Mar 05, 2012 03:24:53",1330917893,"scarybea...@gmail.com",""
116662,"","Cr-Internals, Pri-2, Restrict-AddIssueComment-Commit, SecSeverity-OMGOMGOMG, Type-Bug-Security, reward-10000","None",10000,"accept","cev...@chromium.org","Aki Helin is a Legend","Mar 10, 2013 00:32:31",1362875551,"Mar 03, 2012 06:01:10",1330754470,"Mar 05, 2012 03:26:08",1330917968,"scarybea...@gmail.com",""
116663,"","Cr-Internals, Pri-2, Restrict-AddIssueComment-Commit, SecSeverity-OMGOMGOMG, Type-Bug-Security, reward-10000","None",10000,"accept","cev...@chromium.org","Arthur Gerkis is a Superhero","Mar 10, 2013 00:32:31",1362875551,"Mar 03, 2012 06:01:47",1330754507,"Mar 05, 2012 03:27:33",1330918053,"scarybea...@gmail.com",""
116746,"High","CVE-2011-3053, Cr-Blink, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::splitBlocks","Apr 06, 2013 00:45:02",1365209102,"Mar 04, 2012 19:19:23",1330888763,"Mar 09, 2012 21:16:24",1331327784,"miaubiz@gmail.com","2011-3053"
116806,"High","CVE-2012-3655, ClusterFuzz, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderInline::continuationBefore","Apr 06, 2013 00:44:56",1365209096,"Mar 05, 2012 16:57:36",1330966656,"Mar 22, 2012 18:04:05",1332439445,"skylined@chromium.org","2012-3655"
116927,"High","Cr-Internals, M-19, OS-All, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","None",1000,"accept","dalecur...@chromium.org","Heap-buffer-overflow in av_freep","Apr 01, 2013 15:36:33",1364830593,"Mar 06, 2012 05:24:38",1331011478,"Mar 10, 2012 01:37:35",1331343455,"chamal.d...@gmail.com",""
117110,"High","CVE-2012-1521, ClusterFuzz, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderObjectChildList::destroyLeftoverChildren","Apr 06, 2013 00:44:32",1365209072,"Mar 07, 2012 04:13:57",1331093637,"Apr 10, 2012 03:55:44",1334030144,"infe...@chromium.org","2012-1521"
117150,"High","Cr-Blink, M-19, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","None",1000,"accept","rn...@chromium.org","REGRESSION(wk109285): Heap-use-after-free in WebCore::Document::nodeChildrenWillBeRemoved","Apr 06, 2013 00:44:27",1365209067,"Mar 07, 2012 14:27:47",1331130467,"Mar 12, 2012 18:43:10",1331577790,"aohelin",""
117230,"High","Cr-Internals, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1025, pwnium","Beta, Stable",,"","creis@chromium.org","Part 2 of Pwnium Bug","Mar 21, 2013 21:05:53",1363899953,"Mar 07, 2012 20:34:26",1331152466,"Mar 08, 2012 01:18:44",1331169524,"infe...@chromium.org",""
117335,"Medium","Cr-Internals, Cr-Internals-Media, M-19, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500, reward-decline, te","None",500,"decline","tommi@chromium.org","Occasional heap-use-after-free in non-virtual thunk to AudioDevice::OnStateChanged","Apr 01, 2013 15:36:29",1364830589,"Mar 08, 2012 07:29:36",1331191776,"Mar 12, 2012 16:37:09",1331570229,"aohelin",""
117341,"High","Cr-Internals, Cr-Internals-Media, Cr-Internals-Media-Video, M-19, Merge-Merged, OS-Linux, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Type-Bug-Security, merge-merged-1084, reward","Beta",1000,"accept","fischman@chromium.org","Heap-use-after-free in MessageLoop::AddToIncomingQueue","Mar 21, 2013 21:05:53",1363899953,"Mar 08, 2012 08:36:55",1331195815,"Apr 09, 2012 22:32:32",1334010752,"chamal.d...@gmail.com",""
117400,"High","Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, pwnium","Beta, Stable",,"","infe...@chromium.org","Uptake fixes on weak node iteration patterns","Apr 06, 2013 00:44:08",1365209048,"Mar 08, 2012 17:00:09",1331226009,"Mar 22, 2012 00:07:44",1332374864,"infe...@chromium.org",""
117409,"High","CVE-2011-3103, Cr-Blink, Cr-Blink-JavaScript, M-19, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","danno@chromium.org","Chrome: Crash Report -         Stack Signature: v8::internal::MarkCompactCollector::RecordS...  ","Apr 06, 2013 03:24:29",1365218669,"Mar 08, 2012 18:09:00",1331230140,"Dec 20, 2012 15:53:22",1356018802,"brettw@chromium.org","2011-3103"
117413,"High","CVE-2012-3651, ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderScrollbar::getScrollbarPseudoStyle","Apr 06, 2013 00:44:07",1365209047,"Mar 08, 2012 18:26:33",1331231193,"Dec 20, 2012 15:53:22",1356018802,"aa...@google.com","2012-3651"
117417,"Low","CVE-2011-3063, Cr-Internals, Cr-UI-Browser-Navigation, M-18, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1025, merge-merged-963, pwnium","Beta, Stable",,"","creis@chromium.org","Security: Don't let a normal web renderer navigate to a privileged URL","Mar 21, 2013 21:05:51",1363899951,"Mar 08, 2012 18:40:19",1331232019,"Mar 15, 2012 21:28:47",1331846927,"creis@chromium.org","2011-3063"
117418,"Low","CVE-2011-3054, Cr-Internals, Cr-Internals-Core, M-17, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1025, merge-merged-963, ","Beta, Stable",,"","creis@chromium.org","Security: Don't grant WebUI bindings to a process shared with normal views","Mar 21, 2013 21:05:51",1363899951,"Mar 08, 2012 18:40:40",1331232040,"Mar 10, 2012 00:15:08",1331338508,"creis@chromium.org","2011-3054"
117446,"Low","Cr-Internals, Cr-Platform-Extensions, Cr-Webstore, OS-All, Pri-2, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, pwnium","Beta, Stable",,"","tsepez@chromium.org","App popup user gesture exemption should be based on process type, not just extent","Mar 21, 2013 21:05:51",1363899951,"Mar 08, 2012 21:11:31",1331241091,"Dec 20, 2012 15:52:00",1356018720,"tsepez@chromium.org",""
117471,"High","CVE-2011-3064, Cr-Blink, Cr-Blink-SVG, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-100","Beta, Stable",1000,"accept","schen...@chromium.org","Heap-use-after-free in WebCore::GraphicsContext::paintingDisabled","Apr 06, 2013 03:44:31",1365219871,"Mar 08, 2012 23:44:06",1331250246,"Mar 13, 2012 16:51:45",1331657505,"attek...@gmail.com","2011-3064"
117550,"High","CVE-2011-3056, Cr-Blink, M-17, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, pwnium, reward-2000","Beta, Stable",2000,"accept","abarth@chromium.org","Pwnium UXSS variation","Apr 06, 2013 00:43:56",1365209036,"Mar 09, 2012 17:55:46",1331315746,"Mar 19, 2012 23:11:58",1332198718,"serg.gla...@gmail.com","2011-3056"
117583,"Medium","CVE-2011-3067, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, pwnium","Stable",,"","","Iframe hijacking from Pwnium","Apr 06, 2013 00:43:54",1365209034,"Mar 09, 2012 20:26:21",1331324781,"Mar 27, 2012 01:13:17",1332810797,"tsepez@chromium.org","2011-3067"
117588,"High","CVE-2011-3065, Cr-Internals, Cr-Internals-Skia, M-18, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Stable",1000,"accept","epoger@google.com","Security: Memory Corruption in MaskSuperBlitter","Mar 21, 2013 20:52:35",1363899155,"Mar 09, 2012 20:55:30",1331326530,"Mar 12, 2012 19:09:34",1331579374,"w3bd3...@gmail.com","2011-3065"
117627,"Medium","CVE-2011-3079, Cr-Internals, M-18, Merge-Merged, OS-Windows, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1025, merge-merged-1077, merge-merged-1084, pwnium","Beta, Stable",,"","jsc...@chromium.org","Security: IPC Channel does not validate the listener.","Mar 21, 2013 21:05:49",1363899949,"Mar 10, 2012 00:41:10",1331340070,"Mar 22, 2012 05:02:43",1332392563,"nsylv...@chromium.org","2011-3079"
117656,"High","M-17, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, pwnium","Beta, Stable",,"","apatr...@chromium.org","Pwnium bug: GPU memory corruption","Mar 21, 2013 21:05:49",1363899949,"Mar 10, 2012 07:06:34",1331363194,"Mar 10, 2012 07:06:34",1331363194,"scarybea...@gmail.com",""
117672,"Low","Cr-Internals, M-19, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","vangelis@chromium.org","Uptake angle security fix","Mar 21, 2013 21:05:48",1363899948,"Mar 10, 2012 16:19:16",1331396356,"Dec 20, 2012 15:52:00",1356018720,"infe...@chromium.org",""
117698,"High","CVE-2011-3068, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::RenderLayer::addChild","Apr 06, 2013 00:43:49",1365209029,"Mar 11, 2012 09:21:04",1331457664,"Mar 19, 2012 22:55:19",1332197719,"miaubiz@gmail.com","2011-3068"
117715,"Low","Cr-Internals, Cr-Platform-Extensions, Cr-UI-Settings, M-19, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","jhawk...@chromium.org","LoadExtension binding in chrome://extensions/ is too permissive","Mar 21, 2013 21:05:48",1363899948,"Mar 11, 2012 14:56:35",1331477795,"Mar 26, 2012 01:47:08",1332726428,"a...@chromium.org",""
117724,"High","CVE-2012-3680, ClusterFuzz, Cr-Blink, Cr-Blink-Editing, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Sec","Beta, Stable",,"","infe...@chromium.org","Event handlers firing during Text::splitText trigger use-after-free.","Apr 06, 2013 03:30:12",1365219012,"Mar 11, 2012 17:43:36",1331487816,"Mar 12, 2012 22:21:34",1331590894,"infe...@chromium.org","2012-3680"
117728,"High","CVE-2011-3069, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::InlineBox::root","Apr 06, 2013 00:43:46",1365209026,"Mar 11, 2012 18:42:12",1331491332,"Mar 23, 2012 20:56:56",1332536216,"miaubiz@gmail.com","2011-3069"
117736,"Medium","CVE-2011-3055, Cr-Internals, Cr-Platform-Extensions, M-17, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-963, pwnium","Beta, Stable",,"","yoz@chromium.org","No permission prompt when loading unpacked extension with NPAPI plugin","Mar 21, 2013 21:05:47",1363899947,"Mar 11, 2012 20:18:19",1331497099,"Mar 19, 2012 18:15:03",1332180903,"erik...@chromium.org","2011-3055"
117794,"Medium","CVE-2011-3057, Cr-Internals, M-18, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","danno@chromium.org","[LangFuzz] Crash on heap with invalid read through GetPropertyWithCallback","Mar 21, 2013 21:05:47",1363899947,"Mar 12, 2012 14:34:31",1331562871,"Mar 13, 2012 13:11:59",1331644319,"decoder...@googlemail.com","2011-3057"
117889,"Low","Cr-Internals, Cr-UI-Browser-Downloads, M-19, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","asanka@chromium.org","Dangerous download warnings are suppressed for a larger class of downloads than are handled by SafeBrowsing","Mar 21, 2013 21:05:46",1363899946,"Mar 12, 2012 22:00:20",1331589620,"Dec 20, 2012 15:52:01",1356018721,"asanka@chromium.org",""
117890,"Medium","Cr-Internals, M-20, OS-Windows, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","c...@chromium.org","Use-after-free in CrashGenerationServer","Mar 21, 2013 21:05:46",1363899946,"Mar 12, 2012 22:06:10",1331589970,"Dec 20, 2012 15:52:54",1356018774,"c...@chromium.org",""
118009,"Medium","CVE-2012-3615, Cr-Blink, Cr-Blink-Editing, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","schen...@chromium.org","Heap-buffer-overflow in void WTF::Vector<unsigned short, 0ul>::append<unsigned short>","Apr 06, 2013 03:30:07",1365219007,"Mar 13, 2012 16:59:11",1331657951,"Mar 21, 2012 20:51:51",1332363111,"infe...@chromium.org","2012-3615"
118185,"High","CVE-2011-3070, ClusterFuzz, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","adamk@chromium.org","Heap-use-after-free in WebCore::V8HTMLBodyElement::wrapSlow","Apr 06, 2013 00:43:09",1365208989,"Mar 14, 2012 16:12:49",1331741569,"Mar 23, 2012 04:41:12",1332477672,"aa...@google.com","2011-3070"
118227,"Low","Cr-Blink, M-19, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","abarth@chromium.org","Security: cross-origin iframes can be resized from within in M18","Apr 06, 2013 00:43:04",1365208984,"Mar 14, 2012 19:44:49",1331754289,"Dec 20, 2012 15:52:01",1356018721,"komoro...@chromium.org",""
118273,"High","CVE-2011-3071, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","","ZDI-CAN-1528: Webkit HTMLMedia Element beforeLoad Remote Code Execution Vulnerability","Apr 06, 2013 00:43:01",1365208981,"Mar 14, 2012 22:26:58",1331764018,"Mar 23, 2012 20:28:20",1332534500,"infe...@chromium.org","2011-3071"
118317,"Low","Cr-Internals, M-21, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1229","Beta, Stable",,"","tsepez@chromium.org","Popup blocker bypass triggering mouse event on tag with rel=noreferrer","Mar 21, 2013 21:05:44",1363899944,"Mar 15, 2012 01:49:11",1331776151,"Dec 20, 2012 15:52:01",1356018721,"shevi...@gmail.com",""
118374,"Medium","CVE-2011-3085, Cr-Blink, Cr-UI, Cr-UI-Browser-Autofill, M-19, Merge-Merged, OS-All, Pri-3, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","apav...@chromium.org","Long autofilled value causes render issue","Apr 06, 2013 00:42:55",1365208975,"Mar 15, 2012 10:54:52",1331808892,"Apr 06, 2012 14:42:29",1333723349,"psald...@gmail.com","2011-3085"
118414,"Critical","Cr-Internals, Cr-Internals-WebRTC, M-19, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-Critical, Type-Bug-Security, reward-1000","None",1000,"accept","mflodman@chromium.org","Heap use after free on chrome_content_browser_client.cc with webrtc","Mar 21, 2013 21:07:52",1363900072,"Mar 15, 2012 16:17:51",1331828271,"Mar 17, 2012 01:53:15",1331949195,"chamal.d...@gmail.com",""
118467,"Low","CVE-2011-3072, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, pwnium","Beta, Stable",,"","tsepez@chromium.org","open.call(other_window) circumvents check in other_window.open()","Apr 06, 2013 00:42:48",1365208968,"Mar 15, 2012 20:19:47",1331842787,"Mar 19, 2012 18:22:40",1332181360,"tsepez@chromium.org","2011-3072"
118490,"High","Cr-Blink, M-19, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","None",1000,"accept","","Heap-use-after-free in WebCore::RenderObject::containingBlock","Apr 06, 2013 00:42:46",1365208966,"Mar 15, 2012 21:31:49",1331847109,"Mar 20, 2012 21:33:03",1332279183,"miaubiz@gmail.com",""
118593,"High","CVE-2011-3073, Cr-Blink, Cr-Blink-SVG, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-100","Beta, Stable",1000,"accept","pdr@chromium.org","Heap-use-after-free in WebCore::SVGStyledElement::buildPendingResourcesIfNeeded","Apr 06, 2013 03:44:28",1365219868,"Mar 16, 2012 13:26:33",1331904393,"Mar 21, 2012 16:56:58",1332349018,"Ax3...@gmail.com","2011-3073"
118633,"Low","CVE-2012-2815, M-20, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","tsepez@chromium.org","Security: Frame sniffing is not fixed","Mar 21, 2013 21:05:42",1363899942,"Mar 16, 2012 17:56:33",1331920593,"Dec 20, 2012 15:52:01",1356018721,"el...@google.com","2012-2815"
118642,"High","CVE-2011-3086, Cr-Blink, Cr-Blink-JavaScript, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, Web","Beta, Stable",1000,"accept","arv@chromium.org","Heap-use-after-free in v8::internal::JSObject::GetElementWithInterceptor","Apr 06, 2013 03:24:22",1365218662,"Mar 16, 2012 18:30:28",1331922628,"Apr 11, 2012 19:38:35",1334173115,"Ax3...@gmail.com","2011-3086"
118662,"Medium","Cr-Blink, M-19, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","None",500,"accept","o...@chromium.org","Regression(r109014): Heap-use-after-free in WebCore::InlineTextBox::isLineBreak","Apr 06, 2013 00:42:32",1365208952,"Mar 16, 2012 20:34:02",1331930042,"Mar 19, 2012 20:44:16",1332189856,"miaubiz@gmail.com",""
118664,"Low","CVE-2011-3087, Cr-Internals, Cr-Internals-Core, M-19, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","creis@chromium.org","Security: Swapped out URL must be a unique origin","Mar 21, 2013 21:05:42",1363899942,"Mar 16, 2012 20:36:35",1331930195,"Dec 20, 2012 15:52:01",1356018721,"creis@chromium.org","2011-3087"
118721,"Low","Cr-Internals, Cr-Platform-Extensions, Cr-Privacy, M-19, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","mpcomplete@chromium.org","Extensions resources can be fetched across incognito","Mar 21, 2013 21:05:41",1363899941,"Mar 17, 2012 00:53:37",1331945617,"Dec 20, 2012 15:52:01",1356018721,"a...@chromium.org",""
118784,"Medium","ClusterFuzz, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Heap-buffer-overflow in void WTF::Vector<unsigned short, 1024ul>::insert<unsigned short>","Apr 06, 2013 00:42:25",1365208945,"Mar 17, 2012 22:42:20",1332024140,"Mar 27, 2012 03:33:29",1332819209,"aa...@google.com",""
118803,"High","Cr-Blink, Cr-Blink-SVG, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Stable",,"","schen...@chromium.org","Heap-use-after-free in WebCore::SVGTextLayoutAttributesBuilder::fillCharacterDataMap","Apr 06, 2013 03:44:26",1365219866,"Mar 18, 2012 07:10:35",1332054635,"Mar 26, 2012 17:26:04",1332782764,"infe...@chromium.org",""
118853,"High","ClusterFuzz, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::InlineFlowBox::deleteLine","Apr 06, 2013 00:42:18",1365208938,"Mar 19, 2012 02:53:16",1332125596,"Mar 29, 2012 23:04:59",1333062299,"aa...@google.com",""
118970,"High","CVE-2011-3101, Cr-Internals, Cr-Internals-GPU-VendorSpecific, M-19, Merge-Merged, OS-Linux, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Severity-High, Type-Bug-Security, merge-merged-1084, reward-500, reward-decline","None",500,"decline","g...@chromium.org","GPU process crash below DoDrawArrays (Nvidia)","Mar 21, 2013 20:42:18",1363898538,"Mar 19, 2012 19:40:45",1332186045,"Apr 19, 2012 19:33:44",1334864024,"aohelin","2011-3101"
119150,"Medium","CVE-2012-2816, Cr-Internals, Cr-Security, M-20, OS-Windows, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1077","Beta, Stable",,"","jsc...@chromium.org","Sandboxed processes should not be able to open other sandboxed processes","Mar 21, 2013 21:05:40",1363899940,"Mar 20, 2012 20:54:12",1332276852,"Apr 19, 2012 19:40:36",1334864436,"jsc...@chromium.org","2012-2816"
119230,"High","CVE-2012-3656, ClusterFuzz, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::splitBlocks","Apr 06, 2013 00:41:57",1365208917,"Mar 21, 2012 01:41:25",1332294085,"Mar 23, 2012 22:06:40",1332540400,"infe...@chromium.org","2012-3656"
119250,"High","CVE-2012-2816, Cr-Internals, Cr-Internals-GPU, M-20, OS-Windows, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","jsc...@chromium.org","GPU, Plugin, and NaCl processes have PROCESS_DUP_HANDLE permission on renderer processes","Mar 21, 2013 21:05:39",1363899939,"Mar 21, 2012 06:31:41",1332311501,"Apr 19, 2012 05:07:34",1334812054,"jsc...@chromium.org","2012-2816"
119281,"High","CVE-2011-3074, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::GenericEventQueue::~GenericEventQueue","Apr 06, 2013 00:41:54",1365208914,"Mar 21, 2012 13:28:10",1332336490,"Mar 30, 2012 01:35:47",1333071347,"slaweck","2011-3074"
119305,"High","Cr-Blink, M-20, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","None",1000,"accept","morr...@chromium.org","Heap-use-after-free in WebCore::Node::~Node","Apr 06, 2013 00:41:53",1365208913,"Mar 21, 2012 17:11:00",1332349860,"Dec 20, 2012 15:53:22",1356018802,"Ax3...@gmail.com",""
119429,"Medium","Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500, reward-decline","Beta, Stable",500,"decline","danno@chromium.org","UNKNOWN in v8::Message::GetScriptResourceName","Apr 06, 2013 00:41:42",1365208902,"Mar 22, 2012 05:16:24",1332393384,"Apr 03, 2012 15:37:23",1333467443,"aohelin",""
119501,"High","ClusterFuzz, Cr-Blink, Cr-Blink-SVG, M-19, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","None",1000,"accept","pdr@chromium.org","Heap-use-after-free in WebCore::SVGStyledElement::buildPendingResourcesIfNeeded","Apr 06, 2013 03:44:24",1365219864,"Mar 22, 2012 17:30:09",1332437409,"Mar 25, 2012 18:20:41",1332699641,"ke...@chromium.org",""
119525,"High","CVE-2011-3075, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::ApplyStyleCommand::applyInlineStyleToNodeRange","Apr 06, 2013 00:41:34",1365208894,"Mar 22, 2012 18:34:15",1332441255,"Mar 24, 2012 20:18:08",1332620288,"miaubiz@gmail.com","2011-3075"
119926,"High","Cr-Internals, M-19, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","danno@chromium.org","Use after free in v8::internal::IncrementalMarking::Step","Mar 21, 2013 20:42:15",1363898535,"Mar 24, 2012 12:15:27",1332591327,"Mar 26, 2012 12:14:40",1332764080,"decoder...@googlemail.com",""
120006,"High","ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::finishDelayUpdateScrollInfo","Apr 06, 2013 00:40:57",1365208857,"Mar 25, 2012 06:59:26",1332658766,"Dec 20, 2012 15:53:22",1356018802,"infe...@chromium.org",""
120007,"High","ClusterFuzz, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","dslomov@chromium.org","Heap-use-after-free in WebCore::WorkerEventQueue::close","Apr 06, 2013 00:40:57",1365208857,"Mar 25, 2012 07:00:08",1332658808,"Apr 04, 2012 21:02:37",1333573357,"infe...@chromium.org",""
120037,"High","CVE-2011-3076, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::ContainerNode::resumePostAttachCallbacks","Apr 06, 2013 00:40:53",1365208853,"Mar 25, 2012 19:12:53",1332702773,"Mar 26, 2012 06:13:07",1332742387,"miaubiz@gmail.com","2011-3076"
120189,"High","CVE-2011-3077, ClusterFuzz, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","adamk@chromium.org","Heap-use-after-free in WebCore::V8RecursionScope::didLeaveScriptContext","Apr 06, 2013 00:40:43",1365208843,"Mar 26, 2012 17:11:09",1332781869,"Mar 26, 2012 22:54:37",1332802477,"infe...@chromium.org","2011-3077"
120205,"Medium","Cr-Blink, Cr-Blink-SVG, M-19, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","schen...@chromium.org","Security: <svg:use> elements in the parser can create elements not marked as created by the parser","Apr 06, 2013 03:44:21",1365219861,"Mar 26, 2012 18:05:25",1332785125,"Dec 20, 2012 15:52:54",1356018774,"schen...@chromium.org",""
120222,"High","CVE-2012-2817, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::RenderTableSection::paintCell","Apr 06, 2013 00:40:40",1365208840,"Mar 26, 2012 18:54:07",1332788047,"Dec 20, 2012 15:53:22",1356018802,"miaubiz@gmail.com","2012-2817"
120318,"High","Cr-Blink, Cr-Internals, Cr-Internals-Plugins-Flash, M-18, Merge-Merged, OS-Windows, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cpu@chromium.org","Flash Broker Bypass 0x2D (CVE-2012-0725)","Apr 06, 2013 04:02:11",1365220931,"Mar 27, 2012 00:44:00",1332809040,"Mar 28, 2012 23:21:00",1332976860,"jsc...@chromium.org",""
120320,"High","Cr-Blink, Cr-Internals, Cr-Internals-Plugins-Flash, M-18, Merge-Merged, OS-Windows, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cpu@chromium.org","Flash Broker Bypass 0x2B (CVE-2012-0724)","Apr 06, 2013 04:02:11",1365220931,"Mar 27, 2012 00:46:15",1332809175,"Mar 28, 2012 23:21:22",1332976882,"jsc...@chromium.org",""
120404,"Medium","ClusterFuzz, Cr-Blink, M-20, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-buffer-overflow in WebCore::Font::codePath","Apr 06, 2013 00:40:27",1365208827,"Mar 27, 2012 14:35:47",1332858947,"Dec 20, 2012 15:52:27",1356018747,"aa...@google.com",""
120457,"Medium","Cr-Blink, M-18, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","","Global-buffer-overflow in WebCore::InlineTextBox::isLineBreak","Apr 06, 2013 00:40:21",1365208821,"Mar 27, 2012 18:05:31",1332871531,"May 03, 2012 19:12:38",1336072358,"miaubiz@gmail.com",""
120648,"Medium","CVE-2011-3088, Cr-Internals, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500, reward","Beta, Stable",500,"decline","scarybea...@gmail.com","UNKNOWN in SkARGB32_Blitter::blitV","Apr 01, 2013 15:36:10",1364830570,"Mar 28, 2012 14:24:49",1332944689,"Apr 02, 2012 19:50:20",1333396220,"aohelin","2011-3088"
120711,"High","CVE-2011-3089, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::Element::recalcStyle","Apr 06, 2013 00:40:08",1365208808,"Mar 28, 2012 18:36:47",1332959807,"Apr 09, 2012 16:08:07",1333987687,"miaubiz@gmail.com","2011-3089"
120912,"High","CVE-2011-3105, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","ke...@chromium.org","Heap-use-after-free in WebCore::RenderText::removeTextBox","Apr 06, 2013 00:39:49",1365208789,"Mar 29, 2012 18:05:15",1333044315,"Dec 20, 2012 15:53:22",1356018802,"miaubiz@gmail.com","2011-3105"
120944,"High","CVE-2012-2818, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","ke...@chromium.org","Use-after-free due to issues in counter layout.","Apr 06, 2013 00:39:45",1365208785,"Mar 29, 2012 19:34:36",1333049676,"Dec 20, 2012 15:53:22",1356018802,"miaubiz@gmail.com","2012-2818"
120977,"High","CVE-2012-2819, Cr-Internals, Cr-Internals-GPU-WebGL, Cr-Internals-Graphics, M-20, Merge-Merged-1132, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, WebKit-ID-8","Beta, Stable",,"","kbr@chromium.org","Crash in texSubImage2D on Mozilla's WebGL performance regression tests","Mar 21, 2013 21:05:29",1363899929,"Mar 29, 2012 21:46:46",1333057606,"Dec 20, 2012 15:53:47",1356018827,"kbr@chromium.org","2012-2819"
121128,"Medium","CVE-2012-3711, ClusterFuzz, Cr-Blink, Cr-Blink-Editing, Cr-Blink-SVG, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","fmal...@chromium.org","Heap-buffer-overflow in void WTF::Vector<unsigned short, 1024ul>::append<unsigned short>","Apr 06, 2013 03:44:20",1365219860,"Mar 30, 2012 16:22:57",1333124577,"Dec 20, 2012 15:52:27",1356018747,"skylined@chromium.org","2012-3711"
121206,"High","CVE-2012-3604, ClusterFuzz, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-buffer-overflow in WebCore::HTMLSelectElement::setRecalcListItems","Apr 06, 2013 00:39:26",1365208766,"Mar 30, 2012 21:50:10",1333144210,"Apr 03, 2012 02:14:07",1333419247,"skylined@chromium.org","2012-3604"
121223,"Medium","CVE-2011-3090, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","yutak@chromium.org","Heap-use-after-free in WebCore::WorkerThreadableWebSocketChannel::Bridge::mainThreadCreateWebSocketChannel","Apr 06, 2013 00:39:25",1365208765,"Mar 30, 2012 23:26:03",1333149963,"Apr 04, 2012 05:09:00",1333516140,"Ax3...@gmail.com","2011-3090"
121259,"Low","Cr-UI, Cr-UI-Browser-Downloads, OS-All, Pri-3, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","rdsmith@chromium.org","Security: downloads initiated by third parties are confusing","Apr 05, 2013 23:29:32",1365204572,"Mar 31, 2012 06:57:43",1333177063,"",0,"lcam...@google.com",""
121347,"Medium","CVE-2012-2865, Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, r","Beta, Stable",500,"accept","dstockw...@chromium.org","Heap-buffer-overflow in WebCore::RenderBlock::LineBreaker::nextLineBreak","Apr 06, 2013 00:39:11",1365208751,"Apr 01, 2012 16:22:41",1333297361,"Dec 20, 2012 15:52:27",1356018747,"miaubiz@gmail.com","2012-2865"
121407,"High","Cr-Blink, Cr-Blink-JavaScript, Cr-Internals, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","danno@chromium.org","[LangFuzz] Invalid write in v8::internal::ElementsAccessorBase<...>::CopyElements","Apr 06, 2013 03:24:13",1365218653,"Apr 02, 2012 10:59:20",1333364360,"Apr 03, 2012 15:40:26",1333467626,"decoder...@googlemail.com",""
121524,"High","Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","","Use after free with reflections and composited layers","Apr 06, 2013 00:38:55",1365208735,"Apr 02, 2012 21:09:23",1333400963,"Apr 02, 2012 21:12:05",1333401125,"infe...@chromium.org",""
121645,"High","CVE-2012-3674, ClusterFuzz, Cr-Blink, Cr-Blink-SVG, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Securit","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::removeFloatingObject","Apr 06, 2013 03:44:19",1365219859,"Apr 03, 2012 12:29:37",1333456177,"Apr 09, 2012 18:22:50",1333995770,"skylined@chromium.org","2012-3674"
121692,"High","CVE-2012-3625, ClusterFuzz, Cr-Blink, Cr-Blink-CSS, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Securit","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::SelectorChecker::checkOneSelector","Apr 06, 2013 05:00:02",1365224402,"Apr 03, 2012 16:39:17",1333471157,"Apr 03, 2012 22:52:34",1333493554,"skylined@chromium.org","2012-3625"
121703,"Low","Cr-UI-Browser-Omnibox, M-20, OS-Mac, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Stability-Crash, Type-Bug-Security","Beta, Stable",,"","mrossetti@chromium.org","Crash in NSMutableRLEArray replaceObjectsInRange:withObject:length with long URL","Mar 21, 2013 21:05:26",1363899926,"Apr 03, 2012 17:24:03",1333473843,"Jun 12, 2012 18:07:52",1339524472,"Aaron.Tr...@gmail.com",""
121726,"Medium","CVE-2011-3080, Cr-Blink, Cr-Internals, Cr-Internals-Plugins-Flash, Cr-Security, M-18, Merge-Merged, OS-Windows, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cpu@chromium.org","Sandbox IPC length checking race","Apr 06, 2013 04:01:57",1365220917,"Apr 03, 2012 18:29:21",1333477761,"Apr 04, 2012 04:49:17",1333514957,"jsc...@chromium.org","2011-3080"
121734,"High","CVE-2011-3091, ClusterFuzz, Cr-Blink, Cr-Blink-Storage-IndexedDB, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Ty","Beta, Stable",,"","dgrogan@chromium.org","Heap-use-after-free in WebCore::V8AbstractEventListener::~V8AbstractEventListener","Apr 06, 2013 03:06:39",1365217599,"Apr 03, 2012 19:03:50",1333479830,"Apr 11, 2012 04:37:06",1334119026,"infe...@chromium.org","2011-3091"
121899,"High","CVE-2011-3081, Cr-Blink, M-18, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Security: use-after-free in WebCore::RenderBoxModelObject::hasSelfPaintingLayer()","Apr 06, 2013 00:38:19",1365208699,"Apr 04, 2012 14:58:19",1333551499,"Apr 11, 2012 04:53:04",1334119984,"miaubiz@gmail.com","2011-3081"
121926,"Medium","CVE-2012-2820, Cr-Blink, Cr-Blink-SVG, M-20, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","schen...@chromium.org","Heap-buffer-overflow in WebCore::FEConvolveMatrix::platformApplySoftware","Apr 06, 2013 03:44:17",1365219857,"Apr 04, 2012 16:36:54",1333557414,"Dec 20, 2012 15:52:27",1356018747,"attek...@gmail.com","2012-2820"
122014,"High","CVE-2012-3670, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","dslomov@chromium.org","Heap-use-after-free in WorkerEventQueue::close","Apr 06, 2013 00:38:11",1365208691,"Apr 04, 2012 21:01:44",1333573304,"Apr 05, 2012 05:17:06",1333603026,"infe...@chromium.org","2012-3670"
122029,"High","CVE-2012-3654, ClusterFuzz, Cr-Blink, Cr-Blink-SVG, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-buffer-overflow in WebCore::InlineFlowBox::addToLine","Apr 06, 2013 03:44:17",1365219857,"Apr 04, 2012 21:34:58",1333575298,"Dec 20, 2012 15:53:22",1356018802,"infe...@chromium.org","2012-3654"
122208,"High","Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","adamk@chromium.org","GCing a node observed by a WebKitMutationObserver can cause an invalid HashSet iterator ","Apr 06, 2013 00:37:52",1365208672,"Apr 05, 2012 19:31:57",1333654317,"Apr 05, 2012 21:12:56",1333660376,"adamk@chromium.org",""
122337,"High","CVE-2011-3092, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Security_Impact-Beta, Security_Severity-High, Type-Bug-Security, reward-1000","Beta",1000,"accept","erikcorry@google.com","[LangFuzz] Crash on heap with invalid write (32 bit only).","Apr 06, 2013 00:37:39",1365208659,"Apr 06, 2012 11:28:22",1333711702,"Apr 12, 2012 16:03:16",1334246596,"decoder...@googlemail.com","2011-3092"
122562,"High","Cr-Blink, M-19, Merge-Merged, OS-Linux, OS-Windows, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, merge-merged-1084, reward-1000","None",1000,"accept","koz@chromium.org","Heap-use-after-free in ModuleSystem::LazyFieldGetter","Apr 06, 2013 00:37:20",1365208640,"Apr 08, 2012 12:50:43",1333889443,"Apr 13, 2012 19:24:05",1334345045,"Ax3...@gmail.com",""
122573,"High","ClusterFuzz, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","jap...@chromium.org","Heap-use-after-free in WebCore::CachedRawResource::didAddClient","Apr 06, 2013 00:37:19",1365208639,"Apr 08, 2012 15:23:35",1333898615,"Apr 25, 2012 19:31:41",1335382301,"infe...@chromium.org",""
122585,"Medium","CVE-2011-3093, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","ba...@chromium.org","Security: stack-buffer-overflow in WebCore::GlyphPage::fill with surrogate characters","Apr 06, 2013 00:37:18",1365208638,"Apr 08, 2012 19:53:55",1333914835,"Apr 12, 2012 18:59:32",1334257172,"miaubiz@gmail.com","2011-3093"
122586,"Medium","CVE-2011-3094, Cr-Internals, M-19, Merge-Merged, OS-Linux, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","ba...@chromium.org","Global-buffer-overflow in HB_TibetanShape","Mar 21, 2013 21:05:21",1363899921,"Apr 08, 2012 20:10:49",1333915849,"Apr 11, 2012 02:40:41",1334112041,"miaubiz@gmail.com","2011-3094"
122654,"Critical","CVE-2011-3106, Cr-Internals, M-19, Merge-Merged, MovedFrom-20, MovedFrom-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Critical, Stability-Crash, Type-Bug-Security, merge-","Beta, Stable",,"","toyoshim@chromium.org","Chrome: Crash Report: SocketStreamDispatcherHost::CancelSSLRequest","Mar 21, 2013 21:07:52",1363900072,"Apr 09, 2012 18:12:58",1333995178,"Dec 20, 2012 15:53:47",1356018827,"dhar...@google.com","2011-3106"
122681,"Medium","Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-Medium, Type-Bug-Security, reward-500","None",500,"accept","vegorov@chromium.org","[LangFuzz] CHECK(fixed_size + height_in_bytes == input_frame_size) failed or crash with invalid read","Apr 06, 2013 00:37:03",1365208623,"Apr 09, 2012 21:12:54",1334005974,"Apr 10, 2012 13:53:09",1334065989,"decoder...@googlemail.com",""
122925,"Medium","CVE-2012-2821, Cr-UI, Cr-UI-Browser-Autofill, M-20, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","isherman@chromium.org","Security: Autofill info can be captured by innocuous social engineering","Mar 21, 2013 21:05:20",1363899920,"Apr 11, 2012 02:30:58",1334111458,"Dec 20, 2012 15:52:54",1356018774,"simonbro...@gmail.com","2012-2821"
123029,"High","Cr-Internals, Cr-Internals-Skia, M-19, Merge-Merged, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta",1000,"accept","epoger@google.com","OOB write in SkARGB32_Black_Blitter::blitAntiH -> sk_memset32_SSE2","Apr 01, 2013 15:35:59",1364830559,"Apr 11, 2012 20:16:06",1334175366,"Apr 17, 2012 20:56:16",1334696176,"aohelin",""
123481,"High","CVE-2011-3095, Cr-Internals, Cr-Internals-Media, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, ","Beta, Stable",1000,"accept","dalecur...@chromium.org","Security:  ERROR: AddressSanitizer heap-buffer-overflow on address 0x7fde15ff9890 at pc 0x7fde364c5034","Apr 01, 2013 15:35:59",1364830559,"Apr 14, 2012 17:55:55",1334426155,"Apr 18, 2012 18:25:00",1334773500,"heikkine...@gmail.com","2011-3095"
123530,"Low","CVE-2011-3096, Cr-UI, Cr-UI-Browser-Omnibox, M-19, Merge-Merged, OS-Linux, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1084","Beta, Stable",,"","erg@chromium.org","Heap-use-after-free in AutocompleteMatch::AutocompleteMatch","Mar 21, 2013 21:05:18",1363899918,"Apr 15, 2012 17:29:25",1334510965,"Apr 17, 2012 01:07:50",1334624870,"Ax3...@gmail.com","2011-3096"
123631,"High","CVE-2012-3703, Cr-Blink, Cr-Blink-SVG, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","schen...@chromium.org","Heap-use-after-free in WebCore::GraphicsContext::paintingDisabled","Apr 06, 2013 03:44:12",1365219852,"Apr 16, 2012 16:56:57",1334595417,"Dec 20, 2012 15:53:22",1356018802,"jsc...@chromium.org","2012-3703"
123656,"Low","M-20, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","","Apr 01, 2013 15:35:57",1364830557,"Apr 16, 2012 18:56:36",1334602596,"Dec 20, 2012 15:52:01",1356018721,"scarybea...@gmail.com",""
123709,"High","Cr-Internals, M-18, OS-Windows, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","c...@chromium.org","Breakpad ClientInfo::PopulateCustomInfo() integer wrap leads to heap overflow","Mar 21, 2013 21:05:17",1363899917,"Apr 16, 2012 23:18:43",1334618323,"Apr 17, 2012 18:21:29",1334686889,"c...@chromium.org",""
123733,"Medium","CVE-2011-3097, M-19, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org"," function","Mar 21, 2013 21:05:17",1363899917,"Apr 17, 2012 02:34:46",1334630086,"Apr 17, 2012 21:07:16",1334696836,"scarybea...@gmail.com","2011-3097"
123735,"Medium","M-20, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB reads in PDF AES support due to buffer mismanagement","Mar 21, 2013 21:05:16",1363899916,"Apr 17, 2012 03:07:53",1334632073,"Dec 20, 2012 15:52:27",1356018747,"scarybea...@gmail.com",""
123929,"","M-20, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org"," key and revision 3 crypto","Mar 21, 2013 21:05:16",1363899916,"Apr 17, 2012 23:18:59",1334704739,"Dec 20, 2012 15:52:01",1356018721,"scarybea...@gmail.com",""
124179,"Low","M-20, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF crash under ASAN with character maps","Mar 21, 2013 21:05:15",1363899915,"Apr 19, 2012 08:49:16",1334825356,"Dec 20, 2012 15:52:01",1356018721,"scarybea...@gmail.com",""
124182,"High","CVE-2011-3097, Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-19, Merge-Merged, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","Out of bounds write in PDF with sample function with lots of inputs","Apr 06, 2013 03:12:44",1365217964,"Apr 19, 2012 09:49:47",1334828987,"Apr 20, 2012 19:46:07",1334951167,"scarybea...@gmail.com","2011-3097"
124183,"Medium","M-20, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read in PDF fax codec","Mar 21, 2013 21:05:15",1363899915,"Apr 19, 2012 10:17:06",1334830626,"Dec 20, 2012 15:52:27",1356018747,"scarybea...@gmail.com",""
124184,"Low","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read with 1bpp image and ICC profile","Apr 06, 2013 03:12:43",1365217963,"Apr 19, 2012 10:30:55",1334831455,"Dec 20, 2012 15:52:01",1356018721,"scarybea...@gmail.com",""
124190,"Low","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read, off-by-one in PDF predictor code with specific decode parameters","Apr 06, 2013 03:12:43",1365217963,"Apr 19, 2012 12:47:19",1334839639,"Dec 20, 2012 15:52:02",1356018722,"scarybea...@gmail.com",""
124191,"Medium","Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read in PDF when parsing / processing text","Apr 06, 2013 03:12:43",1365217963,"Apr 19, 2012 12:55:06",1334840106,"Dec 20, 2012 15:52:27",1356018747,"scarybea...@gmail.com",""
124216,"Low","CVE-2011-3098, Cr-Blink, Cr-Internals, Cr-Internals-Plugins, M-19, Merge-Merged, OS-Windows, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1084","Beta, Stable",,"","jsc...@chromium.org","Security: MSVR:159 - Google Chrome NPAPI Plugin Insecure Loading Elevation of Privilege Vulnerability","Apr 06, 2013 04:19:07",1365221947,"Apr 19, 2012 15:25:22",1334849122,"Apr 20, 2012 00:34:06",1334882046,"MSVulner...@gmail.com","2011-3098"
124263,"","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-None, Security_Impact-Stable, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read with PDF in cell sorting","Apr 06, 2013 03:12:42",1365217962,"Apr 19, 2012 18:27:09",1334860029,"Apr 24, 2012 00:50:35",1335228635,"scarybea...@gmail.com",""
124356,"High","CVE-2012-2823, Cr-Blink, Cr-Blink-SVG, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-100","Beta, Stable",1000,"accept","schen...@chromium.org","Heap-use-after-free in WebCore::GraphicsContext::restore","Apr 06, 2013 03:44:11",1365219851,"Apr 20, 2012 05:25:14",1334899514,"Dec 20, 2012 15:53:22",1356018802,"miaubiz@gmail.com","2012-2823"
124479,"","CVE-2011-3099, Cr-Blink, Cr-Internals-Plugins-PDF, M-19, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","Use after free in PDF with corrupt CID font encoding name","Apr 06, 2013 03:12:40",1365217960,"Apr 20, 2012 21:38:55",1334957935,"Apr 20, 2012 22:10:48",1334959848,"scarybea...@gmail.com","2011-3099"
124530,"High","CVE-2012-3652, ClusterFuzz, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::layoutPositionedObjects","Apr 06, 2013 00:33:54",1365208434,"Apr 21, 2012 07:12:20",1334992340,"Dec 20, 2012 15:53:22",1356018802,"aa...@google.com","2012-3652"
124594,"Medium","Cr-Blink, Cr-Blink-JavaScript, M-20, OS-Linux, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-Medium, Type-Bug-Security, reward-500","None",500,"accept","mstarzinger@chromium.org","UNKNOWN in v8::internal::MarkCompactCollector::PrepareThreadForCodeFlushing","Apr 06, 2013 03:23:58",1365218638,"Apr 22, 2012 20:46:08",1335127568,"Apr 25, 2012 14:44:38",1335365078,"decoder...@googlemail.com",""
124617,"High","ClusterFuzz, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-buffer-overflow in WebCore::RenderBlock::createLineBoxes","Apr 06, 2013 00:33:44",1365208424,"Apr 23, 2012 11:44:16",1335181456,"Dec 20, 2012 15:53:22",1356018802,"skylined@chromium.org",""
124625,"High","CVE-2011-3107, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security","Beta, Stable",,"","jap...@chromium.org","Chrome: Crash Report -         Stack Signature: WebCore::npObjectNamedGetter<WebCore::V8HTM...  ","Apr 06, 2013 00:33:42",1365208422,"Apr 23, 2012 13:26:09",1335187569,"Dec 20, 2012 15:52:54",1356018774,"dhar...@chromium.org","2011-3107"
124669,"High","Cr-Blink, Cr-Blink-SVG, M-20, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","schen...@chromium.org","Heap-use-after-free in WebCore::SVGLength::value","Apr 06, 2013 03:44:09",1365219849,"Apr 23, 2012 17:41:46",1335202906,"Dec 20, 2012 15:53:22",1356018802,"miaubiz@gmail.com",""
124870,"High","CVE-2012-3624, ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::InsertParagraphSeparatorCommand::doApply","Apr 06, 2013 00:33:16",1365208396,"Apr 24, 2012 19:33:30",1335296010,"Dec 20, 2012 15:53:22",1356018802,"aa...@google.com","2012-3624"
124893,"High","CVE-2012-3626, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","","Heap-buffer-overflow in WebCore::HTMLOptionElement::selected","Apr 06, 2013 00:33:13",1365208393,"Apr 24, 2012 21:30:34",1335303034,"Apr 27, 2012 02:45:23",1335494723,"infe...@chromium.org","2012-3626"
124895,"High","Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","jsc...@chromium.org","Heap-use-after-free in WebCore::ScriptController::executeIfJavaScriptURL","Apr 06, 2013 00:33:13",1365208393,"Apr 24, 2012 21:33:49",1335303229,"Apr 30, 2012 17:01:54",1335805314,"infe...@chromium.org",""
124919,"High","ClusterFuzz, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::addOverflowFromFloats","Apr 06, 2013 00:33:12",1365208392,"Apr 24, 2012 23:10:22",1335309022,"Apr 30, 2012 21:31:54",1335821514,"aa...@google.com",""
124924,"High","Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","Heap-buffer-overflow in WebCore::XPath::sortBlock","Apr 06, 2013 00:33:11",1365208391,"Apr 24, 2012 23:18:15",1335309495,"Dec 20, 2012 15:53:23",1356018803,"infe...@chromium.org",""
125159,"Critical","CVE-2011-3108, Cr-Internals, Cr-Internals-Network-Cache, M-19, Merge-Merged, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Critical, Stability-Crash, Type-Bug-Security, merge-","Beta, Stable",1337,"accept","rvargas@chromium.org","Chrome chrashes when pressing back button on a page that is still downloading a big gif image","Mar 21, 2013 21:07:52",1363900072,"Apr 26, 2012 09:49:23",1335433763,"Dec 20, 2012 15:53:48",1356018828,"efbiaiin...@gmail.com","2011-3108"
125225,"Medium","CVE-2012-2846, Cr-Internals, M-21, OS-Linux, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1132","Beta, Stable",,"","jln@chromium.org","Domui process can be ptraced from a compromised renderer leading to sandbox escape, take 2","Mar 21, 2013 21:05:05",1363899905,"Apr 26, 2012 19:42:48",1335469368,"Dec 20, 2012 15:52:54",1356018774,"jln@chromium.org","2012-2846"
125374,"High","CVE-2012-2824, Cr-Blink, Cr-Blink-SVG, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","schen...@chromium.org","Heap-use-after-free in WebCore::RenderSVGContainer::paint","Apr 06, 2013 03:44:08",1365219848,"Apr 27, 2012 18:48:53",1335552533,"Dec 20, 2012 15:53:23",1356018803,"miaubiz@gmail.com","2012-2824"
125462,"High","CVE-2011-3102, Cr-Internals, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1084, reward-1500","Beta, Stable",1500,"accept","cev...@chromium.org","Security: libxml2 1-byte heap-buffer-overflow in xmlXPtrEvalXPtrPart","Mar 21, 2013 21:05:04",1363899904,"Apr 28, 2012 12:56:45",1335617805,"May 03, 2012 17:49:26",1336067366,"a...@ut.ee","2011-3102"
125494,"High","CVE-2012-3627, ClusterFuzz, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","simonjam@chromium.org","Heap-buffer-overflow in WebCore::HTMLTreeBuilder::processEndTag","Apr 06, 2013 00:32:23",1365208343,"Apr 29, 2012 01:34:54",1335663294,"May 02, 2012 00:29:00",1335918540,"infe...@chromium.org","2012-3627"
125515,"High","Cr-Blink, Cr-Blink-JavaScript, Cr-Internals, M-19, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Type-Bug-Security, reward-1000","Beta",1000,"accept","danno@chromium.org","[LangFuzz] Crash on heap with invalid write to random address","Apr 06, 2013 03:23:54",1365218634,"Apr 29, 2012 18:16:14",1335723374,"May 03, 2012 15:27:43",1336058863,"decoder...@googlemail.com",""
125555,"High","ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","mikelawt...@chromium.org","Heap-use-after-free in WTF::HashMap<int, WTF::RefPtr<WebCore::CalculationValue>, WTF::IntHash<unsigned int>, WTF::HashTrait","Apr 06, 2013 00:32:15",1365208335,"Apr 30, 2012 14:43:07",1335796987,"Dec 20, 2012 15:53:23",1356018803,"infe...@chromium.org",""
125563,"High","CVE-2012-3671, ClusterFuzz, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::determineStartPosition","Apr 06, 2013 00:32:13",1365208333,"Apr 30, 2012 16:19:11",1335802751,"Dec 20, 2012 15:53:23",1356018803,"aa...@google.com","2012-3671"
125730,"High","ClusterFuzz, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::Document::nodeChildrenWillBeRemoved","Apr 06, 2013 00:31:59",1365208319,"May 01, 2012 14:38:40",1335883120,"Dec 20, 2012 15:53:23",1356018803,"ke...@chromium.org",""
125821,"Low","Cr-Internals, M-20, OS-Linux, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","jln@chromium.org","The Linux setuid sandbox has becomre (even more) insanely complex","Mar 21, 2013 21:05:03",1363899903,"May 01, 2012 21:48:03",1335908883,"May 23, 2012 16:02:26",1337788946,"jln@chromium.org",""
125919,"Medium","Cr-Blink, Cr-Blink-SVG, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-Medium, Type-Bug-Security, reward-500","Beta",500,"accept","","Heap-buffer-overflow in WebCore::SVGAnimatedPointListAnimator::calculateAnimatedValue","Apr 06, 2013 03:44:05",1365219845,"May 02, 2012 12:20:58",1335961258,"Dec 20, 2012 15:52:27",1356018747,"attek...@gmail.com",""
125921,"Medium","CVE-2012-3660, ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-buffer-overflow in WebCore::FontCache::releaseFontData","Apr 06, 2013 00:31:41",1365208301,"May 02, 2012 12:53:58",1335963238,"Dec 20, 2012 15:52:27",1356018747,"aa...@google.com","2012-3660"
126040,"High","CVE-2012-3628, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::ContainerNode::insertBefore","Apr 06, 2013 00:31:31",1365208291,"May 03, 2012 00:35:32",1336005332,"Dec 20, 2012 15:53:23",1356018803,"infe...@chromium.org","2012-3628"
126048,"High","Cr-Internals, M-20, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","primi...@chromium.org","Heap-use-after-free in SpeechRecognitionManagerImpl::DispatchEvent","Mar 21, 2013 20:41:49",1363898509,"May 03, 2012 02:20:56",1336011656,"May 04, 2012 16:30:07",1336149007,"chamal.d...@gmail.com",""
126296,"High","CVE-2011-3109, Cr-UI, M-19, Merge-Merged, OS-Linux, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1084, merge-merged-1132, reward-1000","Beta, Stable",1000,"accept","derat@chromium.org",").initMouseEvent in background tab","Mar 21, 2013 21:05:01",1363899901,"May 04, 2012 20:49:01",1336164541,"Dec 20, 2012 15:53:48",1356018828,"michabar...@gmail.com","2011-3109"
126337,"High","CVE-2011-3110, M-19, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","Stack buffer overflow in character range parsing","Mar 21, 2013 21:05:01",1363899901,"May 05, 2012 00:21:18",1336177278,"Dec 20, 2012 15:53:23",1356018803,"scarybea...@gmail.com","2011-3110"
126343,"High","CVE-2011-3110, M-19, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB write in PDF character code mapping","Mar 21, 2013 21:05:00",1363899900,"May 05, 2012 01:23:22",1336181002,"Dec 20, 2012 15:53:23",1356018803,"scarybea...@gmail.com","2011-3110"
126378,"High","CVE-2011-3110, Cr-Blink, Cr-Internals-Plugins-PDF, M-19, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","Heap buffer overflow in JBIG2 huffman symbol decoding","Apr 06, 2013 03:12:36",1365217956,"May 05, 2012 16:19:22",1336234762,"Dec 20, 2012 15:53:23",1356018803,"scarybea...@gmail.com","2011-3110"
126405,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read in PDF with mismatched key length vs. encryption type","Apr 06, 2013 03:12:36",1365217956,"May 06, 2012 06:35:36",1336286136,"Dec 20, 2012 15:52:27",1356018747,"scarybea...@gmail.com",""
126406,"High","CVE-2012-3672, ClusterFuzz, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::addChildIgnoringAnonymousColumnBlocks","Apr 06, 2013 00:30:59",1365208259,"May 06, 2012 06:47:01",1336286821,"Dec 20, 2012 15:53:23",1356018803,"infe...@chromium.org","2012-3672"
126414,"Medium","CVE-2011-3111, Cr-Internals, M-19, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","jkummerow@chromium.org","[LangFuzz] Crash on heap with invalid read from random address (32 bit)","Mar 21, 2013 21:04:59",1363899899,"May 06, 2012 14:22:57",1336314177,"Dec 20, 2012 15:52:27",1356018747,"decoder...@googlemail.com","2011-3111"
126475,"High","CVE-2012-3673, ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::InlineBox::root","Apr 06, 2013 00:30:54",1365208254,"May 07, 2012 15:50:36",1336405836,"Dec 20, 2012 15:53:23",1356018803,"infe...@chromium.org","2012-3673"
126723,"High","CVE-2012-3601, ClusterFuzz, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::checkFloatsInCleanLine","Apr 06, 2013 00:30:32",1365208232,"May 08, 2012 13:52:02",1336485122,"Dec 20, 2012 15:53:23",1356018803,"infe...@chromium.org","2012-3601"
127331,"High","CVE-2011-3112, Cr-Blink, Cr-Internals-Plugins-PDF, M-19, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","Use-after-free in PDF with bad cross-refs and encryption","Apr 06, 2013 03:12:34",1365217954,"May 08, 2012 22:22:34",1336515754,"Dec 20, 2012 15:53:23",1356018803,"scarybea...@gmail.com","2011-3112"
127349,"High","CVE-2011-3110, Cr-Blink, Cr-Internals-Plugins-PDF, M-19, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org"," function","Apr 06, 2013 03:12:34",1365217954,"May 08, 2012 23:53:42",1336521222,"Dec 20, 2012 15:53:23",1356018803,"scarybea...@gmail.com","2011-3110"
127363,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read of line at offset -1 in JBIG2 decoder","Apr 06, 2013 03:12:33",1365217953,"May 09, 2012 03:45:12",1336535112,"Dec 20, 2012 15:52:27",1356018747,"scarybea...@gmail.com",""
127366,"High","CVE-2012-3617, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::ReplaceSelectionCommand::performTrivialReplace","Apr 06, 2013 00:30:07",1365208207,"May 09, 2012 05:33:21",1336541601,"Dec 20, 2012 15:53:23",1356018803,"infe...@chromium.org","2012-3617"
127367,"High","CVE-2012-3598, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, WebKit-ID-85939","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::ApplyStyleCommand::joinChildTextNodes","Apr 06, 2013 00:30:06",1365208206,"May 09, 2012 05:34:47",1336541687,"Dec 20, 2012 15:53:23",1356018803,"infe...@chromium.org","2012-3598"
127417,"","CVE-2012-2825, Cr-Internals, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Type-Bug-Security, merge-merged-1132, reward-500","Beta, Stable",500,"accept","cev...@chromium.org","Security: Arbitrary memory read in libxslt","Mar 21, 2013 21:04:56",1363899896,"May 09, 2012 16:51:20",1336582280,"Dec 20, 2012 15:52:02",1356018722,"nicolas....@agarri.fr","2012-2825"
127418,"High","Cr-Blink, Cr-Blink-SVG, M-20, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","None",1000,"accept","fmal...@chromium.org","Heap-use-after-free in WebCore::SVGTextLayoutEngine::layoutTextOnLineOrPath","Apr 06, 2013 03:44:03",1365219843,"May 09, 2012 17:09:36",1336583376,"Dec 20, 2012 15:52:55",1356018775,"Ax3...@gmail.com",""
127424,"High","Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta",1000,"accept","tkent@chromium.org","Heap-use-after-free in WebKit::WebPagePopupImpl::closePopup","Apr 06, 2013 00:30:03",1365208203,"May 09, 2012 17:56:42",1336586202,"Dec 20, 2012 15:53:23",1356018803,"miaubiz@gmail.com",""
127522,"Low","CVE-2012-2847, Cr-Internals, Cr-UI-Browser-Downloads, M-21, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","rdsmith@chromium.org"," from File Download","Mar 21, 2013 21:04:55",1363899895,"May 10, 2012 07:24:30",1336634670,"Dec 20, 2012 15:52:02",1356018722,"m...@m-austin.com","2012-2847"
127525,"Medium","CVE-2012-2848, Cr-Internals, M-21, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","tsepez@chromium.org","Dragging a file into a web renderer exposes the file: scheme","Mar 21, 2013 21:04:55",1363899895,"May 10, 2012 07:44:31",1336635871,"Dec 20, 2012 15:52:55",1356018775,"m...@m-austin.com","2012-2848"
127624,"Low","Cr-Internals, M-21, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","tsepez@chromium.org","Security: pepper plugins - protect plugin's data files from other plugins and the renderer itself.","Mar 21, 2013 20:51:47",1363899107,"May 10, 2012 18:51:49",1336675909,"Dec 20, 2012 15:52:27",1356018747,"tsepez@chromium.org",""
127819,"High","CVE-2011-3110, Cr-Blink, Cr-Internals-Plugins-PDF, M-19, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","Memory corruption in memset() with corrupt JBig2 image","Apr 06, 2013 03:12:31",1365217951,"May 11, 2012 18:59:48",1336762788,"Dec 20, 2012 15:53:23",1356018803,"scarybea...@gmail.com","2011-3110"
127868,"High","CVE-2011-3110, Cr-Blink, Cr-Internals-Plugins-PDF, M-19, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org"," that returns more than 1 output value","Apr 06, 2013 03:12:31",1365217951,"May 11, 2012 22:19:08",1336774748,"Dec 20, 2012 15:53:24",1356018804,"scarybea...@gmail.com","2011-3110"
127883,"High","CVE-2011-3113, Cr-Blink, Cr-Internals-Plugins-PDF, M-19, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org"," colorspace array","Apr 06, 2013 03:12:31",1365217951,"May 11, 2012 23:33:02",1336779182,"Dec 20, 2012 15:53:24",1356018804,"scarybea...@gmail.com","2011-3113"
127897,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read in PDF due to negative index with malformed JBIG2 file","Apr 06, 2013 03:12:30",1365217950,"May 12, 2012 03:24:38",1336793078,"Dec 20, 2012 15:52:27",1356018747,"scarybea...@gmail.com",""
127901,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB reads parsing inline PDF streams","Apr 06, 2013 03:12:29",1365217949,"May 12, 2012 05:27:31",1336800451,"Dec 20, 2012 15:52:27",1356018747,"scarybea...@gmail.com",""
127986,"Low","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read in PDF with mismatched key length","Apr 06, 2013 03:12:29",1365217949,"May 14, 2012 01:19:19",1336958359,"Dec 20, 2012 15:52:02",1356018722,"scarybea...@gmail.com",""
128003,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read in PDF with stitched functions","Apr 06, 2013 03:12:28",1365217948,"May 14, 2012 07:40:07",1336981207,"Dec 20, 2012 15:52:27",1356018747,"scarybea...@gmail.com",""
128014,"High","CVE-2011-3114, Cr-Blink, Cr-Internals-Plugins-PDF, M-19, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","Probable buffer overflows in PDF with mismatched function outputs","Apr 06, 2013 03:12:28",1365217948,"May 14, 2012 10:19:51",1336990791,"Dec 20, 2012 15:53:24",1356018804,"scarybea...@gmail.com","2011-3114"
128018,"High","CVE-2011-3115, Cr-Blink, Cr-Blink-JavaScript, Cr-Internals, M-19, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","danno@chromium.org","[LangFuzz] Crash in v8::internal::ShortCircuitConsString with invalid read","Apr 06, 2013 03:23:47",1365218627,"May 14, 2012 11:06:41",1336993601,"May 21, 2012 12:34:29",1337603669,"decoder...@googlemail.com","2011-3115"
128151,"High","Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","kinuko@chromium.org","Heap-use-after-free in WebKit::MainThreadFileSystemCallbacks::didSucceed","Apr 06, 2013 00:29:03",1365208143,"May 15, 2012 10:57:11",1337079431,"Dec 20, 2012 15:53:24",1356018804,"Ax3...@gmail.com",""
128159,"High","ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","mikelawt...@chromium.org","Heap-use-after-free in WTF::HashMap<int, WTF::RefPtr<WebCore::CalculationValue>, WTF::IntHash<unsigned int>, WTF::HashTrait","Apr 06, 2013 00:29:01",1365208141,"May 15, 2012 13:26:16",1337088376,"Dec 20, 2012 15:53:24",1356018804,"infe...@chromium.org",""
128163,"Low","CVE-2012-2849, Cr-Blink, M-21, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","pkasting@chromium.org","Heap-buffer-overflow in GIFImageReader::read","Apr 06, 2013 00:29:00",1365208140,"May 15, 2012 14:06:49",1337090809,"Dec 20, 2012 15:52:27",1356018747,"attek...@gmail.com","2012-2849"
128178,"Critical","Cr-Blink, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-Critical, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-3133","None",3133,"accept","kinuko@chromium.org","Heap-use-after-free in fileapi::FileSystemOperation::DidGetUsageAndQuotaAndRunTask","Apr 06, 2013 00:28:57",1365208137,"May 15, 2012 16:06:56",1337098016,"May 17, 2012 16:09:03",1337270943,"Ax3...@gmail.com",""
128336,"High","CVE-2012-3657, ClusterFuzz, Cr-Blink, M-19, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-buffer-overflow in WebCore::SubframeLoader::createJavaAppletWidget","Apr 06, 2013 00:28:44",1365208124,"May 16, 2012 12:33:16",1337171596,"Dec 20, 2012 15:53:24",1356018804,"infe...@chromium.org","2012-3657"
128497,"High","CVE-2012-3710, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","jamesr@chromium.org","CachedImage does not clear the ImageObserver pointer when dropping its Image ref","Apr 06, 2013 00:28:29",1365208109,"May 17, 2012 05:25:57",1337232357,"Dec 20, 2012 15:53:24",1356018804,"infe...@chromium.org","2012-3710"
128498,"Medium","CVE-2012-3614, ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","","Heap-buffer-overflow in WebCore::CSSSelector::specificityForOneSelector","Apr 06, 2013 00:28:28",1365208108,"May 17, 2012 05:38:08",1337233088,"Dec 20, 2012 15:52:27",1356018747,"infe...@chromium.org","2012-3614"
128597,"Low","Cr-Internals, M-22, OS-All, Pri-2, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","c...@chromium.org","RenderViewImpl's shared_popup_counter_ isn't incremented properly","Mar 21, 2013 21:04:49",1363899889,"May 17, 2012 19:47:44",1337284064,"Nov 28, 2012 22:58:08",1354143488,"c...@chromium.org",""
128688,"Medium","CVE-2012-2826, ClusterFuzz, Cr-Blink, M-20, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-86877-RESOLVE","Beta, Stable",,"","kbr@chromium.org","Heap-buffer-overflow in gpu::gles2::GLES2Implementation::TexSubImage2DImpl","Apr 06, 2013 00:28:16",1365208096,"May 18, 2012 05:51:18",1337320278,"Dec 20, 2012 15:52:55",1356018775,"infe...@chromium.org","2012-2826"
128704,"Low","Cr-UI, M-19, Merge-Merged, OS-All, OS-Chrome, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, VerifyIn-26, VerifyIn-27, merge-merged-1084, merge-merged-1132","Beta, Stable",,"","hashimoto@chromium.org","Crash when opening and closing chrome://chrome","Apr 02, 2013 17:58:02",1364925482,"May 18, 2012 10:05:13",1337335513,"Dec 20, 2012 15:52:02",1356018722,"hashimoto@chromium.org",""
129158,"Medium","ClusterFuzz, Cr-Blink, Cr-UI-Accessibility, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-98073","Beta, Stable",,"","dmazzoni@chromium.org","Heap-use-after-free in WebCore::AccessibilityObject::getAttribute","Apr 06, 2013 00:27:31",1365208051,"May 22, 2012 12:54:50",1337691290,"Dec 20, 2012 15:52:27",1356018747,"aa...@google.com",""
129301,"Medium","ClusterFuzz, Cr-Blink, Cr-UI-Accessibility, M-23, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","dmazzoni@chromium.org","Heap-use-after-free in WebCore::AXObjectCache::postPlatformNotification","Apr 06, 2013 00:27:19",1365208039,"May 23, 2012 04:32:34",1337747554,"Dec 20, 2012 15:52:27",1356018747,"infe...@chromium.org",""
129826,"Low","CVE-2012-2827, Cr-UI, Cr-UI-Browser-Downloads, M-20, Merge-Merged, OS-Mac, Pri-2, Restrict-AddIssueComment-EditIssue, Review-Security, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Stability-Crash, Type-Bug-Security, merg","Beta, Stable",,"","rsesek@chromium.org","Chrome_Mac: Zombie <DownloadItemController: 0x1f1e6fd0> received -handleReveal: (via -performSelector:withObject:)","Mar 21, 2013 21:04:45",1363899885,"May 25, 2012 22:46:26",1337985986,"Dec 20, 2012 15:52:27",1356018747,"dhar...@google.com","2012-2827"
129857,"High","CVE-2012-2828, Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read in PDF image resize code","Apr 06, 2013 03:12:25",1365217945,"May 26, 2012 04:52:37",1338007957,"Dec 20, 2012 15:53:24",1356018804,"scarybea...@gmail.com","2012-2828"
129898,"High","CVE-2012-2842, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","c...@chromium.org","Heap-use-after-free in WebCore::CounterNode::lastDescendant","Apr 06, 2013 00:26:23",1365207983,"May 26, 2012 19:18:26",1338059906,"Dec 20, 2012 15:53:24",1356018804,"miaubiz@gmail.com","2012-2842"
129930,"High","CVE-2012-2807, Cr-Internals, M-20, Merge-Merged, OS-Linux, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1132, reward-3000","Beta, Stable",3000,"accept","cev...@chromium.org","Security: libxml2 growBuffer integer overflow on 64-bit machines","Mar 21, 2013 21:04:43",1363899883,"May 27, 2012 10:15:06",1338113706,"Dec 20, 2012 15:53:48",1356018828,"a...@ut.ee","2012-2807"
129936,"High","CVE-2012-3692, ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Heap-use-after-free in WebCore::InlineTextBox::nodeAtPoint","Apr 06, 2013 00:26:20",1365207980,"May 27, 2012 13:20:43",1338124843,"Dec 20, 2012 15:53:24",1356018804,"infe...@chromium.org","2012-3692"
129942,"High","Cr-Blink, Cr-Blink-JavaScript, Cr-Internals, M-21, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Type-Bug-Security, merge-merged-1180, reward-1000","Beta",1000,"accept","c...@chromium.org","UNKNOWN in v8_i18n::IntlNumberFormat::JSInternalFormat","Apr 06, 2013 03:23:38",1365218618,"May 27, 2012 15:58:06",1338134286,"Dec 20, 2012 15:52:55",1356018775,"slaweck",""
129947,"High","CVE-2012-2829, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::RenderObject::setStyle","Apr 06, 2013 00:26:18",1365207978,"May 27, 2012 17:39:50",1338140390,"Dec 20, 2012 15:53:24",1356018804,"miaubiz@gmail.com","2012-2829"
129951,"High","CVE-2012-2830, Cr-Blink, Cr-Blink-JavaScript, Cr-Internals, Cr-Internals-GPU-WebGL, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, ","Beta, Stable",1000,"accept","ulan@chromium.org","UNKNOWN in v8::Function::Call","Apr 06, 2013 03:23:37",1365218617,"May 27, 2012 19:19:18",1338146358,"Dec 20, 2012 15:53:48",1356018828,"miaubiz@gmail.com","2012-2830"
130235,"High","CVE-2012-3648, ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::HTMLElement::adjustDirectionalityIfNeededAfterChildrenChanged","Apr 06, 2013 00:25:53",1365207953,"May 30, 2012 04:06:51",1338350811,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org","2012-3648"
130240,"High","CVE-2012-2806, M-21, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","cev...@chromium.org","Heap-buffer-overflow WRITE in read_markers third_party/libjpeg_turbo/jdmarker","Mar 21, 2013 20:41:29",1363898489,"May 30, 2012 05:41:35",1338356495,"May 30, 2012 22:38:48",1338417528,"attek...@gmail.com","2012-2806"
130251,"Medium","CVE-2012-2850, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read in PDF image resizing","Apr 06, 2013 03:12:23",1365217943,"May 30, 2012 07:44:37",1338363877,"Dec 20, 2012 15:52:27",1356018747,"scarybea...@gmail.com","2012-2850"
130317,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read in PDF with JBIG2 image and bad bits per component","Apr 06, 2013 03:12:22",1365217942,"May 30, 2012 17:27:06",1338398826,"Dec 20, 2012 15:52:27",1356018747,"scarybea...@gmail.com",""
130356,"High","CVE-2012-2831, Cr-Blink, Cr-Blink-SVG, M-20, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug","Beta, Stable",1000,"accept","pdr@chromium.org","Heap-use-after-free in WebCore::SVGDocumentExtensions::removeAllElementReferencesForTarget","Apr 06, 2013 03:43:54",1365219834,"May 30, 2012 19:39:49",1338406789,"Dec 20, 2012 15:52:55",1356018775,"miaubiz@gmail.com","2012-2831"
130369,"High","ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::layoutPositionedObjects","Apr 06, 2013 00:25:36",1365207936,"May 30, 2012 20:38:55",1338410335,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org",""
130592,"Medium","CVE-2012-2850, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read in PDF with colorspace too small for RGB","Apr 06, 2013 03:12:21",1365217941,"May 31, 2012 18:18:49",1338488329,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com","2012-2850"
130595,"High","CVE-2012-2843, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::layoutBlockChildren","Apr 06, 2013 00:25:15",1365207915,"May 31, 2012 18:29:10",1338488950,"Dec 20, 2012 15:53:48",1356018828,"miaubiz@gmail.com","2012-2843"
130603,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read in PDF PS copy function when stack is too small","Apr 06, 2013 03:12:21",1365217941,"May 31, 2012 18:43:40",1338489820,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
130611,"Low","CVE-2012-2850, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","OOB read in PDF trying to loading inline stream images","Apr 06, 2013 03:12:21",1365217941,"May 31, 2012 19:17:07",1338491827,"Dec 20, 2012 15:52:02",1356018722,"scarybea...@gmail.com","2012-2850"
130722,"High","CVE-2012-3621, ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","rn...@chromium.org","Heap-use-after-free in WebCore::InsertParagraphSeparatorCommand::doApply","Apr 06, 2013 00:24:56",1365207896,"Jun 01, 2012 06:59:22",1338533962,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org","2012-3621"
130723,"High","CVE-2012-3677, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","","Use after free after setting -webkit-line-clamp to none","Apr 06, 2013 00:24:55",1365207895,"Jun 01, 2012 07:07:22",1338534442,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org","2012-3677"
130927,"High","CVE-2012-3623, ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","rn...@chromium.org","Heap-use-after-free in WebCore::CompositeEditCommand::breakOutOfEmptyListItem","Apr 06, 2013 00:24:36",1365207876,"Jun 03, 2012 15:59:24",1338739164,"Dec 20, 2012 15:53:48",1356018828,"aa...@google.com","2012-3623"
131068,"Low","CVE-2012-2850, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: off-by-one read in PNG predictor handling","Apr 06, 2013 03:12:18",1365217938,"Jun 04, 2012 20:41:31",1338842491,"Dec 20, 2012 15:52:02",1356018722,"scarybea...@gmail.com","2012-2850"
131087,"High","CVE-2012-3708, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","","UAF due to Document::removePendingSheet re-entering JavaScript during Document cleanup","Apr 06, 2013 00:24:19",1365207859,"Jun 04, 2012 22:13:25",1338848005,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org","2012-3708"
131135,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: wild dereference with huge mask rectangle","Apr 06, 2013 03:12:17",1365217937,"Jun 05, 2012 03:56:15",1338868575,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
131237,"Medium","CVE-2012-2850, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB reads in JBIG2 reference section handling","Apr 06, 2013 03:12:16",1365217936,"Jun 05, 2012 19:11:53",1338923513,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com","2012-2850"
131252,"Medium","CVE-2012-2850, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org"," string","Apr 06, 2013 03:12:15",1365217935,"Jun 05, 2012 20:20:54",1338927654,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com","2012-2850"
131553,"High","CVE-2012-2832, Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: uninitialized pointer deleted in JBIG2 codec","Apr 06, 2013 03:12:14",1365217934,"Jun 07, 2012 07:35:03",1339054503,"Dec 20, 2012 15:53:24",1356018804,"scarybea...@gmail.com","2012-2832"
131557,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: wild read in image stretching","Apr 06, 2013 03:12:14",1365217934,"Jun 07, 2012 08:27:49",1339057669,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
131621,"Medium","CVE-2012-2850, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB read in font handling code for type 3 fonts","Apr 06, 2013 03:12:13",1365217933,"Jun 07, 2012 17:58:45",1339091925,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com","2012-2850"
131662,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: failure to validate pointer index in pattern array","Apr 06, 2013 03:12:13",1365217933,"Jun 07, 2012 20:26:07",1339100767,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
131690,"Medium","CVE-2012-2850, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB read with inline RLE encoding","Apr 06, 2013 03:12:12",1365217932,"Jun 07, 2012 21:45:56",1339105556,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com","2012-2850"
131968,"Medium","ClusterFuzz, Cr-Blink, M-23, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","dmazzoni@chromium.org","Heap-use-after-free in WebCore::AccessibilityTable::isDataTable","Apr 06, 2013 00:23:14",1365207794,"Jun 09, 2012 19:22:39",1339269759,"Dec 03, 2012 18:52:59",1354560779,"infe...@chromium.org",""
132019,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::InlineFlowBox::deleteLine","Apr 06, 2013 00:23:08",1365207788,"Jun 10, 2012 22:10:50",1339366250,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org",""
132156,"High","CVE-2012-2833, Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: stack-based buffer overflow printing a float","Apr 06, 2013 03:12:09",1365217929,"Jun 11, 2012 21:23:24",1339449804,"Dec 20, 2012 15:53:25",1356018805,"scarybea...@gmail.com","2012-2833"
132241,"High","CVE-2012-3702, CVE-2012-3712, ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","jap...@chromium.org","Heap-use-after-free in WebCore::DocumentThreadableLoader::cancel","Apr 06, 2013 00:22:55",1365207775,"Jun 12, 2012 10:58:20",1339498700,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org","2012-3702, 2012-3712"
132585,"High","CVE-2012-2851, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: integer overflow in rasterizing","Apr 06, 2013 03:12:08",1365217928,"Jun 13, 2012 19:37:17",1339616237,"Dec 20, 2012 15:53:25",1356018805,"scarybea...@gmail.com","2012-2851"
132690,"High","CVE-2012-3707, ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-89059","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderSVGModelObject::checkIntersection","Apr 06, 2013 00:22:22",1365207742,"Jun 14, 2012 01:28:55",1339637335,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org","2012-3707"
132694,"High","CVE-2012-2851, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: integer overflows in jp2 decoder","Apr 06, 2013 03:12:07",1365217927,"Jun 14, 2012 02:15:36",1339640136,"Dec 20, 2012 15:53:25",1356018805,"scarybea...@gmail.com","2012-2851"
132779,"High","CVE-2012-2834, Cr-Internals, Cr-Internals-Media-FFmpeg, M-20, Merge-Merged, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1132, merge-merged-ffmp","Beta, Stable",1000,"accept","dalecur...@chromium.org","Security: WebM heap-buffer-overflow in matroskadec.c:matroska_parse_block()","Mar 21, 2013 21:04:29",1363899869,"Jun 14, 2012 17:09:20",1339693760,"Dec 20, 2012 15:53:25",1356018805,"a...@ut.ee","2012-2834"
132806,"Low","Cr-Internals, M-20, Merge-Merged, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1132","Stable",,"","dpolukhin@chromium.org","ChromeContentBrowserClient::AllowSocketAPI using allowed_socket_origins_ without scheme check","Mar 21, 2013 20:51:22",1363899082,"Jun 14, 2012 18:02:11",1339696931,"Jun 19, 2012 12:35:43",1340109343,"tsepez@chromium.org",""
132860,"Medium","CVE-2012-2850, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB reads in image stretching","Apr 06, 2013 03:12:07",1365217927,"Jun 14, 2012 21:02:56",1339707776,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com","2012-2850"
132861,"Medium","CVE-2012-2851, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: more OOB reads with wild clip rects","Apr 06, 2013 03:12:06",1365217926,"Jun 14, 2012 21:04:55",1339707895,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com","2012-2851"
132890,"High","Cr-Blink, Cr-Internals-Media, M-21, M21-bugbash, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, merge-merged-1180","Beta, Stable",,"","r...@google.com","Crash when using Web Audio + media element with no audio or when user navigates","Apr 06, 2013 00:22:06",1365207726,"Jun 14, 2012 22:47:33",1339714053,"Dec 20, 2012 15:53:48",1356018828,"alek...@chromium.org",""
133214,"High","Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-High, Type-Bug-Security, WebKit-ID-89496, merge-merged-1180, reward-1000","Beta",1000,"accept","jchaffraix@chromium.org","UNKNOWN in WebCore::RenderTableSection::addCell","Apr 06, 2013 00:21:34",1365207694,"Jun 17, 2012 12:30:05",1339936205,"Dec 20, 2012 15:52:56",1356018776,"attek...@gmail.com",""
133418,"High","ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::layoutPositionedObjects","Apr 06, 2013 00:21:19",1365207679,"Jun 19, 2012 00:28:33",1340065713,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org",""
133450,"High","CVE-2012-2844, Cr-Blink, Cr-Internals-Plugins-PDF, M-20, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: invalid vtable used in JS engine","Apr 06, 2013 03:12:04",1365217924,"Jun 19, 2012 02:29:09",1340072949,"Dec 20, 2012 15:53:25",1356018805,"scarybea...@gmail.com","2012-2844"
133571,"Medium","Cr-Internals, Cr-Internals-Skia, M-22, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","epo...@chromium.org","Heap-use-after-free in SkARGB32_Black_Blitter::blitAntiH","Mar 21, 2013 21:04:25",1363899865,"Jun 19, 2012 21:37:04",1340141824,"Dec 20, 2012 15:52:56",1356018776,"attek...@gmail.com",""
133892,"High","ClusterFuzz, Cr-Blink, M-22, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","dstockw...@chromium.org","Heap-use-after-free in WebCore::RenderListItem::updateMarkerLocation","Apr 06, 2013 00:20:33",1365207633,"Jun 21, 2012 04:36:02",1340253362,"Dec 20, 2012 15:52:56",1356018776,"infe...@chromium.org",""
134028,"High","CVE-2012-2852, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: use-after-free with badly linked form field tree","Apr 06, 2013 03:12:03",1365217923,"Jun 21, 2012 22:03:29",1340316209,"Dec 20, 2012 15:53:25",1356018805,"scarybea...@gmail.com","2012-2852"
134088,"High","Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","rn...@chromium.org","Use-after-free: LabelsNodeList isn't updated properly after its owner node is adopted into a new document","Apr 06, 2013 00:20:16",1365207616,"Jun 22, 2012 03:00:36",1340334036,"Dec 20, 2012 15:53:48",1356018828,"rn...@chromium.org",""
134101,"Medium","CVE-2012-2853, Cr-Internals, Cr-Platform-Extensions, Cr-Webstore, M-21, Merge-Merged, OS-All, Pri-2, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Secur","Beta, Stable",,"","battre@chromium.org","Security: webRequest API allows extensions to XSS chrome.google.com and gain access to webstorePrivate API","Mar 21, 2013 21:04:24",1363899864,"Jun 22, 2012 07:35:28",1340350528,"Dec 20, 2012 15:52:28",1356018748,"t...@adblockplus.org","2012-2853"
134123,"High","CVE-2012-3622, ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::VisibleSelection::rootEditableElement","Apr 06, 2013 00:20:14",1365207614,"Jun 22, 2012 14:36:39",1340375799,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org","2012-3622"
134305,"High","CVE-2012-3688, ClusterFuzz, Cr-Blink, M-20, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-89911","Beta, Stable",,"","dcheng@chromium.org","Heap-use-after-free in WebCore::RenderObject::absoluteBoundingBoxRect","Apr 06, 2013 00:19:59",1365207599,"Jun 23, 2012 20:42:10",1340484130,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org","2012-3688"
134324,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","leviw@chromium.org","Heap-use-after-free in WebCore::RenderBlock::layoutPositionedObjects","Apr 06, 2013 00:19:56",1365207596,"Jun 24, 2012 01:57:43",1340503063,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org",""
134325,"High","Cr-Blink, Cr-IO-MouseLock, M-22, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000, webkit-id-90391","None",1000,"accept","scheib@chromium.org","Security: Use after free with mouse lock and window.open","Apr 06, 2013 00:19:56",1365207596,"Jun 24, 2012 02:08:16",1340503696,"Jul 05, 2012 16:29:07",1341505747,"chamal.d...@gmail.com",""
134428,"High","ClusterFuzz, Cr-Blink, Cr-Blink-SVG, M-20, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-90","Beta, Stable",,"","pdr@chromium.org","Heap-buffer-overflow in WebCore::SVGDocumentExtensions::removeAnimationElementFromTarget","Apr 06, 2013 03:43:49",1365219829,"Jun 25, 2012 15:47:14",1340639234,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org",""
134519,"Low","CVE-2012-2854, Cr-Internals, M-21, Merge-Merged, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1180","Beta, Stable",,"","xiyuan@chromium.org","Security: memory address disclosure through JavaScript in WebUI's cookies page","Mar 21, 2013 21:04:22",1363899862,"Jun 25, 2012 20:58:12",1340657892,"Dec 20, 2012 15:52:28",1356018748,"nasko@chromium.org","2012-2854"
134888,"High","CVE-2012-2855, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","","Apr 06, 2013 03:12:00",1365217920,"Jun 27, 2012 19:24:29",1340825069,"Dec 20, 2012 15:53:25",1356018805,"scarybea...@gmail.com","2012-2855"
134897,"High","CVE-2012-2866, Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, rew","Beta, Stable",1000,"accept","tkent@chromium.org","Bad cast with run-ins and <input>","Apr 06, 2013 00:19:15",1365207555,"Jun 27, 2012 20:01:56",1340827316,"Dec 20, 2012 15:53:48",1356018828,"miaubiz@gmail.com","2012-2866"
134954,"High","CVE-2012-2856, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: buffer overflow with exponential interpolation PDF function","Apr 06, 2013 03:12:00",1365217920,"Jun 28, 2012 00:38:39",1340843919,"Dec 20, 2012 15:53:25",1356018805,"scarybea...@gmail.com","2012-2856"
134955,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: read-after-free loading font glyphs","Apr 06, 2013 03:11:59",1365217919,"Jun 28, 2012 00:44:11",1340844251,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
135043,"Critical","Cr-Internals, Cr-Internals-WebRTC, M-21, Merge-Merged, OS-All, Pri-0, ReleaseBlock-Beta, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Severity-Critical, Type-Bug-Security, merge-merged-1180, reward-3133","Beta",3133,"accept","xians@chromium.org","Heap-use-after-free in media_stream::","Mar 21, 2013 21:07:51",1363900071,"Jun 28, 2012 19:19:49",1340911189,"Jul 03, 2012 11:39:19",1341315559,"infe...@chromium.org",""
135071,"High","CVE-2012-3616, ClusterFuzz, Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","shinyak@chromium.org","Heap-buffer-overflow in void WTF::Vector<unsigned short, 1024ul>::append<unsigned short>","Apr 06, 2013 00:18:55",1365207535,"Jun 28, 2012 21:36:31",1340919391,"Dec 20, 2012 15:52:56",1356018776,"infe...@chromium.org","2012-3616"
135173,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKi","Beta, Stable",,"","espr...@chromium.org","Heap-use-after-free in WebCore::RenderQuote::rendererRemovedFromTree","Apr 06, 2013 00:18:48",1365207528,"Jun 29, 2012 14:45:28",1340981128,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org",""
135264,"High","CVE-2012-2856, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: out-of-bounds writes in image decoding","Apr 06, 2013 03:11:57",1365217917,"Jun 29, 2012 22:14:30",1341008070,"Dec 20, 2012 15:53:25",1356018805,"scarybea...@gmail.com","2012-2856"
135432,"High","Cr-Internals, Cr-Internals-Skia, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","tomhud...@chromium.org","Heap-buffer-overflow in skia::BGRAConvolve2D","Mar 21, 2013 21:04:17",1363899857,"Jul 02, 2012 14:35:23",1341239723,"Dec 20, 2012 15:53:48",1356018828,"attek...@gmail.com",""
135485,"Low","CVE-2012-2867, Cr-Internals, Cr-Internals-Network-SPDY, M-21, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1180","Beta, Stable",,"","rtenneti@chromium.org","SPDY - Pushed stream - crash accessing https://jetty.intalio.com:10111/spdy","Mar 21, 2013 21:04:16",1363899856,"Jul 02, 2012 19:37:34",1341257854,"Aug 14, 2012 16:28:03",1344961683,"rtenneti@chromium.org","2012-2867"
135488,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB read with mismatched function / colorspace","Apr 06, 2013 03:11:56",1365217916,"Jul 02, 2012 19:43:34",1341258214,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
135697,"High","ClusterFuzz, Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderLayer::repaintBlockSelectionGaps","Apr 06, 2013 00:17:55",1365207475,"Jul 04, 2012 03:06:16",1341371176,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org",""
135698,"High","CVE-2012-3607, ClusterFuzz, Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-90774","Beta, Stable",,"","tkent@chromium.org","Heap-use-after-free in WebCore::HTMLInputElement::isPresentationAttribute","Apr 06, 2013 00:17:54",1365207474,"Jul 04, 2012 03:07:16",1341371236,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org","2012-3607"
136116,"High","CVE-2013-0948, ClusterFuzz, Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderLayer::enclosingFilterLayer","Apr 06, 2013 00:15:30",1365207330,"Jul 05, 2012 19:40:04",1341517204,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org","2013-0948"
136182,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, webki","Beta, Stable",,"","tsepez@chromium.org","Heap-use-after-free in WebCore::ImageLoader::updateRenderer","Apr 06, 2013 00:15:24",1365207324,"Jul 06, 2012 17:26:36",1341595596,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org",""
136235,"High","CVE-2012-2857, Cr-Blink, M-21, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1180, reward-1000","Beta, Stable",1000,"accept","dstockw...@chromium.org","Heap-use-after-free in WebCore::StyleResolver::collectMatchingRulesForList","Apr 06, 2013 00:15:21",1365207321,"Jul 07, 2012 17:16:49",1341681409,"Dec 20, 2012 15:53:48",1356018828,"Ax3...@gmail.com","2012-2857"
136296,"High","ClusterFuzz, Cr-Blink, Cr-Blink-SVG, M-21, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-90","Beta, Stable",,"","pdr@chromium.org","Heap-use-after-free in WebCore::SVGSMILElement::resetTargetElement","Apr 06, 2013 03:43:45",1365219825,"Jul 09, 2012 02:09:12",1341799752,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org",""
136344,"High","ClusterFuzz, Cr-Blink, M-22, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, webkit-id-90805","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::FrameLoader::stopAllLoaders","Apr 06, 2013 00:15:10",1365207310,"Jul 09, 2012 13:41:08",1341841268,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org",""
136497,"Low","Cr-Blink, M-23, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","","Security: XSS via Copy&Paste protection bypass using @formaction / General Iframe Sandbox Considerations regarding copy&paste / drag&drop","Apr 06, 2013 00:14:47",1365207287,"Jul 10, 2012 09:48:46",1341913726,"Aug 09, 2012 20:37:02",1344544622,"Mario.He...@googlemail.com",""
136643,"High","CVE-2012-2862, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: use-after-free in stream image handling","Apr 06, 2013 03:11:54",1365217914,"Jul 11, 2012 01:44:45",1341971085,"Dec 20, 2012 15:53:26",1356018806,"scarybea...@gmail.com","2012-2862"
136881,"Medium","CVE-2012-2868, Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, r","Beta, Stable",500,"accept","micha...@chromium.org","Security: race condition with workers and sync xmlhttprequests","Apr 06, 2013 00:14:20",1365207260,"Jul 11, 2012 19:44:43",1342035883,"Dec 20, 2012 15:52:57",1356018777,"miaubiz@gmail.com","2012-2868"
136894,"High","CVE-2012-2858, Cr-Internals, Cr-Internals-Media-Video, M-21, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1180, reward-1000","Beta, Stable",1000,"accept","","Heap-buffer-overflow in UpsampleBgraLinePairSSE2","Mar 21, 2013 21:04:10",1363899850,"Jul 11, 2012 21:07:21",1342040841,"Dec 20, 2012 15:53:48",1356018828,"a...@ut.ee","2012-2858"
136968,"High","CVE-2012-2863, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: wild write with malformed regex","Apr 06, 2013 03:11:54",1365217914,"Jul 12, 2012 06:37:13",1342075033,"Dec 20, 2012 15:53:26",1356018806,"scarybea...@gmail.com","2012-2863"
137052,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, webki","Beta, Stable",,"","o...@chromium.org","Heap-use-after-free in WebCore::EllipsisBox::paint","Apr 06, 2013 00:14:05",1365207245,"Jul 12, 2012 16:16:07",1342109767,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org",""
137106,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB read in color profile parsing / handling","Apr 06, 2013 03:11:53",1365217913,"Jul 12, 2012 20:01:17",1342123277,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
137125,"High","Cr-Blink, M-22, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","dstockw...@chromium.org","UNKNOWN in WebCore::StylePropertySet::addParsedProperties","Apr 06, 2013 00:14:00",1365207240,"Jul 12, 2012 21:18:25",1342127905,"Jul 18, 2012 15:39:09",1342625949,"slaweck",""
137147,"High","ClusterFuzz, Cr-Blink, Cr-Blink-Rendering, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type","Beta, Stable",,"","jchaffraix@chromium.org","UNKNOWN in WebCore::RenderTable::cellBefore","Apr 06, 2013 03:35:37",1365219337,"Jul 12, 2012 22:36:23",1342132583,"Dec 20, 2012 15:53:48",1356018828,"infe...@chromium.org",""
137280,"Low","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: off-by-one in unicode text decoding","Apr 06, 2013 03:11:52",1365217912,"Jul 13, 2012 20:09:37",1342210177,"Dec 20, 2012 15:52:02",1356018722,"scarybea...@gmail.com",""
137288,"Low","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: wild read in JBIG2 decoder","Apr 06, 2013 03:11:52",1365217912,"Jul 13, 2012 20:34:24",1342211664,"Dec 20, 2012 15:52:02",1356018722,"scarybea...@gmail.com",""
137302,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB stack reads with colorspaces with lots of components","Apr 06, 2013 03:11:51",1365217911,"Jul 13, 2012 21:40:18",1342215618,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
137303,"Medium","Cr-Internals, Cr-Internals-GPU, M-23, OS-Mac, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1271, merge-merged-1312","Beta, Stable",,"","zmo@chromium.org","Corrupted rendering with many MapsGL tabs open","Mar 21, 2013 21:04:07",1363899847,"Jul 13, 2012 21:47:11",1342216031,"Dec 20, 2012 15:52:28",1356018748,"kbr@chromium.org",""
137361,"High","CVE-2012-2863, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: buffer overflow with mismatched TIFF predictor vs. image parameters","Apr 06, 2013 03:11:51",1365217911,"Jul 14, 2012 03:13:00",1342235580,"Dec 20, 2012 15:53:26",1356018806,"scarybea...@gmail.com","2012-2863"
137407,"Low","Cr-UI, OS-iOS, Pri-2, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Security: Chrome for iOS security bug","Mar 21, 2013 20:51:01",1363899061,"Jul 15, 2012 01:05:15",1342314315,"Sep 21, 2012 02:13:19",1348193599,"weilou.h...@gmail.com",""
137409,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKi","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderObject::container","Apr 06, 2013 00:13:34",1365207214,"Jul 15, 2012 01:34:55",1342316095,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
137413,"Medium","ClusterFuzz, Cr-Blink, Cr-Blink-Rendering, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Ty","Beta, Stable",,"","jchaffraix@chromium.org","Heap-buffer-overflow in WebCore::RenderTableSection::setCellLogicalWidths","Apr 06, 2013 03:35:36",1365219336,"Jul 15, 2012 05:11:05",1342329065,"Dec 20, 2012 15:52:57",1356018777,"infe...@chromium.org",""
137532,"Medium","Cr-UI, Cr-UI-Accessibility, M-18, OS-Android, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","dtrainor@chromium.org","Security: Android APIs exposed to JavaScript","Mar 21, 2013 21:04:05",1363899845,"Jul 16, 2012 17:58:26",1342461506,"Aug 01, 2012 04:15:30",1343794530,"pal...@google.com",""
137541,"Critical","CVE-2012-2859, Cr-Internals, Cr-UI-Browser-TabContents, M-21, OS-Linux, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Critical, Stability-Crash, Type-Bug-Security, merge-merged-1180","Stable",,"","c...@chromium.org","Reproduceable crash. Changing tabs while a specific text field has focus.","Mar 21, 2013 21:07:50",1363900070,"Jul 16, 2012 19:02:35",1342465355,"Dec 20, 2012 15:53:49",1356018829,"jwrobe...@google.com","2012-2859"
137547,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB read in JS parsing with malformed string escapes","Apr 06, 2013 03:11:51",1365217911,"Jul 16, 2012 19:43:23",1342467803,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
137556,"Low","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB read rendering scrollbar","Apr 06, 2013 03:11:50",1365217910,"Jul 16, 2012 20:32:45",1342470765,"Dec 20, 2012 15:52:02",1356018722,"scarybea...@gmail.com",""
137606,"Low","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB read with corrupt large xref table","Apr 06, 2013 03:11:50",1365217910,"Jul 16, 2012 23:40:08",1342482008,"Dec 20, 2012 15:52:02",1356018722,"scarybea...@gmail.com",""
137623,"Medium","ClusterFuzz, Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, mer","Beta, Stable",,"","piman@chromium.org","Heap-buffer-overflow in WebPluginDelegateProxy::BackgroundChanged","Apr 06, 2013 00:13:14",1365207194,"Jul 17, 2012 04:10:14",1342498214,"Dec 20, 2012 15:52:57",1356018777,"infe...@chromium.org",""
137635,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: wild reads with corrupt character mapping","Apr 06, 2013 03:11:50",1365217910,"Jul 17, 2012 05:48:16",1342504096,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
137671,"Medium","CVE-2012-2860, Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, W","Beta, Stable",,"","tkent@chromium.org","Security: Bad cast in WebCore::CalendarPickerElement::hostInput()","Apr 06, 2013 00:13:10",1365207190,"Jul 17, 2012 14:27:43",1342535263,"Dec 20, 2012 15:52:28",1356018748,"chamal.d...@gmail.com","2012-2860"
137707,"Medium","Cr-Platform-Extensions, Cr-UI, M-22, Merge-Merged, OS-All, Pri-0, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1229, reward-500","Beta, Stable",500,"accept","mpcomplete@chromium.org","Security: Chrome extensions bug cause crash in all Chrome processes","Mar 21, 2013 21:04:03",1363899843,"Jul 17, 2012 19:13:43",1342552423,"Dec 20, 2012 15:52:28",1356018748,"nmo...@nds.com",""
137721,"High","CVE-2012-2862, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: use-after-free with unusual form naming setup","Apr 06, 2013 03:11:49",1365217909,"Jul 17, 2012 21:05:58",1342559158,"Dec 20, 2012 15:53:26",1356018806,"scarybea...@gmail.com","2012-2862"
137852,"High","ClusterFuzz, Cr-Blink, Cr-Internals-Plugins, Cr-Internals-Plugins-Flash, Cr-Internals-Plugins-Pepper, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Secu","Beta, Stable",,"","tsepez@chromium.org","Heap-use-after-free in WebKit::WebElement::document","Apr 06, 2013 04:35:58",1365222958,"Jul 18, 2012 14:50:55",1342623055,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
137880,"Low","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB read in FreeType","Apr 06, 2013 03:11:48",1365217908,"Jul 18, 2012 17:52:02",1342633922,"Dec 20, 2012 15:52:02",1356018722,"scarybea...@gmail.com",""
137891,"Low","Cr-Internals, Cr-Internals-Network, Cr-Internals-Network-Proxy, Cr-Internals-Network-SPDY, M-22, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","ttuttle@chromium.org","Security: HTTPS proxy can run JavaScript on requested HTTPS sites","Mar 21, 2013 21:04:01",1363899841,"Jul 18, 2012 19:04:17",1342638257,"Dec 20, 2012 15:52:28",1356018748,"ttuttle@chromium.org",""
137928,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB reads in the JPX decoder","Apr 06, 2013 03:11:47",1365217907,"Jul 18, 2012 21:17:51",1342646271,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
137957,"High","CVE-2012-2862, Cr-Blink, Cr-Internals-Plugins-PDF, M-21, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: use-after-free in event handling due to bad GC interaction","Apr 06, 2013 03:11:47",1365217907,"Jul 18, 2012 23:27:19",1342654039,"Dec 20, 2012 15:53:26",1356018806,"scarybea...@gmail.com","2012-2862"
138035,"Medium","Cr-Internals, M-18, OS-Android, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","shashish...@chromium.org","Security: Google Chrome for Android: Current-tab cross-application scripting (UXSS)","Mar 21, 2013 21:04:00",1363899840,"Jul 19, 2012 08:47:18",1342687638,"Dec 20, 2012 15:52:57",1356018777,"chaykin....@gmail.com",""
138208,"High","CVE-2012-2900, Cr-Internals, Cr-Internals-Skia, M-22, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Secur","Beta, Stable",1000,"accept","r...@google.com","Crash in SkGlyphCache::findImage","Apr 01, 2013 15:34:42",1364830482,"Jul 20, 2012 07:22:14",1342768934,"Dec 20, 2012 15:52:57",1356018777,"attek...@gmail.com","2012-2900"
138210,"Medium","Cr-Internals, M-18, OS-Android, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","shashish...@chromium.org","Information and credential disclosure by file:// URLs (Android)","Mar 21, 2013 21:03:59",1363899839,"Jul 20, 2012 07:41:17",1342770077,"Aug 04, 2012 00:46:40",1344041200,"chaykin....@gmail.com",""
138302,"High","ClusterFuzz, Cr-Blink, M-22, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","wez@chromium.org","Stack-buffer-overflow in NPObjectProxy::NPInvokePrivate","Apr 06, 2013 00:12:09",1365207129,"Jul 20, 2012 19:58:04",1342814284,"Aug 06, 2012 20:35:02",1344285302,"infe...@chromium.org",""
138422,"High","ClusterFuzz, Cr-Blink, M-24, OS-All, Pri-1, Security-CodeYellow, Security_Impact-None, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-93640","Stable",,"","schen...@chromium.org","Heap-use-after-free in WebCore::Font::glyphDataAndPageForCharacter","Apr 06, 2013 00:11:37",1365207097,"Jul 21, 2012 23:20:34",1342912834,"Oct 03, 2012 23:08:04",1349305684,"infe...@chromium.org",""
138672,"Low","CVE-2012-2870, Cr-Internals, M-21, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Stability-Memory-AddressSanitizer, Stability-Valgrind,","Beta, Stable",,"","cev...@chromium.org","Heap-double-free in xsltCompileStepPattern","Apr 01, 2013 15:48:43",1364831323,"Jul 24, 2012 03:00:41",1343098841,"Dec 20, 2012 15:52:02",1356018722,"nicolas....@agarri.fr","2012-2870"
138673,"High","CVE-2012-2871, Cr-Internals, M-21, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Stability-Valgrind, Type-Bug-Sec","Beta, Stable",1000,"accept","cev...@chromium.org","Heap-buffer-overflow in xsltApplyTemplates","Apr 01, 2013 15:48:43",1364831323,"Jul 24, 2012 03:55:29",1343102129,"Dec 20, 2012 15:53:49",1356018829,"nicolas....@agarri.fr","2012-2871"
138915,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::ContainerNode::cloneChildNodes","Apr 06, 2013 00:11:04",1365207064,"Jul 25, 2012 07:07:20",1343200040,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
138990,"High","ClusterFuzz, Cr-Blink, Cr-Blink-SVG, M-22, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKi","Beta, Stable",,"","schen...@chromium.org","Heap-use-after-free in WebCore::SVGStyledElement::clearHasPendingResourcesIfPossible","Apr 06, 2013 03:43:39",1365219819,"Jul 25, 2012 18:11:27",1343239887,"Dec 20, 2012 15:53:49",1356018829,"aa...@google.com",""
139168,"Low","Cr-Blink, M-22, Merge-Merged, OS-All, Pri-2, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","","Security: Creating a loop in the DOM tree (99% a DoS)","Apr 06, 2013 00:10:46",1365207046,"Jul 26, 2012 18:36:46",1343327806,"Dec 20, 2012 15:52:28",1356018748,"paw...@gmail.com",""
139240,"High","ClusterFuzz, Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ann...@chromium.org","Heap-buffer-overflow in WebCore::TextTrackCueList::add","Apr 06, 2013 00:10:40",1365207040,"Jul 26, 2012 23:48:55",1343346535,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
139402,"High","ClusterFuzz, Cr-Blink, Cr-Internals-Skia, M-21, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","r...@chromium.org","Heap-use-after-free in D_Clear_BitmapXferProc","Apr 06, 2013 00:10:28",1365207028,"Jul 27, 2012 21:24:53",1343424293,"Aug 01, 2012 22:07:03",1343858823,"infe...@chromium.org",""
139462,"Medium","ClusterFuzz, Cr-Internals, Cr-Internals-Skia, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer,","Beta, Stable",,"","jam@chromium.org","Heap-use-after-free in SkCanvas::updateDeviceCMCache","Apr 01, 2013 15:34:34",1364830474,"Jul 28, 2012 02:08:39",1343441319,"Dec 20, 2012 15:52:57",1356018777,"infe...@chromium.org",""
139464,"High","ClusterFuzz, Cr-Blink, M-22, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, webkit-ID-92604","Beta, Stable",,"","pdr@chromium.org","Heap-use-after-free in WebCore::RenderSVGShape::calculateStrokeBoundingBox","Apr 06, 2013 00:10:21",1365207021,"Jul 28, 2012 03:12:29",1343445149,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
139475,"High","ClusterFuzz, Cr-Blink, Cr-Blink-SVG, M-22, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKi","Beta, Stable",,"","fmal...@chromium.org","Heap-use-after-free in WebCore::TargetListener::handleEvent [Stale event listener]","Apr 06, 2013 03:43:37",1365219817,"Jul 28, 2012 05:29:09",1343453349,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
139530,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","morr...@chromium.org","Heap-use-after-free in WebCore::Node::~Node","Apr 06, 2013 00:10:02",1365207002,"Jul 29, 2012 13:28:43",1343568523,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
139592,"Low","Cr-Internals, Cr-Platform-Extensions, M-26, OS-All, Pri-2, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","mkwst@chromium.org","Extension resources should only be loadable in contexts the extension has permission to access.","Apr 03, 2013 16:57:22",1365008242,"Jul 30, 2012 12:23:40",1343651020,"",0,"mkwst@chromium.org",""
139646,"High","ClusterFuzz, Cr-Blink, M-21, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","rn...@chromium.org","Heap-use-after-free in WebCore::DynamicNodeList::itemWithName","Apr 06, 2013 00:09:44",1365206984,"Jul 30, 2012 18:15:33",1343672133,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
139679,"High","ClusterFuzz, Cr-Blink, M-22, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Bad cast in RenderFrameSet::computeEdgeInfo","Apr 06, 2013 00:09:40",1365206980,"Jul 30, 2012 20:00:52",1343678452,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
139685,"Medium","ClusterFuzz, Cr-Blink, Cr-Blink-SVG, M-22, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","pdr@chromium.org","OOB read atleast in WebCore::SVGListProperty<WebCore::SVGTransformList>::getItemValuesAndWrappers","Apr 06, 2013 03:43:33",1365219813,"Jul 30, 2012 20:14:18",1343679258,"Dec 20, 2012 15:52:57",1356018777,"infe...@chromium.org",""
139690,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","shinyak@chromium.org","Heap-use-after-free in WebCore::GenericEventQueue::timerFired","Apr 06, 2013 00:09:38",1365206978,"Jul 30, 2012 20:28:54",1343680134,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
139744,"Medium","Cr-Internals, Cr-Internals-Network-SSL, M-21, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1180, merge-merged-122","Beta, Stable",,"","a...@chromium.org","Security: SSL compression infoleak","Mar 21, 2013 21:03:50",1363899830,"Jul 31, 2012 02:05:19",1343700319,"Dec 20, 2012 15:52:57",1356018777,"tha...@gmail.com",""
139814,"High","Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-2000","Beta, Stable",2000,"accept","tsepez@chromium.org","UAF in DOMContentLoaded ","Apr 06, 2013 00:09:30",1365206970,"Jul 31, 2012 16:24:27",1343751867,"Dec 20, 2012 15:53:49",1356018829,"chamal.d...@gmail.com",""
139961,"High","ClusterFuzz, Cr-Blink, Cr-Blink-SVG, M-22, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKi","Beta, Stable",,"","fmal...@chromium.org","Heap-use-after-free in WebCore::TargetListener::handleEvent [Stale target]","Apr 06, 2013 03:43:32",1365219812,"Aug 01, 2012 05:38:20",1343799500,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
140083,"High","M-22, Pri-0, Security_Impact-Beta, Security_Severity-High, Type-Bug-Security, reward-1000","Beta",1000,"accept","svenpanne@chromium.org","[LangFuzz] Crash on heap trying to execute address 0x0000000200000000.","Mar 21, 2013 21:03:49",1363899829,"Aug 01, 2012 19:50:12",1343850612,"Aug 03, 2012 11:38:48",1343993928,"decoder...@googlemail.com",""
140368,"Low","CVE-2012-2870, M-21, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1180","Beta, Stable",,"","cev...@chromium.org","Security: heap-use-after-free in xsltGenerateIdFunction","Mar 21, 2013 21:03:48",1363899828,"Aug 02, 2012 22:34:54",1343946894,"Dec 20, 2012 15:52:02",1356018722,"nicolas....@agarri.fr","2012-2870"
140484,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::determineStartPosition","Apr 06, 2013 00:08:13",1365206893,"Aug 03, 2012 15:28:03",1344007683,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
140544,"Low","Cr-Blink, OS-All, Pri-2, Restrict-AddIssueComment-Commit, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","tsepez@chromium.org","Security: CSP doesn't turn off eval, etc. in Web Workers","Apr 06, 2013 00:08:05",1365206885,"Aug 03, 2012 20:07:05",1344024425,"Aug 31, 2012 23:37:03",1346456223,"mazu...@cs.wisc.edu",""
140647,"High","ClusterFuzz, Cr-Blink, M-22, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","dalecur...@chromium.org","UNKNOWN in ogg_calc_pts","Apr 06, 2013 00:07:54",1365206874,"Aug 04, 2012 15:18:33",1344093513,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
140656,"High","Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Security-CodeYellow, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta",1000,"accept","jap...@chromium.org","Heap-use-after-free in WebCore::CachedResource::didAddClient","Apr 06, 2013 00:07:53",1365206873,"Aug 04, 2012 19:06:26",1344107186,"Dec 20, 2012 15:53:49",1356018829,"Ax3...@gmail.com",""
140803,"High","Cr-Internals, Cr-Internals-Skia, M-22, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","r...@chromium.org","Heap-buffer-overflow in SkA8_Blitter::blitH","Apr 01, 2013 15:34:18",1364830458,"Aug 06, 2012 16:23:53",1344270233,"Dec 20, 2012 15:53:49",1356018829,"attek...@gmail.com",""
141395,"High","Cr-Internals, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","mma...@chromium.org","UNKNOWN in v8::internal::SemiSpaceIterator::Next","Mar 21, 2013 20:40:37",1363898437,"Aug 08, 2012 17:01:47",1344445307,"Dec 20, 2012 15:53:49",1356018829,"decoder...@googlemail.com",""
141651,"Medium","Cr-Internals, Cr-Internals-Skia, M-22, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","epo...@chromium.org","Heap-buffer-overflow in SkA8_Blitter::blitAntiH","Apr 01, 2013 15:34:16",1364830456,"Aug 09, 2012 16:23:19",1344529399,"Dec 20, 2012 15:52:57",1356018777,"attek...@gmail.com",""
141889,"Medium","Cr-Internals, M-18, OS-Android, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","nileshagrawal@chromium.org","Security: Cookie theft from Chrome by malicious Android app","Mar 21, 2013 21:03:45",1363899825,"Aug 10, 2012 17:24:13",1344619453,"Dec 20, 2012 15:52:57",1356018777,"pal...@google.com",""
142746,"High","Cr-Internals, Cr-Internals-Skia, M-21, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","","Security: Potential use after destruction in ui/gfx/image","Mar 21, 2013 21:03:43",1363899823,"Aug 14, 2012 22:14:31",1344982471,"Dec 20, 2012 15:53:49",1356018829,"jyasskin@chromium.org",""
142956,"Medium","CVE-2012-2872, Cr-UI, M-21, Merge-Merged, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1180, merge-merged-1229, r","Beta, Stable",500,"inprocess","pal...@chromium.org","Security: XSS in SSL Certificate error page","Mar 21, 2013 21:03:43",1363899823,"Aug 15, 2012 21:13:32",1345065212,"Dec 20, 2012 15:52:58",1356018778,"e3amn2l","2012-2872"
143176,"Medium","ClusterFuzz, Cr-Blink, M-23, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","dmazzoni@chromium.org","Heap-use-after-free in WebCore::AccessibilityNodeObject::document","Apr 06, 2013 00:04:19",1365206659,"Aug 16, 2012 16:33:08",1345134788,"Dec 03, 2012 18:48:47",1354560527,"infe...@chromium.org",""
143437,"High","Cr-Blink, Cr-Blink-JavaScript, Cr-Internals, M-22, Merge-Merged, OS-All, Pri-1, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-4500","Beta, Stable",4500,"accept","erikcorry@google.com","v8 builtins object exposed to user causing UXSS","Apr 06, 2013 03:22:57",1365218577,"Aug 17, 2012 18:04:30",1345226670,"Dec 20, 2012 15:53:49",1356018829,"serg.gla...@gmail.com",""
143439,"High","Cr-Internals, M-22, Merge-Merged, OS-All, Pri-1, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-10000","Beta, Stable",10000,"accept","abarth@chromium.org","Security: Universal XSS in frame elements handling","Mar 21, 2013 21:03:41",1363899821,"Aug 17, 2012 18:13:27",1345227207,"Dec 20, 2012 15:53:49",1356018829,"serg.gla...@gmail.com",""
143551,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","morr...@chromium.org","Heap-use-after-free in WebCore::TreeScopeAdopter::moveTreeToNewScope","Apr 06, 2013 00:03:55",1365206635,"Aug 18, 2012 07:20:40",1345274440,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
143604,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","fmal...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::LineBreaker::nextLineBreak [SVG text]","Apr 06, 2013 00:03:40",1365206620,"Aug 19, 2012 05:09:11",1345352951,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
143609,"High","Cr-Blink, Cr-Blink-JavaScript, M-22, Merge-Merged, OS-All, Pri-1, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","ant...@chromium.org","Heap-use-after-free in WebCore::ElementV8Internal::onclickAttrGetter","Apr 06, 2013 03:22:56",1365218576,"Aug 19, 2012 07:33:38",1345361618,"Dec 20, 2012 15:53:49",1356018829,"attek...@gmail.com",""
143648,"High","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1271","Beta, Stable",,"","pdr@chromium.org","Heap-buffer-overflow in WebCore::StyleResolver::applyProperty","Apr 06, 2013 00:03:35",1365206615,"Aug 20, 2012 00:40:34",1345423234,"Dec 20, 2012 15:52:58",1356018778,"infe...@chromium.org",""
143656,"High","Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WEBKIT-ID-94487, reward-1000","Beta, Stable",1000,"accept","fmal...@chromium.org","Heap-use-after-free in WebCore::SVGTRefElement::updateReferencedText","Apr 06, 2013 00:03:29",1365206609,"Aug 20, 2012 08:04:10",1345449850,"Dec 20, 2012 15:53:49",1356018829,"miaubiz@gmail.com",""
143761,"High","Cr-Blink, Cr-Blink-SVG, M-23, Merge-Merged, OS-All, Pri-1, Security-CodeYellow, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","schen...@chromium.org","Heap-use-after-free in WebCore::GraphicsContext::restore","Apr 06, 2013 03:43:25",1365219805,"Aug 20, 2012 19:26:48",1345490808,"Dec 20, 2012 15:52:58",1356018778,"miaubiz@gmail.com",""
143798,"High","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: use-after-free with duplicate dictionary keys","Apr 06, 2013 03:11:37",1365217897,"Aug 20, 2012 21:17:58",1345497478,"Dec 20, 2012 15:53:26",1356018806,"scarybea...@gmail.com",""
143859,"Low","CVE-2013-0838, Cr-Internals, M-24, OS-Chrome, OS-Linux, Pri-1, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, VerifyIn-26, VerifyIn-27","Beta, Stable",,"","pal...@chromium.org","Security: World-writable shared memory segments for X/Linux UI","Apr 02, 2013 16:56:13",1364921773,"Aug 21, 2012 02:03:33",1345514613,"Dec 20, 2012 15:52:03",1356018723,"pal...@google.com","2013-0838"
144051,"Low","Cr-Internals, Cr-Internals-Printing, M-22, OS-All, Pri-2, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1229","Beta, Stable",,"","thestig@chromium.org","Security: Memory address disclosure through JavaScript in Print Preview WebUI","Mar 21, 2013 21:03:38",1363899818,"Aug 21, 2012 23:25:43",1345591543,"Dec 20, 2012 15:52:28",1356018748,"thestig@chromium.org",""
144072,"High","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: use-after-free in image cache","Apr 06, 2013 03:11:36",1365217896,"Aug 22, 2012 01:13:20",1345598000,"Dec 20, 2012 15:53:26",1356018806,"scarybea...@gmail.com",""
144466,"Low","Cr-Internals, Cr-Internals-Network-SSL, M-22, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Low, Stability-Crash, Type-Bug-Security, merge-merged-1229","Stable",,"","a...@chromium.org","Crash when verifying ECDSA certificate on XP","Mar 21, 2013 20:50:30",1363899030,"Aug 23, 2012 19:46:03",1345751163,"Aug 27, 2012 16:16:52",1346084212,"a...@chromium.org",""
144579,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB reads in indexed and patter color spaces","Apr 06, 2013 03:11:34",1365217894,"Aug 24, 2012 04:27:08",1345782428,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
144671,"High","Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","jia...@chromium.org","Heap-use-after-free in WebCore::GCPrologueVisitor<void, WebCore::SpecialCasePrologueObjectHandler>::visitDOMWrapper","Apr 06, 2013 00:02:16",1365206536,"Aug 24, 2012 17:34:25",1345829665,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
144704,"","Cr-Blink, Cr-UI, Cr-UI-Browser-PopupBlocker, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Type-Bug-Security, merge-merged-1229","Beta, Stable",,"","c...@chromium.org","Tracking bug for fixing rel=noreferrer aslr bypass","Apr 06, 2013 00:02:12",1365206532,"Aug 24, 2012 19:18:29",1345835909,"Dec 20, 2012 15:52:03",1356018723,"c...@chromium.org",""
144799,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1229","Beta, Stable",,"","cev...@chromium.org","Heap-double-free in xmlFreeNodeList","Apr 06, 2013 00:02:06",1365206526,"Aug 25, 2012 06:38:29",1345876709,"Dec 20, 2012 15:53:49",1356018829,"aa...@google.com",""
144813,"Medium","Cr-Internals, M-18, OS-Android, Pri-1, ReleaseBlock-Stable, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","nileshagrawal@chromium.org","Security: UXSS via com.android.browser.application_id Intent extra","Mar 21, 2013 21:03:36",1363899816,"Aug 25, 2012 14:44:57",1345905897,"Sep 06, 2012 17:01:06",1346950866,"websec02...@gmail.com",""
144820,"","Pri-0, Restrict-AddIssueComment-Commit, Type-Bug-Security, reward-500","None",500,"accept","pal...@chromium.org","Security: Chrome for Android Download Function Information Disclosure","Mar 21, 2013 19:19:58",1363893598,"Aug 25, 2012 15:58:15",1345910295,"Aug 27, 2012 16:14:46",1346084086,"websec02...@gmail.com",""
144866,"Medium","Cr-Internals, M-18, OS-Android, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Stable",500,"accept","pal...@chromium.org","Security: Chrome for Android Bypassing SOP for Local Files By Symlinks","Mar 21, 2013 20:59:15",1363899555,"Aug 26, 2012 05:22:39",1345958559,"Dec 20, 2012 15:52:58",1356018778,"websec02...@gmail.com",""
144886,"","Cr-Internals, Cr-Internals-GPU-WebGL, Gfx, M-23, Pri-0, Type-Bug-Security, merge-merged-1271, reward-3133","None",3133,"accept","kbr@chromium.org","Security: webgl crash on mesa","Mar 21, 2013 19:14:23",1363893263,"Aug 26, 2012 18:19:56",1346005196,"Dec 20, 2012 15:52:03",1356018723,"miaubiz@gmail.com",""
144899,"High","Cr-Internals, Cr-Internals-Skia, M-22, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, WebKit-ID-95240-NEW, reward-1000, webkit-id-95152","Beta, Stable",1000,"accept","danakj@chromium.org","SkPaint::SkPaint - crash","Mar 21, 2013 21:03:35",1363899815,"Aug 26, 2012 23:22:57",1346023377,"Dec 20, 2012 15:53:49",1356018829,"slaweck",""
145029,"High","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: integer / buffer overflow in old stream parsing","Apr 06, 2013 03:11:30",1365217890,"Aug 27, 2012 19:27:34",1346095654,"Dec 20, 2012 15:53:26",1356018806,"scarybea...@gmail.com",""
145079,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: read-after-free in font code","Apr 06, 2013 03:11:29",1365217889,"Aug 27, 2012 21:18:38",1346102318,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
145121,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB reads with crazy clip rects again","Apr 06, 2013 03:11:29",1365217889,"Aug 27, 2012 23:56:50",1346111810,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
145157,"High","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: stack corruption with crazy number of color components","Apr 06, 2013 03:11:28",1365217888,"Aug 28, 2012 02:09:06",1346119746,"Dec 20, 2012 15:53:26",1356018806,"scarybea...@gmail.com",""
145163,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB read in image stretching","Apr 06, 2013 03:11:28",1365217888,"Aug 28, 2012 03:51:01",1346125861,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
145363,"Medium","CVE-2013-0837, Cr-Internals, Cr-Platform-Extensions, M-24, OS-All, Pri-2, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","jia...@chromium.org","Security: Chrome extension DEP crash","Mar 21, 2013 21:03:34",1363899814,"Aug 28, 2012 22:24:50",1346192690,"Dec 20, 2012 15:52:28",1356018748,"tsepez@chromium.org","2013-0837"
145492,"Medium","Cr-Blink, M-23, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","apav...@chromium.org","Web Inspector: Page with @import and :last-child in an edited stylesheet will crash (UAF)","Apr 06, 2013 00:00:42",1365206442,"Aug 29, 2012 16:11:25",1346256685,"Dec 20, 2012 15:52:28",1356018748,"infe...@chromium.org",""
145530,"Medium","Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","leviw@chromium.org","Mitigation: Kill OOB reads(or few writes) by preventing access to harmful locals in dirty text lineboxes","Apr 06, 2013 00:00:36",1365206436,"Aug 29, 2012 18:16:23",1346264183,"Dec 20, 2012 15:52:58",1356018778,"aa...@google.com",""
145544,"High","Cr-Blink, Cr-Internals-GPU-WebGL, M-22, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1229, reward-1000","Beta, Stable",1000,"accept","g...@chromium.org","Security: integer overflow in gpu process with webgl","Apr 06, 2013 00:00:36",1365206436,"Aug 29, 2012 19:29:40",1346268580,"Dec 20, 2012 15:52:58",1356018778,"miaubiz@gmail.com",""
145915,"Low","Cr-Blink, M-23, Merge-Merged, Pri-2, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","abarth@chromium.org","Security/Privacy: <img>-embedded SVG will load external content referenced by CSS @import @font-face","Apr 06, 2013 00:00:11",1365206411,"Aug 31, 2012 09:47:00",1346406420,"Dec 20, 2012 15:52:03",1356018723,"groeb...@google.com",""
146208,"Medium","ClusterFuzz, Cr-Blink, M-25, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","","Heap-buffer-overflow in WebCore::RenderTableSection::nodeAtPoint","Apr 05, 2013 23:59:49",1365206389,"Sep 03, 2012 00:39:49",1346632789,"Dec 20, 2012 15:52:28",1356018748,"infe...@chromium.org",""
146254,"","Cr-Blink, Cr-Blink-Fonts, Cr-Internals, M-22, OS-Windows, Pri-0, Restrict-AddIssueComment-EditIssueCc, Security_Severity-None, Type-Bug-Security, merge-merged-1229, reward-5000","None",5000,"accept","ba...@chromium.org","Security: Windows blue screen and arbitrary code execution with corrupted font file","Apr 06, 2013 04:48:34",1365223714,"Sep 03, 2012 13:08:16",1346677696,"Dec 20, 2012 15:52:03",1356018723,"eetu.luo...@gmail.com",""
146460,"High","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org"," an image that goes through a transfer function","Apr 06, 2013 03:11:25",1365217885,"Sep 05, 2012 01:07:04",1346807224,"Dec 20, 2012 15:53:26",1356018806,"scarybea...@gmail.com",""
146462,"Medium","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, Merge-Merged, OS-All, Pri-0, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: OOB read in CID charcode mapping","Apr 06, 2013 03:11:24",1365217884,"Sep 05, 2012 01:11:09",1346807469,"Dec 20, 2012 15:52:28",1356018748,"scarybea...@gmail.com",""
146760,"Medium","CVE-2012-2898, Cr-UI, M-21, OS-iOS, Pri-1, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-500","Stable",500,"accept","qsr@chromium.org","Security: URL bar spoofing with SSL error messages (Chrome on iOS)","Mar 21, 2013 20:59:11",1363899551,"Sep 06, 2012 13:34:58",1346938498,"Sep 07, 2012 08:28:41",1347006521,"lpil...@gmail.com","2012-2898"
146882,"High","ClusterFuzz, Cr-Blink, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","","Heap-use-after-free in WebCore::InlineBox::adjustPosition","Apr 05, 2013 23:58:46",1365206326,"Sep 06, 2012 20:06:45",1346962005,"Dec 20, 2012 15:52:58",1356018778,"infe...@chromium.org",""
147290,"High","Cr-Blink, Cr-Blink-Forms, M-23, OS-All, Pri-1, ReleaseBlock-Stable, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-96232, reward-1000","None",1000,"accept","yosin@chromium.org","Heap-use-after-free in WebCore::DateTimeEditElement::setEmptyValue","Apr 06, 2013 04:44:06",1365223446,"Sep 07, 2012 17:41:55",1347039715,"Sep 11, 2012 05:31:00",1347341460,"miaubiz@gmail.com",""
147402,"High","Cr-Blink, Cr-Internals-Plugins-PDF, M-22, Merge-Merged, OS-All, Pri-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: use-after-free in font dictionary handling","Apr 06, 2013 03:11:20",1365217880,"Sep 08, 2012 01:15:29",1347066929,"Dec 20, 2012 15:53:26",1356018806,"scarybea...@gmail.com",""
147435,"High","ClusterFuzz, Cr-Blink, M-25, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","","Heap-use-after-free in WebCore::InlineBox::root","Apr 05, 2013 23:58:16",1365206296,"Sep 08, 2012 17:40:49",1347126049,"Dec 20, 2012 15:53:26",1356018806,"infe...@chromium.org",""
147475,"High","ClusterFuzz, Cr-Blink, Cr-Blink-JavaScript, Cr-Internals, M-22, Merge-Merged, OS-All, Pri-1, Restrict-AddIssueComment-EditIssue, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-S","Beta, Stable",,"","mstarzinger@chromium.org","UNKNOWN in v8::internal::Deoptimizer::DoComputeOutputFrames","Apr 06, 2013 03:22:42",1365218562,"Sep 09, 2012 15:18:26",1347203906,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
147499,"Critical","CVE-2012-5108, Cr-Internals, Cr-Internals-Media-Audio, M-22, OS-All, Pri-1, ReleaseBlock-Stable, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security, merge-merged-1229, merge-merged-1271, reward-3133","Beta, Stable",3133,"accept","scherkus@chromium.org","Heap-use-after-free in media::AudioOutputDevice::AudioThreadCallback::Process","Mar 21, 2013 21:07:49",1363900069,"Sep 09, 2012 21:14:18",1347225258,"Dec 20, 2012 15:53:49",1356018829,"attek...@gmail.com","2012-5108"
147592,"High","Cr-Blink, Cr-Internals-Core, M-22, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-CodeYellow, Stability-Crash, Type-Bug-Security","Beta, Stable",,"","tzik@chromium.org","Chrome_ChromeOS: Crash Report -         Stack Signature: WebKit::WebWorkerClientImpl::openFileSystem...  ","Apr 05, 2013 23:58:06",1365206286,"Sep 10, 2012 17:03:16",1347296596,"Dec 20, 2012 15:52:58",1356018778,"zelidrag@chromium.org",""
147625,"High","CVE-2012-2899, Cr-Internals, M-21, OS-iOS, Pri-1, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-500","Stable",500,"accept","qsr@chromium.org","Security: UXSS/SOP bypass with document.write (Chrome on iOS)","Mar 21, 2013 20:50:18",1363899018,"Sep 10, 2012 18:38:28",1347302308,"Sep 11, 2012 13:26:18",1347369978,"lpil...@gmail.com","2012-2899"
147700,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","jere...@chromium.org","Heap-use-after-free in WebCore::Document::fullScreenChangeDelayTimerFired","Apr 05, 2013 23:57:57",1365206277,"Sep 11, 2012 00:08:13",1347322093,"Dec 20, 2012 15:53:49",1356018829,"infe...@chromium.org",""
148376,"High","Cr-Blink, Cr-Blink-JavaScript, M-23, Pri-1, Security_Impact-None, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","verwa...@chromium.org","[LangFuzz] Crash at v8::internal::MarkCompactCollector::EvacuateNewSpace with invalid read","Apr 06, 2013 03:22:39",1365218559,"Sep 11, 2012 13:08:36",1347368916,"Sep 13, 2012 08:56:02",1347526562,"decoder...@googlemail.com",""
148378,"High","Cr-Blink, Cr-Blink-JavaScript, Cr-Internals, M-23, OS-All, Pri-1, Security_Severity-High, Type-Bug-Security, reward-1000","None",1000,"accept","yangguo@chromium.org","[LangFuzz] Crash due to invalid free in v8::internal::Runtime_RegExpExecMultiple","Apr 06, 2013 03:22:39",1365218559,"Sep 11, 2012 13:14:51",1347369291,"Sep 12, 2012 15:27:14",1347463634,"decoder...@googlemail.com",""
148638,"Medium","Cr-Internals, Cr-Internals-Skia, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-500","Beta, Stable",500,"accept","r...@chromium.org","Heap-buffer-overflow in SkAAClipBlitter::blitAntiH","Apr 01, 2013 15:33:51",1364830431,"Sep 12, 2012 06:08:24",1347430104,"Dec 20, 2012 15:52:28",1356018748,"attek...@gmail.com",""
148692,"Medium","CVE-2012-5109, Cr-Internals, M-22, Merge-Merged, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1229, merge-merged-1271, reward-500","Beta, Stable",500,"accept","jshin@chromium.org","Heap-buffer-overflow in ucstrTextExtract","Mar 21, 2013 21:03:26",1363899806,"Sep 12, 2012 16:19:18",1347466758,"Dec 20, 2012 15:52:58",1356018778,"Ax3...@gmail.com","2012-5109"
149717,"High","Cr-Internals, Cr-Internals-GPU, M-22, OS-Mac, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1229, merge-merged-1271, reward-1000","Beta, Stable",1000,"accept","g...@chromium.org","Security: integer overflow in webgl on osx","Mar 21, 2013 21:03:25",1363899805,"Sep 14, 2012 19:46:02",1347651962,"Dec 20, 2012 15:53:50",1356018830,"miaubiz@gmail.com",""
149904,"High","Cr-Internals, Cr-Internals-GPU-WebGL, M-23, Merge-Merged, OS-Mac, Pri-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1271, reward-1000","Beta, Stable",1000,"accept","cev...@chromium.org","Security: webgl - after running out of memory, buffer can still be written","Mar 21, 2013 21:03:24",1363899804,"Sep 17, 2012 10:17:10",1347877030,"Dec 20, 2012 15:52:58",1356018778,"miaubiz@gmail.com",""
150067,"Medium","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1271","Stable",,"","infe...@chromium.org","Heap-buffer-overflow in WebCore::InlineFlowBox::placeBoxesInInlineDirection","Apr 05, 2013 23:56:24",1365206184,"Sep 18, 2012 08:17:09",1347956229,"Dec 20, 2012 15:52:29",1356018749,"infe...@chromium.org",""
150545,"High","CVE-2013-0836, ClusterFuzz, Cr-Blink, M-24, OS-All, Pri-1, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","mstarzinger@chromium.org","UNKNOWN in v8::internal::RootMarkingVisitor::MarkObjectByPointer","Apr 05, 2013 23:56:22",1365206182,"Sep 18, 2012 13:03:14",1347973394,"Dec 20, 2012 15:52:58",1356018778,"mstarzin...@google.com","2013-0836"
150650,"Medium","Cr-Enterprise, Cr-Internals, Cr-Internals-Installer, OS-Windows, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","","MSI installer ships an out-of-date GoogleUpdate.exe with no ASLR or DEP (and may not be updating)","Apr 05, 2013 15:18:56",1365175136,"Sep 18, 2012 20:56:11",1348001771,"Dec 20, 2012 15:52:58",1356018778,"jsc...@chromium.org",""
150729,"Medium","Cr-Blink, Cr-Blink-JavaScript, M-23, Merge-Merged, OS-Linux, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, reward-1500","Beta, Stable",1500,"accept","jkummerow@chromium.org","UNKNOWN in v8::internal::Invoke","Apr 06, 2013 03:22:34",1365218554,"Sep 19, 2012 06:50:47",1348037447,"Dec 20, 2012 15:52:29",1356018749,"attek...@gmail.com",""
150966,"High","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Stable",,"","morr...@chromium.org","Heap-use-after-free in WebCore::Node::~Node","Apr 05, 2013 23:55:45",1365206145,"Sep 20, 2012 04:49:19",1348116559,"Dec 20, 2012 15:53:50",1356018830,"infe...@chromium.org",""
151424,"High","M-23, Merge-Merged, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Crash, Type-Bug-Security, merge-merged-1271","Beta, Stable",,"","hc...@chromium.org","Chrome: Crash Report -         Stack Signature: WebCore::CachedImage::likelyToBeUsedSoon()-...  ","Mar 21, 2013 21:03:21",1363899801,"Sep 20, 2012 22:28:35",1348180115,"Dec 20, 2012 15:52:58",1356018778,"kar...@google.com",""
151449,"Medium","CVE-2012-5110, ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","voll...@chromium.org","Heap-buffer-overflow in cc::CCKeyframedTransformAnimationCurve::getValue","Apr 05, 2013 23:55:31",1365206131,"Sep 21, 2012 01:04:20",1348189460,"Dec 20, 2012 15:52:58",1356018778,"infe...@chromium.org","2012-5110"
151860,"High","Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Security_Impact-None, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-97428, reward-1000","None",1000,"accept","yosin@chromium.org","Heap-use-after-free in WebCore::DateTimeFieldElement::didBlur","Apr 05, 2013 23:55:09",1365206109,"Sep 23, 2012 18:16:32",1348424192,"Dec 20, 2012 04:36:12",1355978172,"miaubiz@gmail.com",""
151888,"High","Cr-Blink, Cr-Blink-JavaScript, Cr-Internals, M-25, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","mstarzinger@chromium.org","Crash in v8::internal::SlotsBuffer::UpdateSlotsRecordedIn","Apr 06, 2013 03:22:30",1365218550,"Sep 24, 2012 07:39:00",1348472340,"Dec 20, 2012 15:53:26",1356018806,"attek...@gmail.com",""
151895,"Low","CVE-2012-5111, M-22, Merge-Merged, Pri-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1229, merge-merged-1271","Beta, Stable",,"","cev...@chromium.org"," infobar for excessively crashing plug-in does not work for Pepper Flash!","Mar 21, 2013 21:03:18",1363899798,"Sep 24, 2012 08:29:30",1348475370,"Dec 20, 2012 15:52:03",1356018723,"scarybea...@gmail.com","2012-5111"
152104,"Medium","Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1271","Beta, Stable",,"","pdr@chromium.org","out of bounds array access in WTF::TypedArrayBase<unsigned char>::item(unsigned int) / WebCore::FEMorphology::platformApplyGeneric","Apr 05, 2013 23:54:57",1365206097,"Sep 25, 2012 01:38:23",1348537103,"Dec 20, 2012 15:52:29",1356018749,"infe...@chromium.org",""
152354,"High","Cr-Blink, M-22, Merge-Merged, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","jsc...@chromium.org","Mask RenderArena freelist entries.","Apr 05, 2013 23:54:44",1365206084,"Sep 26, 2012 02:16:15",1348625775,"Dec 20, 2012 15:53:50",1356018830,"infe...@chromium.org",""
152442,"Medium","CVE-2013-0900, ClusterFuzz, Cr-Internals, M-25, OS-All, Pri-1, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1364","Beta, Stable",,"","jshin@chromium.org","Heap-use-after-free in icu_46::RuleBasedCollator::RuleBasedCollator","Apr 01, 2013 15:33:34",1364830414,"Sep 26, 2012 15:46:43",1348674403,"Dec 20, 2012 15:52:59",1356018779,"infe...@chromium.org","2013-0900"
152569,"High","M-23, OS-All, Pri-1, ReleaseBlock-Stable, Security_Impact-Beta, Security_Severity-High, Stability-Crash, Type-Bug-Security, merge-merged-1271, reward-500","Beta",500,"accept","nd...@chromium.org","Chrome_Mac: Crash Report -         Stack Signature: CompositorOutputSurface::OnMessageReceived-...","Mar 21, 2013 21:03:17",1363899797,"Sep 26, 2012 23:25:23",1348701923,"Dec 20, 2012 15:52:59",1356018779,"dhar...@google.com",""
152585,"High","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","tsepez@chromium.org","Heap-use-after-free in WebCore::ContainerNode::removeAllChildren","Apr 05, 2013 23:54:26",1365206066,"Sep 27, 2012 01:02:49",1348707769,"Dec 20, 2012 15:52:59",1356018779,"aa...@google.com",""
152691,"High","Cr-Internals, Cr-Internals-Media-FFmpeg, M-22, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1229, merge-merged-1271, reward-2000","Beta, Stable",2000,"accept","dalecur...@chromium.org","chrome!std::_Tree<std::_Tmap_traits<tracked_objects::Location,tracked_objects::Births *,std::less<tracked_objects::Location>,std::allocator<std::pair<tracked_objects::Location const ,tracked_objects::Births *> >,0> >::find+15 - crash","Mar 21, 2013 21:03:15",1363899795,"Sep 27, 2012 15:19:25",1348759165,"Dec 20, 2012 15:53:50",1356018830,"slaweck",""
152707,"High","Cr-Internals, Cr-Internals-Skia, M-22, Merge-Merged, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-1000","Beta, Stable",1000,"accept","bsalo...@chromium.org","Invalid pointer write in GrGpu::clear","Mar 21, 2013 21:03:15",1363899795,"Sep 27, 2012 17:02:10",1348765330,"Dec 20, 2012 15:53:50",1356018830,"attek...@gmail.com",""
152921,"Low","CVE-2013-0835, Cr-Blink, Cr-Blink-Location, Cr-Internals, Cr-UI, M-24, OS-Windows, Pri-3, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","jknot...@chromium.org","Browser crash, navigator.geolocation.watchPosition issue","Apr 06, 2013 05:02:11",1365224531,"Sep 28, 2012 12:33:18",1348835598,"Dec 20, 2012 15:52:03",1356018723,"Ax3...@gmail.com","2013-0835"
153128,"Medium","Cr-Blink, M-23, Merge-Merged, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1271","Beta, Stable",,"","","Buffer overrun in Harfbuff","Apr 05, 2013 23:53:48",1365206028,"Sep 29, 2012 03:44:35",1348890275,"Dec 20, 2012 15:52:29",1356018749,"infe...@chromium.org",""
153228,"Medium","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, Webkit-ID-99508","Beta, Stable",,"","schen...@chromium.org","Heap-use-after-free in WebCore::SVGImage::drawSVGToImageBuffer","Apr 05, 2013 23:53:41",1365206021,"Oct 01, 2012 03:01:07",1349060467,"Dec 20, 2012 15:52:29",1356018749,"infe...@chromium.org",""
153566,"High","ClusterFuzz, Cr-Blink, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ba...@chromium.org","Heap-use-after-free in WebCore::FontCache::purgeInactiveFontData","Apr 05, 2013 23:53:16",1365205996,"Oct 02, 2012 16:24:22",1349195062,"Dec 20, 2012 15:53:26",1356018806,"infe...@chromium.org",""
153592,"High","ClusterFuzz, Cr-Blink, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderObject::isDescendantOf","Apr 05, 2013 23:53:14",1365205994,"Oct 02, 2012 18:03:31",1349201011,"Dec 20, 2012 15:53:26",1356018806,"infe...@chromium.org",""
153666,"Low","Cr-Blink, M-23, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","c...@chromium.org","Security: Bypass for consumable user gesture on pop-up","Apr 05, 2013 23:53:08",1365205988,"Oct 02, 2012 21:53:15",1349214795,"Dec 20, 2012 15:52:03",1356018723,"dar...@gmail.com",""
153793,"High","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1271","Beta, Stable",,"","jap...@chromium.org","Heap-use-after-free in WebCore::EventHandler::mouseMoved","Apr 05, 2013 23:52:56",1365205976,"Oct 03, 2012 15:59:03",1349279943,"Dec 20, 2012 15:52:59",1356018779,"infe...@chromium.org",""
154055,"High","Cr-Blink, Cr-Internals-Media-Video, Cr-Internals-Skia, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, WebKit-ID-100265-RESOLVED, WebKit-Rev-132398, reward-1000","Beta, Stable",1000,"accept","enne@chromium.org","Heap-use-after-free in WebCore::RenderLayerBacking::paintIntoLayer","Apr 05, 2013 23:52:39",1365205959,"Oct 04, 2012 16:55:57",1349369757,"Dec 20, 2012 15:52:59",1356018779,"attek...@gmail.com",""
154158,"Medium","Cr-Services-SignIn, Cr-UI, M-23, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1271","Beta, Stable",,"","roge...@chromium.org","Security: ensure that a user has willing-fully logged-in to his Google account before triggering the one click Chrome login feature","Mar 21, 2013 21:03:11",1363899791,"Oct 04, 2012 22:24:12",1349389452,"Dec 11, 2012 22:22:20",1355264540,"roge...@chromium.org",""
154283,"Medium","CVE-2013-0834, ClusterFuzz, Cr-Blink, M-24, OS-All, Pri-1, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ba...@chromium.org","Heap-buffer-overflow in _HB_GDEF_Check_Property","Apr 05, 2013 23:52:27",1365205947,"Oct 05, 2012 11:34:41",1349436881,"Dec 20, 2012 15:52:29",1356018749,"infe...@chromium.org","2013-0834"
154284,"High","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-98755-RESOLVED, WebKit-Rev-130999","Beta, Stable",,"","schen...@chromium.org","Heap-use-after-free in WebCore::SVGTextRunRenderingContext::glyphDataForCharacter","Apr 05, 2013 23:52:26",1365205946,"Oct 05, 2012 11:35:54",1349436954,"Dec 20, 2012 15:52:59",1356018779,"infe...@chromium.org",""
154362,"Medium","ClusterFuzz, Cr-Blink, M-22, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, Webkit-ID-98710, merge-merged-1229, merge-merged-1271","Beta, Stable",,"","yosin@chromium.org","Heap-buffer-overflow in WebCore::HTMLSelectElement::typeAheadFind","Apr 05, 2013 23:52:19",1365205939,"Oct 05, 2012 20:04:23",1349467463,"Dec 20, 2012 04:36:39",1355978199,"infe...@chromium.org",""
154460,"Medium","ClusterFuzz, Cr-Blink, M-24, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","o...@chromium.org","Heap-use-after-free in WebCore::ScrollableArea::scroll","Apr 05, 2013 23:52:13",1365205933,"Oct 06, 2012 12:45:33",1349527533,"Dec 12, 2012 15:48:57",1355327337,"aa...@google.com",""
154465,"Medium","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-98714-RESOLVED, merge-merged-1271","Beta, Stable",,"","tkent@chromium.org","Bad cast in webkit_glue::GetSubResourceLinkFromElement","Apr 05, 2013 23:52:13",1365205933,"Oct 06, 2012 17:13:30",1349543610,"Dec 20, 2012 15:52:29",1356018749,"aa...@google.com",""
154485,"Medium","CVE-2013-0833, ClusterFuzz, Cr-Blink, M-24, OS-All, Pri-1, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1312","Beta, Stable",,"","vitalyb...@chromium.org","Heap-buffer-overflow in std::vector<scoped_refptr<printing::PrintJob>, std::allocator<scoped_refptr<printing::PrintJob> > >:","Apr 05, 2013 23:52:10",1365205930,"Oct 07, 2012 04:56:04",1349585764,"Dec 20, 2012 15:52:29",1356018749,"infe...@chromium.org","2013-0833"
154488,"High","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::FrameLoader::stopLoading","Apr 05, 2013 23:52:09",1365205929,"Oct 07, 2012 06:27:51",1349591271,"Dec 20, 2012 15:52:59",1356018779,"infe...@chromium.org",""
154617,"High","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","morr...@chromium.org","Heap-use-after-free in WebCore::Node::~Node","Apr 05, 2013 23:52:00",1365205920,"Oct 08, 2012 17:58:22",1349719102,"Dec 20, 2012 15:52:59",1356018779,"infe...@chromium.org",""
154987,"High","CVE-2012-5112, Cr-Blink, Cr-Blink-SVG, M-22, Pri-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","pdr@chromium.org","Pwnium SVG use after free","Apr 06, 2013 03:43:16",1365219796,"Oct 10, 2012 04:12:03",1349842323,"Oct 10, 2012 16:27:35",1349886455,"jsc...@chromium.org","2012-5112"
155323,"High","Cr-Internals, Cr-Internals-Graphics, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1229, merge-merged-1271","Beta, Stable",,"","apatr...@chromium.org","Out of bounds array access in GPU process","Mar 21, 2013 21:03:06",1363899786,"Oct 11, 2012 18:43:59",1349981039,"Dec 20, 2012 15:53:50",1356018830,"apatr...@chromium.org",""
155711,"Low","Cr-Internals, Cr-Internals-Network-HTTP, M-23, OS-All, Pri-2, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1271","Beta, Stable",,"","mmenke@chromium.org","Security: forced oom in browser process due to indefinitely growing buffer in chunked decoder","Mar 21, 2013 21:03:05",1363899785,"Oct 13, 2012 18:33:49",1350153229,"Dec 20, 2012 15:52:03",1356018723,"szasza.contact@gmail.com",""
155860,"Medium","Cr-Blink, M-23, Merge-Merged, OS-All, Pri-2, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","jcive...@chromium.org","WebCore::SharedBuffer::append(data, 0) can cause unitialized memory to be added to the SharedBuffer","Apr 05, 2013 23:50:21",1365205821,"Oct 15, 2012 15:32:29",1350315149,"Dec 20, 2012 15:52:29",1356018749,"jsc...@chromium.org",""
156051,"","Cr-Internals, Cr-Platform-Extensions, M-23, Merge-Merged, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1271","Beta, Stable",,"","mpcomplete@chromium.org","","Apr 01, 2013 15:33:18",1364830398,"Oct 16, 2012 08:25:03",1350375903,"Dec 20, 2012 15:52:03",1356018723,"gli...@chromium.org",""
156231,"High","Cr-Internals, Cr-Internals-Skia, M-24, Merge-Merged, OS-All, Pri-1, ReleaseBlock-Stable, Security_Impact-Beta, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","Beta",1000,"accept","r...@google.com","UNKNOWN in _wordcopy_fwd_aligned","Apr 01, 2013 15:33:17",1364830397,"Oct 16, 2012 22:57:22",1350428242,"Dec 20, 2012 15:52:59",1356018779,"attek...@gmail.com",""
156366,"Medium","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1271","Beta, Stable",,"","bauerb@chromium.org","Heap-use-after-free in PluginPlaceholder::ReplacePlugin","Apr 05, 2013 23:49:56",1365205796,"Oct 17, 2012 16:04:13",1350489853,"Dec 20, 2012 15:52:29",1356018749,"infe...@chromium.org",""
156383,"High","Cr-Internals, Cr-Services-CloudPrint, M-23, OS-iOS, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","pal...@chromium.org","Security: chrome_to_device makes use of HTTP for cloudprint","Mar 21, 2013 21:03:03",1363899783,"Oct 17, 2012 17:24:14",1350494654,"Oct 19, 2012 17:11:28",1350666688,"rsleevi@chromium.org",""
156567,"High","Cr-Blink, Cr-Blink-SVG, M-23, Merge-Merged, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-94652, reward-1000","Beta, Stable",1000,"accept","schen...@chromium.org","Security: use-after-free in WebCore::GraphicsContext::paintingDisabled","Apr 06, 2013 03:43:14",1365219794,"Oct 18, 2012 06:33:03",1350541983,"Dec 20, 2012 15:52:59",1356018779,"miaubiz@gmail.com",""
156619,"High","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::ApplyStyleCommand::cleanupUnstyledAppleStyleSpans","Apr 05, 2013 23:49:36",1365205776,"Oct 18, 2012 16:35:56",1350578156,"Dec 20, 2012 15:52:59",1356018779,"infe...@chromium.org",""
156669,"Medium","M-25, OS-All, Pri-2, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, Via-Wizard","Beta, Stable",,"","creis@chromium.org","Origin.com somehow manages to open its result page in the previous tab (which was gmail)","Mar 21, 2013 21:03:01",1363899781,"Oct 18, 2012 19:26:38",1350588398,"Dec 06, 2012 18:01:27",1354816887,"srabbelier@google.com",""
156826,"Medium","ClusterFuzz, Cr-Blink, Cr-Blink-Rendering, Cr-Internals, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","r...@chromium.org","UNKNOWN in S32A_Blend_BlitRow32_SSE2","Apr 06, 2013 03:34:09",1365219249,"Oct 19, 2012 16:08:48",1350662928,"Dec 20, 2012 15:52:29",1356018749,"infe...@chromium.org",""
157047,"","Pri-0, Security_Impact-None, Security_Severity-None, Type-Bug-Security, reward-10000","None",10000,"accept","cev...@chromium.org","miaubiz is the LAST MAN STANDING (along with attekett)","Mar 21, 2013 20:35:09",1363898109,"Oct 21, 2012 14:35:34",1350830134,"Oct 29, 2012 14:56:52",1351522612,"scarybea...@gmail.com",""
157048,"","Pri-0, Security_Impact-None, Security_Severity-None, Type-Bug-Security, reward-10000","None",10000,"accept","cev...@chromium.org","attekett is the LAST MAN STANDING (along with miaubiz)","Mar 21, 2013 20:35:09",1363898109,"Oct 21, 2012 14:36:39",1350830199,"Oct 29, 2012 14:52:51",1351522371,"scarybea...@gmail.com",""
157049,"","Pri-0, Security_Impact-None, Security_Severity-None, Type-Bug-Security, reward-10000","None",10000,"accept","cev...@chromium.org","decoder wins V8 ACHIEVEMENT AWARD","Mar 21, 2013 20:35:09",1363898109,"Oct 21, 2012 14:37:51",1350830271,"Oct 29, 2012 14:53:21",1351522401,"scarybea...@gmail.com",""
157079,"Medium","Cr-Internals, M-23, Merge-Merged, OS-All, Pri-2, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1271, reward-3500, reward-inprocess","Beta, Stable",3500,"inprocess","jz...@chromium.org"," allows memory disclosure","Mar 21, 2013 21:03:00",1363899780,"Oct 22, 2012 01:29:12",1350869352,"Dec 20, 2012 15:52:29",1356018749,"philip.t...@gmail.com",""
157124,"High","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","mstarzinger@chromium.org","UNKNOWN in v8::internal::ObjectHashTable::Put","Apr 05, 2013 23:48:54",1365205734,"Oct 22, 2012 11:50:59",1350906659,"Dec 20, 2012 15:52:59",1356018779,"mstarzin...@google.com",""
157516,"Low","Cr-Blink, Pri-3, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","tsepez@chromium.org","Security: XSS auditor can sometimes be used to maliciously alter form action property.","Apr 05, 2013 23:48:34",1365205714,"Oct 24, 2012 02:07:57",1351044477,"Dec 20, 2012 15:52:29",1356018749,"samuel.p...@gmail.com",""
157845,"","Cr-Blink, Cr-Blink-Rendering, M-24, Merge-Merged, OS-Windows, Pri-2, Security_Impact-Beta, Stability-Memory-AddressSanitizer, Type-Bug-Security, Via-Wizard, reward-500","Beta",500,"accept","hc...@chromium.org","Heap-use-after-free in skia::BGRAConvolve2D","Apr 06, 2013 03:34:02",1365219242,"Oct 25, 2012 09:32:39",1351157559,"Dec 20, 2012 15:52:03",1356018723,"slaweck",""
158060,"High","ClusterFuzz, Cr-Blink, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::CachedResource::checkNotify","Apr 05, 2013 23:48:02",1365205682,"Oct 26, 2012 15:56:18",1351266978,"Dec 20, 2012 15:53:26",1356018806,"infe...@chromium.org",""
158199,"High","ClusterFuzz, Cr-Blink, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::StyleCachedImageSet::cssValue","Apr 05, 2013 23:47:53",1365205673,"Oct 28, 2012 02:38:52",1351391932,"Dec 20, 2012 15:53:26",1356018806,"infe...@chromium.org",""
158204,"High","CVE-2012-5139, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1500","Beta, Stable",1500,"accept","infe...@chromium.org","Heap-use-after-free in WebCore::Frame::dispatchVisibilityStateChangeEvent","Apr 05, 2013 23:47:53",1365205673,"Oct 28, 2012 03:48:42",1351396122,"Dec 20, 2012 15:52:59",1356018779,"chamal.d...@gmail.com","2012-5139"
158249,"High","Cr-Internals, M-23, Merge-Merged, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1271, merge-merged-1312","Beta, Stable",,"","ae...@chromium.org","Security: Heap-buffer-underflow in xmlParseAttValueComplex","Mar 21, 2013 21:02:54",1363899774,"Oct 29, 2012 02:01:46",1351476106,"Dec 20, 2012 15:52:59",1356018779,"ae...@chromium.org",""
158547,"High","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","tkent@chromium.org","Heap-use-after-free in WebCore::HTMLInputElement::setValue for type=range, type=date, and type=time with datalist","Apr 05, 2013 23:47:36",1365205656,"Oct 30, 2012 17:20:09",1351617609,"Dec 20, 2012 15:52:59",1356018779,"aa...@google.com",""
158693,"High","ClusterFuzz, Cr-Blink, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::RenderLayerModelObject::hasSelfPaintingLayer","Apr 05, 2013 23:47:29",1365205649,"Oct 31, 2012 01:26:40",1351646800,"Dec 20, 2012 15:53:26",1356018806,"infe...@chromium.org",""
158898,"High","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","ke...@chromium.org","Heap-use-after-free in WebCore::RenderBlock::removeChild","Apr 05, 2013 23:47:15",1365205635,"Nov 01, 2012 05:46:37",1351748797,"Dec 20, 2012 15:52:59",1356018779,"aa...@google.com",""
159098,"High","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","","Heap-buffer-overflow in WebCore::TextTrackCueList::add","Apr 05, 2013 23:47:00",1365205620,"Nov 02, 2012 06:06:12",1351836372,"Dec 20, 2012 15:52:59",1356018779,"infe...@chromium.org",""
159165,"Medium","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1271, merge-merged-1312","Beta, Stable",,"","tsepez@chromium.org","Heap-use-after-free in webkit::ppapi::PluginInstance::PrintBegin","Apr 05, 2013 23:46:53",1365205613,"Nov 02, 2012 17:25:05",1351877105,"Dec 20, 2012 15:52:29",1356018749,"aa...@google.com",""
159219,"Medium","ClusterFuzz, Cr-Blink, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::EventHandler::handleMousePressEvent","Apr 05, 2013 23:46:51",1365205611,"Nov 02, 2012 20:33:30",1351888410,"Dec 20, 2012 15:52:29",1356018749,"aa...@google.com",""
159429,"High","CVE-2012-5140, Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1271, merge-merged-1312, reward-1000","Beta, Stable",1000,"accept","tsepez@chromium.org","Security: Use after free on ~AssociatedURLLoader with pdf plugin","Apr 06, 2013 03:11:06",1365217866,"Nov 05, 2012 16:46:13",1352133973,"Dec 20, 2012 15:52:59",1356018779,"chamal.d...@gmail.com","2012-5140"
159829,"Medium","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-101537","Beta, Stable",,"","tkent@chromium.org","Heap-buffer-overflow in WebCore::HTMLInputElement::isImageButton","Apr 05, 2013 23:46:12",1365205572,"Nov 07, 2012 16:42:36",1352306556,"Dec 20, 2012 15:52:29",1356018749,"infe...@chromium.org",""
160010,"High","M-25, OS-All, Pri-2, Security_Impact-None, Security_Severity-High, Type-Bug-Security, Via-Wizard, reward-1000","None",1000,"accept","yangguo@chromium.org","[LangFuzz] Crash at v8::internal::BasicJsonStringifier::SerializeString","Mar 21, 2013 20:39:42",1363898382,"Nov 08, 2012 11:03:13",1352372593,"Nov 12, 2012 10:21:37",1352715697,"decoder...@googlemail.com",""
160038,"Medium","Cr-Internals, M-24, OS-Windows, Pri-2, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","so...@chromium.org","Security: Unquoted Path vulnerability in GoogleCrashHandler","Mar 21, 2013 21:02:49",1363899769,"Nov 08, 2012 14:36:18",1352385378,"Dec 20, 2012 15:52:29",1356018749,"gavgav...@gmx.com",""
160068,"High","Cr-Blink, M-25, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","rn...@chromium.org","Merge http://trac.webkit.org/changeset/133840","Apr 05, 2013 23:45:50",1365205550,"Nov 08, 2012 17:48:55",1352396935,"Dec 20, 2012 15:53:27",1356018807,"infe...@chromium.org",""
160380,"Medium","CVE-2013-0832, ClusterFuzz, Cr-Blink, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1312","Beta, Stable",,"","vitalyb...@chromium.org","Heap-use-after-free in WebKit::ChromePrintContext::spoolPage","Apr 05, 2013 23:45:26",1365205526,"Nov 10, 2012 07:13:31",1352531611,"Dec 20, 2012 15:52:29",1356018749,"infe...@chromium.org","2013-0832"
160480,"Low","CVE-2013-0899, Cr-Internals, Cr-Internals-Media-Codecs, M-25, Merge-Merged, Pri-2, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1364","Beta, Stable",,"","ae...@chromium.org","Security: Integer overflow in opus_packet_parse_impl","Mar 21, 2013 21:02:48",1363899768,"Nov 12, 2012 06:28:33",1352701713,"Dec 20, 2012 15:52:04",1356018724,"ae...@chromium.org","2013-0899"
160760,"Medium","Cr-Internals, M-24, Pri-0, ReleaseBlock-Beta, ReleaseBlock-Stable, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1271, merge-merged-1312, merge-merged-23","Beta, Stable",,"","bradnel...@chromium.org","Security: NaCl sandbox escape; missing register check across a superinstruction","Mar 21, 2013 21:02:48",1363899768,"Nov 13, 2012 18:43:15",1352832195,"Nov 14, 2012 19:57:18",1352923038,"bradchen@chromium.org",""
160803,"Critical","CVE-2012-5142, Cr-Internals, M-23, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Critical, Type-Bug-Security, merge-merged-1271, merge-merged-1312","Beta, Stable",,"","creis@chromium.org","Security: ugly crash with history.replaceState() while the window displays HTTPS interstitial","Mar 21, 2013 21:07:49",1363900069,"Nov 13, 2012 21:24:14",1352841854,"Dec 20, 2012 15:53:50",1356018830,"lcam...@google.com","2012-5142"
160926,"Medium","Audit-IPC, CVE-2012-5143, Cr-Blink, Cr-Internals, Cr-Internals-Plugins, Cr-Internals-Plugins-Pepper, M-23, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1271, merge-merged","Beta, Stable",,"","c...@chromium.org","Security:Check for integer wrap in PPB_ImageData_Impl::Init() is insufficient","Apr 06, 2013 04:34:01",1365222841,"Nov 14, 2012 07:30:03",1352878203,"Dec 20, 2012 15:52:29",1356018749,"c...@chromium.org","2012-5143"
161420,"Medium","ClusterFuzz, Cr-Blink, Cr-Blink-SVG, M-25, Merge-Merged, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-102969","Beta, Stable",,"","schen...@chromium.org","Heap-buffer-overflow in WTF::StringImpl::create","Apr 06, 2013 03:43:10",1365219790,"Nov 16, 2012 02:28:11",1353032891,"Dec 21, 2012 00:15:57",1356048957,"infe...@chromium.org",""
161564,"High","Audit-IPC, CVE-2012-5138, Cr-Internals, M-23, OS-All, Pri-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1271, merge-merged-1312","Beta, Stable",,"","tsepez@chromium.org","Security: Renderer sandbox bypass on ChildProcessSecurityPolicyImpl::SecurityState::HasPermissionsForFile()","Mar 21, 2013 21:02:44",1363899764,"Nov 16, 2012 22:45:17",1353105917,"Dec 20, 2012 15:52:59",1356018779,"ae...@chromium.org","2012-5138"
161639,"High","CVE-2012-5144, Cr-Internals-Media-Codecs, M-23, Pri-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1271, merge-merged-1312, merge-merged-ffmpeg, reward-2000","Beta, Stable",2000,"accept","dalecur...@chromium.org","Security: ffmpeg oob write4 (222)","Mar 21, 2013 21:02:44",1363899764,"Nov 17, 2012 21:14:00",1353186840,"Dec 20, 2012 15:52:59",1356018779,"paw...@gmail.com","2012-5144"
161690,"High","ClusterFuzz, Cr-Blink, M-23, Merge-Merged, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","fmal...@chromium.org","Heap-use-after-free in WebCore::RenderSVGResourceContainer::markClientForInvalidation","Apr 05, 2013 23:43:57",1365205437,"Nov 18, 2012 21:26:30",1353273990,"Dec 20, 2012 15:52:59",1356018779,"infe...@chromium.org",""
161836,"Low","CVE-2013-0831, Cr-Internals, M-24, Merge-Merged, Pri-2, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1312","Beta, Stable",,"","tsepez@chromium.org","Security: Possible directory traversal vulnerability in ExtensionResource::GetFilePath().","Mar 21, 2013 21:02:43",1363899763,"Nov 19, 2012 19:38:26",1353353906,"Dec 20, 2012 15:52:04",1356018724,"tsepez@chromium.org","2013-0831"
162066,"Low","Audit-IPC, CVE-2013-0830, Cr-Internals, M-24, Merge-Merged, OS-Windows, Pri-2, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1312","Beta, Stable",,"","jsc...@chromium.org","LOGFONT IPC deserializer doesn't require NULL terminated lfFaceName","Mar 21, 2013 21:02:43",1363899763,"Nov 20, 2012 18:57:44",1353437864,"Dec 20, 2012 15:52:04",1356018724,"jsc...@chromium.org","2013-0830"
162114,"High","Audit-IPC, CVE-2013-0829, Cr-Internals, M-24, Pri-0, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1312","Beta, Stable",,"","kinuko@chromium.org","","Mar 21, 2013 21:02:43",1363899763,"Nov 20, 2012 21:35:54",1353447354,"Dec 20, 2012 15:52:59",1356018779,"ae...@chromium.org","2013-0829"
162153,"High","CVE-2013-0828, Cr-Blink, Cr-Internals-Plugins-PDF, M-24, Merge-Merged, OS-All, Pri-0, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: bad cast if root page is not a dictionary object","Apr 06, 2013 03:11:02",1365217862,"Nov 21, 2012 01:12:32",1353460352,"Dec 20, 2012 15:53:00",1356018780,"scarybea...@gmail.com","2013-0828"
162156,"Medium","CVE-2012-5157, Cr-Blink, Cr-Internals-Plugins-PDF, M-24, Merge-Merged, OS-All, Pri-0, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: more out-of-bounds reads with mismatched colorspaces","Apr 06, 2013 03:11:02",1365217862,"Nov 21, 2012 01:23:08",1353460988,"Dec 20, 2012 15:52:29",1356018749,"scarybea...@gmail.com","2012-5157"
162489,"Low","Cr-Internals, M-24, Pri-3, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1312","Beta, Stable",,"","jln@chromium.org","Security: Small info leak in the SUID sandbox helper?","Mar 21, 2013 21:02:42",1363899762,"Nov 23, 2012 18:33:39",1353695619,"Dec 20, 2012 15:52:04",1356018724,"jannh...@googlemail.com",""
162494,"High","Cr-Blink, Cr-Blink-SVG, M-24, Merge-Merged, OS-All, Pri-1, Release-0, ReleaseBlock-Stable, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-104007, reward-1000","Beta, Stable",1000,"accept","schen...@chromium.org","Heap-use-after-free in WebCore::PopStateEvent::~PopStateEvent","Apr 06, 2013 03:43:06",1365219786,"Nov 23, 2012 19:32:19",1353699139,"Dec 20, 2012 15:53:00",1356018780,"attek...@gmail.com",""
162551,"High","Cr-Internals, Cr-Internals-Skia, M-25, Merge-Merged, Pri-0, Security_Impact-Beta, Security_Severity-High, Type-Bug-Security, reward-1000","Beta",1000,"accept","bsalo...@google.com","Access violation write in _VEC_memcpy","Mar 21, 2013 21:02:41",1363899761,"Nov 25, 2012 15:38:19",1353857899,"Dec 20, 2012 15:53:27",1356018807,"attek...@gmail.com",""
162620,"High","ClusterFuzz, Cr-Blink, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","fmal...@chromium.org","Heap-use-after-free in WebCore::RenderSVGResourcePattern::applyResource","Apr 05, 2013 23:42:42",1365205362,"Nov 26, 2012 13:14:55",1353935695,"Dec 20, 2012 15:53:27",1356018807,"infe...@chromium.org",""
162776,"Medium","CVE-2012-5157, Cr-Blink, Cr-Internals-Plugins-PDF, M-24, Merge-Merged, OS-All, Pri-0, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: out-of-bounds reads with crazy bits per component / num components values","Apr 06, 2013 03:09:49",1365217789,"Nov 27, 2012 03:32:45",1353987165,"Dec 20, 2012 15:52:29",1356018749,"scarybea...@gmail.com","2012-5157"
162778,"High","CVE-2012-5156, Cr-Blink, Cr-Internals-Plugins-PDF, M-24, Merge-Merged, OS-All, Pri-0, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: use-after-frees in field name tree again","Apr 06, 2013 03:09:48",1365217788,"Nov 27, 2012 03:39:53",1353987593,"Dec 20, 2012 15:53:00",1356018780,"scarybea...@gmail.com","2012-5156"
162835,"High","CVE-2012-5137, Cr-Blink, Cr-Internals-Media-Source, Cr-Internals-WebRTC, M-23, Merge-Merged, OS-All, Pri-0, ReleaseBlock-Stable, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, reward-7331","Beta, Stable",7331,"accept","acolw...@chromium.org","Heap-use-after-free in WebCore::MediaPlayer::sourceSetTimestampOffset [exploitable]","Apr 05, 2013 23:42:24",1365205344,"Nov 27, 2012 12:19:45",1354018785,"Dec 20, 2012 15:53:00",1356018780,"scarybea...@gmail.com","2012-5137"
163110,"High","ClusterFuzz, Cr-Blink, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","infe...@chromium.org","Heap-use-after-free in WebCore::ApplyStyleCommand::pushDownInlineStyleAroundNode","Apr 05, 2013 23:42:10",1365205330,"Nov 28, 2012 13:44:29",1354110269,"Dec 20, 2012 15:53:27",1356018807,"infe...@chromium.org",""
163994,"High","ClusterFuzz, Cr-Blink, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","fmal...@chromium.org","Heap-use-after-free in WebCore::CachedResource::checkNotify","Apr 05, 2013 23:41:24",1365205284,"Dec 03, 2012 20:47:30",1354567650,"Dec 20, 2012 15:53:27",1356018807,"infe...@chromium.org",""
164490,"Low","Audit-IPC, CVE-2012-5154, Cr-Internals, M-24, OS-Windows, Pri-0, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1312","Beta, Stable",,"","cev...@chromium.org","IPC: integer overflow in Windows' SharedMemory::Create","Mar 21, 2013 21:02:37",1363899757,"Dec 05, 2012 23:19:36",1354749576,"Dec 20, 2012 15:52:04",1356018724,"scarybea...@gmail.com","2012-5154"
164565,"High","CVE-2012-5153, Cr-Blink, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","rossb...@chromium.org","Security: V8 bug may give out-of-bounds access to the stack","Apr 05, 2013 23:40:48",1365205248,"Dec 06, 2012 10:57:13",1354791433,"Dec 20, 2012 15:53:27",1356018807,"rossb...@chromium.org","2012-5153"
164582,"High","ClusterFuzz, Cr-Blink, M-25, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security","Beta, Stable",,"","hc...@chromium.org","Heap-buffer-overflow in SkRectClipBlitter::blitAntiH","Apr 05, 2013 23:40:46",1365205246,"Dec 06, 2012 14:08:11",1354802891,"Dec 20, 2012 15:53:27",1356018807,"infe...@chromium.org",""
164682,"High","Audit-IPC, Cr-Blink, Cr-Internals, Cr-Internals-Plugins, M-23, OS-All, Pri-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","sadrul@chromium.org","Input validation error in BrowserPluginEmbedderHelper::OnHandleInputEvent() leads to bad cast","Apr 06, 2013 04:14:45",1365221685,"Dec 06, 2012 21:12:50",1354828370,"Dec 14, 2012 01:48:02",1355449682,"c...@chromium.org",""
164946,"Low","Audit-IPC, CVE-2013-0892, Cr-Internals, Cr-Internals-GPU, M-25, Pri-0, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","IPC: GPU messages have integer truncation (bad use of size_t) and integer sign extension (bad use of signed type) issues","Mar 21, 2013 21:02:35",1363899755,"Dec 07, 2012 22:20:45",1354918845,"Dec 20, 2012 15:52:04",1356018724,"scarybea...@gmail.com","2013-0892"
164958,"Low","Audit-IPC, CVE-2013-0892, Cr-Internals, M-25, Pri-0, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","IPC: PPAPI messages have problems with use of signed integers for lengths ","Mar 21, 2013 21:02:34",1363899754,"Dec 07, 2012 23:00:35",1354921235,"Dec 12, 2012 00:54:30",1355273670,"scarybea...@gmail.com","2013-0892"
165015,"High","Cr-Blink, M-25, OS-All, Pri-1, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, reward-1000","None",1000,"accept","","Heap-use-after-free in WebCore::Element::normalizeAttributes","Apr 05, 2013 23:40:21",1365205221,"Dec 08, 2012 18:30:58",1354991458,"Dec 12, 2012 13:56:42",1355320602,"miaubiz@gmail.com",""
165102,"Low","Cr-Blink, Cr-Platform-DevTools, M-24, Pri-0, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Stable",,"","","Security: devtool xss","Apr 05, 2013 23:40:16",1365205216,"Dec 10, 2012 09:58:01",1355133481,"Dec 11, 2012 05:40:01",1355204401,"mar.rond...@gmail.com",""
165430,"Medium","CVE-2012-5152, ClusterFuzz, Cr-Internals, Cr-Internals-Media-Audio, M-24, OS-All, Pri-1, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1312","Beta, Stable",,"","dalecur...@chromium.org","Heap-buffer-overflow in media::AudioRendererAlgorithm::OutputFasterPlayback","Apr 01, 2013 15:31:39",1364830299,"Dec 11, 2012 12:02:42",1355227362,"Dec 20, 2012 15:53:27",1356018807,"infe...@chromium.org","2012-5152"
165537,"Low","CVE-2013-0897, Cr-Blink, Cr-Internals-Plugins-PDF, M-25, OS-All, Pri-0, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: off-by-one read when scanning for startxref","Apr 06, 2013 03:09:44",1365217784,"Dec 11, 2012 20:55:55",1355259355,"Dec 20, 2012 15:52:04",1356018724,"scarybea...@gmail.com","2013-0897"
165538,"High","CVE-2012-5151, Cr-Blink, Cr-Internals, Cr-Internals-Plugins-PDF, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","PDF: integer overflows in JS array handling","Apr 06, 2013 03:09:44",1365217784,"Dec 11, 2012 20:58:55",1355259535,"Dec 20, 2012 15:53:27",1356018807,"scarybea...@gmail.com","2012-5151"
165601,"High","CVE-2012-5150, ClusterFuzz, Cr-Internals, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Stability-Memory-AddressSanitizer, Type-Bug-Security, merge-merged-1312, merge-merged-","Beta, Stable",,"","dalecur...@chromium.org","Heap-use-after-free in matroska_parse_block","Apr 01, 2013 15:31:38",1364830298,"Dec 12, 2012 02:12:01",1355278321,"Dec 20, 2012 15:53:27",1356018807,"infe...@chromium.org","2012-5150"
165602,"Medium","ClusterFuzz, Cr-Blink, Cr-Platform-DevTools, M-24, Merge-Merged, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-","Beta, Stable",,"","apav...@chromium.org","Heap-use-after-free in WebCore::CSSStyleRule::style","Apr 05, 2013 23:39:52",1365205192,"Dec 12, 2012 02:13:39",1355278419,"Dec 20, 2012 15:52:29",1356018749,"infe...@chromium.org",""
165747,"Low","Audit-IPC, CVE-2013-0892, M-25, Pri-0, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security","Beta, Stable",,"","cev...@chromium.org","IPC: renderer out-of-bounds crash creating 3D context from malformed PPAPI message","Mar 21, 2013 21:02:31",1363899751,"Dec 12, 2012 20:39:13",1355344753,"Dec 20, 2012 15:52:04",1356018724,"scarybea...@gmail.com","2013-0892"
165864,"High","CVE-2012-5147, M-24, Merge-Merged, OS-All, OS-Windows, Pri-2, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, Via-Wizard, reward-1000, reward-decline, webkit-id-104982","Beta, Stable",1000,"decline","haraken@chromium.org","Heap-use-after-free in WebCore::ChildNodeInsertionNotifier::notifyDescendantInsertedIntoDocument","Mar 21, 2013 21:02:30",1363899750,"Dec 13, 2012 05:31:21",1355376681,"Dec 20, 2012 15:53:27",1356018807,"javg0...@gmail.com","2012-5147"
166493,"Low","Audit-IPC, CVE-2013-0892, M-25, Merge-Merged, OS-All, Pri-0, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1364","Beta, Stable",,"","cev...@chromium.org","IPC: missing integer checks on Pepper UDP socket handling","Mar 21, 2013 21:02:29",1363899749,"Dec 17, 2012 21:30:10",1355779810,"Dec 20, 2012 08:52:53",1355993573,"scarybea...@gmail.com","2013-0892"
166523,"High","CVE-2013-0843, Cr-Blink, Cr-Internals-WebRTC, M-24, Merge-Merged, OS-Mac, Pri-2, Release-1, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1312, merge-merged-1364","Beta, Stable",,"","henrika@chromium.org","[Mac] apprtc crashes when output sampling rate set to 96000 Hz","Apr 05, 2013 23:38:45",1365205125,"Dec 17, 2012 23:06:42",1355785602,"Jan 07, 2013 09:32:07",1357551127,"tnakamura@chromium.org","2013-0843"
166553,"High","M-25, Merge-Merged, OS-All, OS-Linux, Pri-2, Security_Impact-None, Security_Severity-High, Type-Bug-Security, Via-Wizard, reward-1000, reward-inprocess","None",1000,"inprocess","ulan@chromium.org","[LangFuzz] Crash at v8::internal::HeapObject::SizeFromMap with invalid read","Mar 21, 2013 20:39:21",1363898361,"Dec 18, 2012 01:37:12",1355794632,"Dec 20, 2012 15:53:27",1356018807,"decoder...@googlemail.com",""
166554,"High","Cr-Blink, Cr-Blink-JavaScript, M-25, Merge-Merged, OS-Linux, Pri-2, Security_Impact-None, Security_Severity-High, Type-Bug-Security, Via-Wizard, reward-1000, reward-inprocess","None",1000,"inprocess","svenpanne@chromium.org","[LangFuzz] Crash at v8::internal::Deoptimizer::DoComputeOutputFrames with invalid read","Apr 06, 2013 03:21:34",1365218494,"Dec 18, 2012 01:41:52",1355794912,"Dec 20, 2012 15:52:04",1356018724,"decoder...@googlemail.com",""
166708,"High","Audit-IPC, CVE-2013-0896, Cr-Blink, Cr-Internals, Cr-Internals-Plugins, Cr-Platform-Apps-BrowserTag, Iteration-71, M-25, Merge-Merged, OS-All, Pri-1, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Secu","Beta, Stable",,"","fsam...@chromium.org","BrowserPluginGuest blindly trusts the size of shared memory regions leading to overflow","Apr 06, 2013 04:14:34",1365221674,"Dec 18, 2012 21:04:39",1355864679,"Dec 21, 2012 04:15:46",1356063346,"c...@chromium.org","2013-0896"
166795,"High","Audit-IPC, CVE-2012-5149, Cr-Internals-Media-Audio, M-24, OS-All, Pri-0, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-High, Type-Bug-Security, merge-merged-1312, merge-merged-1364","Beta, Stable",,"","cev...@chromium.org","Harden audio stream creation in the browser","Mar 21, 2013 21:02:28",1363899748,"Dec 19, 2012 02:16:13",1355883373,"Dec 20, 2012 15:53:00",1356018780,"scarybea...@gmail.com","2012-5149"
167122,"Medium","Audit-IPC, CVE-2012-5148, Cr-Internals, Cr-UI-Browser-Spellcheck, M-24, OS-All, Pri-1, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Type-Bug-Security, merge-merged-1312, merge-merged-1364","Beta, Stable",,"","groby@chromium.org","HyphenatorHostMsg_OpenDictionary IPC allows arbitrary file reads from a compromised renderer","Mar 21, 2013 21:02:27",1363899747,"Dec 20, 2012 19:50:36",1356033036,"Dec 21, 2012 01:24:45",1356053085,"jsc...@chromium.org","2012-5148"
167412,"Low","Audit-IPC, Cr-Internals-GPU, M-25, Pri-0, Release-0, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Low, Type-Bug-Security, merge-merged-1364","Beta, Stable",,"","cev...@chromium.org","IPC: GPU message OnMsgAssignPictureBuffers incorrectly assumed same-sized vectors","Mar 21, 2013 21:02:26",1363899746,"Dec 22, 2012 02:41:50",1356144110,"Dec 26, 2012 22:05:11",1356559511,"scarybea...@gmail.com",""
167498,"Medium","ClusterFuzz, Cr-Blink, M-25, Merge-Merged, OS-All, Pri-1, Release-0, Release-Private, Security_Impact-Beta, Security_Impact-Stable, Security_Severity-Medium, Stability-Memory-AddressSanitizer, Type-Bug-Security, WebKit-ID-105718","Beta, Stable",,"","apav...@chromium.org","Heap-use-after-free in WebCore::CSSStyleRule::style","Apr 05, 2013 23:37:39",1365205059,"Dec 24, 2012 09:35:22",1356341722,"Dec 25, 2012 09:31:33",1356427893,"infe...@chromium.org",""

## FirefoxData.csv

          
            bugnum
            severity
            release_date
            report_date
            external
            amount
            public
            advisory
            reporter_id

            
              375928
              Critical
              March 30, 2010
              2007-03-29 19:52:18
              0
              0
              1
              1
              161

            
              411835
              Critical
              December 9, 2010
              2008-01-10 18:34:45
              0
              0
              1
              1
              92

            
              424558
              Moderate
              June 22, 2010
              2008-03-22 11:47:14
              0
              0
              1
              1
              26

            
              452093
              Low
              March 30, 2010
              2008-08-25 09:26:56
              
              0
              1
              1
              101

            
              468563
              Critical
              December 9, 2010
              2008-12-08 20:22:22
              0
              0
              1
              1
              92

            
              475585
              Low
              June 22, 2010
              2009-01-27 12:18:00
              
              0
              1
              1
              88

            
              476547
              Critical
              October 19, 2010
              2009-02-02 16:15:05
              0
              0
              1
              1
              92

            
              484890
              Critical
              June 22, 2010
              2009-03-23 16:26:38
              0
              0
              1
              1
              36

            
              488850
              Critical
              March 30, 2010
              2009-04-17 08:05:56
              0
              0
              1
              1
              113

            
              490790
              Low
              March 30, 2010
              2009-04-30 01:32:29
              
              0
              1
              1
              164

            
              491722
              Critical
              March 30, 2010
              2009-05-06 12:28:48
              0
              0
              1
              1
              161

            
              496011
              Critical
              March 30, 2010
              2009-06-02 14:27:23
              0
              0
              1
              1
              92

            
              499844
              Critical
              March 30, 2010
              2009-06-22 17:18:55
              0
              0
              1
              1
              92

            
              499862
              Critical
              March 30, 2010
              2009-06-22 18:58:33
              0
              0
              1
              1
              92

            
              504014
              Low
              January 31, 2012
              2009-07-13 20:59:35
              
              0
              1
              1
              68

            
              504021
              Critical
              March 30, 2010
              2009-07-13 21:45:21
              0
              0
              1
              1
              124

            
              507775
              Critical
              July 20, 2010
              2009-07-31 21:53:52
              0
              0
              1
              1
              162

            
              509075
              Critical
              October 19, 2010
              2009-08-07 11:18:08
              0
              0
              1
              1
              143

            
              509839
              Critical
              June 22, 2010
              2009-08-11 15:35:56
              0
              0
              1
              1
              113

            
              520189
              Moderate
              September 7, 2010
              2009-10-02 09:28:09
              
              0
              1
              1
              39

            
              524223
              Moderate
              July 20, 2010
              2009-10-23 15:52:01
              
              0
              1
              1
              103

            
              524921
              Critical
              June 22, 2010
              2009-10-28 01:27:50
              0
              0
              1
              1
              37

            
              526449
              Critical
              June 22, 2010
              2009-11-04 03:13:23
              0
              0
              1
              1
              77

            
              527276
              
              December 9, 2010
              2009-11-07 18:19:40
              0
              0
              1
              1
              82

            
              527935
              Moderate
              April 28, 2011
              2009-11-11 09:02:34
              
              0
              1
              1
              39

            
              528644
              Critical
              July 20, 2010
              2009-11-13 15:59:06
              0
              0
              1
              1
              66

            
              529087
              Critical
              July 20, 2010
              2009-11-16 12:18:39
              0
              0
              1
              1
              118

            
              530955
              Critical
              July 20, 2010
              2009-11-24 17:44:18
              0
              0
              1
              1
              93

            
              531176
              Critical
              June 22, 2010
              2009-11-25 15:21:15
              0
              0
              1
              1
              94

            
              531364
              High
              March 23, 2010
              2009-11-27 02:01:19
              0
              0
              1
              1
              124

            
              532246
              Critical
              June 22, 2010
              2009-12-01 17:08:54
              0
              0
              1
              1
              34

            
              532730
              Critical
              September 7, 2010
              2009-12-03 12:49:39
              0
              0
              1
              1
              138

            
              534082
              Critical
              March 23, 2010
              2009-12-10 16:24:14
              0
              0
              1
              1
              26

            
              534666
              Critical
              June 22, 2010
              2009-12-14 10:25:55
              0
              0
              1
              1
              34

            
              534768
              Critical
              June 22, 2010
              2009-12-14 16:51:15
              0
              0
              1
              1
              92

            
              535641
              Critical
              March 23, 2010
              2009-12-17 12:49:23
              0
              0
              1
              1
              42

            
              535806
              Low
              March 23, 2010
              2009-12-18 08:44:17
              
              0
              1
              1
              164

            
              535926
              Critical
              July 20, 2010
              2009-12-18 20:07:08
              0
              0
              1
              1
              92

            
              536466
              Moderate
              July 20, 2010
              2009-12-22 14:28:07
              
              0
              1
              1
              89

            
              537120
              Moderate
              June 22, 2010
              2009-12-29 10:15:03
              
              0
              1
              1
              34

            
              537862
              Low
              March 23, 2010
              2010-01-04 19:05:10
              
              0
              1
              1
              58

            
              538065
              Critical
              March 23, 2010
              2010-01-05 17:54:49
              0
              0
              1
              1
              92

            
              538308
              Critical
              March 30, 2010
              2010-01-06 16:53:13
              0
              0
              1
              1
              60

            
              538310
              Critical
              March 30, 2010
              2010-01-06 17:05:47
              0
              0
              1
              1
              34

            
              540100
              Critical
              March 30, 2010
              2010-01-15 16:38:30
              0
              0
              1
              1
              34

            
              540642
              Moderate
              March 23, 2010
              2010-01-19 10:01:53
              
              0
              1
              1
              161

            
              541255
              Critical
              August 16, 2011
              2010-01-21 16:20:15
              0
              0
              1
              1
              66

            
              541530
              High
              March 23, 2010
              2010-01-22 15:25:31
              0
              0
              1
              1
              130

            
              542136
              Critical
              March 30, 2010
              2010-01-25 17:32:53
              0
              0
              1
              1
              92

            
              542849
              Critical
              March 23, 2010
              2010-01-28 12:56:55
              0
              0
              1
              1
              26

            
              545755
              High
              March 30, 2010
              2010-02-11 14:45:50
              
              0
              1
              1
              97

            
              546530
              Critical
              March 30, 2010
              2010-02-16 14:59:17
              0
              0
              1
              1
              61

            
              546611
              Critical
              June 22, 2010
              2010-02-17 02:43:28
              0
              0
              1
              1
              66

            
              546909
              Critical
              March 30, 2010
              2010-02-18 03:57:33
              0
              0
              1
              1
              39

            
              547143
              Moderate
              March 23, 2010
              2010-02-18 19:36:24
              
              0
              1
              1
              60

            
              551233
              Moderate
              June 22, 2010
              2010-03-09 11:49:31
              0
              0
              1
              1
              28

            
              551661
              Critical
              June 22, 2010
              2010-03-11 03:23:09
              0
              0
              1
              1
              85

            
              552002
              
              September 27, 2011
              
              0
              0
              0
              1

            
              552090
              Low
              September 7, 2010
              2010-03-12 15:11:33
              
              0
              1
              1
              70

            
              552110
              Critical
              July 20, 2010
              2010-03-12 16:20:57
              0
              0
              1
              1
              34

            
              552216
              Critical
              March 22, 2010
              2010-03-13 13:41:54
              0
              0
              1
              1
              34

            
              552255
              Moderate
              June 22, 2010
              2010-03-14 00:47:47
              
              0
              1
              1
              104

            
              553938
              Critical
              June 22, 2010
              2010-03-21 14:02:37
              0
              0
              1
              1
              52

            
              554255
              Critical
              June 22, 2010
              2010-03-22 23:32:11
              0
              0
              1
              1
              60

            
              554354
              Moderate
              October 19, 2010
              2010-03-23 09:53:25
              
              0
              1
              1
              148

            
              554449
              Critical
              December 9, 2010
              2010-03-23 14:02:20
              0
              0
              1
              1
              124

            
              554670
              Critical
              October 19, 2010
              2010-03-24 09:54:17
              0
              0
              1
              1
              66

            
              555018
              Moderate
              September 27, 2011
              2010-03-25 12:24:14
              0
              0
              1
              1
              91

            
              555109
              Critical
              April 1, 2010
              2010-03-25 17:20:52
              0
              0
              1
              1
              145

            
              556734
              High
              October 19, 2010
              2010-04-02 04:31:19
              0
              0
              1
              1
              145

            
              556957
              Moderate
              July 20, 2010
              2010-04-02 21:11:14
              
              0
              1
              1
              104

            
              557174
              Critical
              June 22, 2010
              2010-04-04 23:59:26
              0
              0
              1
              1
              145

            
              557946
              Critical
              June 22, 2010
              2010-04-07 16:25:51
              0
              0
              1
              1
              59

            
              558531
              Critical
              March 1, 2011
              2010-04-10 00:40:08
              0
              0
              1
              1
              66

            
              558541
              Critical
              March 1, 2011
              2010-04-10 05:17:31
              0
              0
              1
              1
              95

            
              558618
              Critical
              July 20, 2010
              2010-04-10 21:13:00
              0
              0
              1
              1
              59

            
              558633
              Critical
              March 1, 2011
              2010-04-11 01:50:13
              0
              0
              1
              1
              66

            
              559241
              Critical
              July 20, 2010
              2010-04-13 18:17:00
              0
              0
              1
              1
              118

            
              559344
              Critical
              October 19, 2010
              2010-04-14 08:50:45
              0
              0
              1
              1
              161

            
              561031
              Critical
              June 22, 2010
              2010-04-22 00:39:54
              0
              0
              1
              1
              66

            
              561539
              Critical
              July 20, 2010
              2010-04-24 02:13:19
              0
              0
              1
              1
              66

            
              561592
              Critical
              June 22, 2010
              2010-04-24 17:56:46
              0
              0
              1
              1
              65

            
              562442
              High
              December 20, 2011
              2010-04-28 13:09:45
              0
              0
              1
              1
              129

            
              562547
              Critical
              March 1, 2011
              2010-04-28 19:39:03
              
              0
              1
              1
              60

            
              563243
              Critical
              March 1, 2011
              2010-05-02 10:14:18
              0
              0
              1
              1
              66

            
              563618
              Critical
              March 1, 2011
              2010-05-04 03:42:59
              0
              0
              1
              1
              73

            
              564461
              Critical
              September 7, 2010
              2010-05-07 10:24:52
              0
              0
              1
              1
              92

            
              564679
              Moderate
              July 20, 2010
              2010-05-09 06:09:50
              
              0
              1
              1
              142

            
              564705
              Low
              July 20, 2010
              2010-05-09 15:01:35
              0
              0
              1
              1
              92

            
              566136
              Critical
              July 20, 2010
              2010-05-15 08:42:19
              0
              0
              1
              1
              77

            
              566141
              Critical
              October 19, 2010
              2010-05-15 10:02:13
              0
              0
              1
              1
              77

            
              567059
              Critical
              July 20, 2010
              2010-05-19 22:59:56
              0
              0
              1
              1
              66

            
              567069
              Critical
              July 20, 2010
              2010-05-20 01:57:21
              0
              0
              1
              1
              124

            
              568073
              Critical
              October 19, 2010
              2010-05-25 14:24:11
              0
              0
              1
              1
              77

            
              568148
              High
              July 20, 2010
              2010-05-25 20:03:42
              0
              0
              1
              1
              173

            
              568303
              Critical
              October 19, 2010
              2010-05-26 12:19:01
              0
              0
              1
              1
              77

            
              568465
              Critical
              September 7, 2010
              2010-05-27 05:51:28
              0
              0
              1
              1
              77

            
              568564
              Moderate
              July 20, 2010
              2010-05-27 10:55:23
              
              0
              1
              1
              40

            
              568855
              Critical
              July 20, 2010
              2010-05-28 09:32:49
              0
              0
              1
              1
              92

            
              569162
              Critical
              December 9, 2010
              2010-05-30 16:38:35
              0
              0
              1
              1
              65

            
              569384
              Critical
              March 1, 2011
              2010-06-01 10:27:30
              0
              0
              1
              1
              66

            
              570451
              Critical
              July 20, 2010
              2010-06-06 23:40:19
              0
              0
              1
              1
              16

            
              570657
              Critical
              July 20, 2010
              2010-06-07 21:31:23
              0
              0
              1
              1
              61

            
              571106
              Critical
              July 20, 2010
              2010-06-09 15:12:54
              0
              0
              1
              1
              145

            
              571287
              High
              July 20, 2010
              2010-06-10 11:13:54
              0
              0
              1
              1
              165

            
              571995
              Critical
              December 9, 2010
              2010-06-14 15:22:43
              0
              0
              1
              1
              92

            
              572129
              Critical
              August 16, 2011
              2010-06-15 08:32:25
              0
              0
              1
              1
              124

            
              572232
              Critical
              September 7, 2010
              2010-06-15 15:56:34
              0
              0
              1
              1
              95

            
              572985
              Critical
              July 20, 2010
              2010-06-18 00:27:14
              0
              0
              1
              1
              145

            
              572986
              Critical
              July 20, 2010
              2010-06-18 00:33:50
              0
              0
              1
              1
              145

            
              573873
              High
              March 1, 2011
              2010-06-22 17:06:02
              0
              0
              1
              1
              103

            
              574059
              Critical
              July 20, 2010
              2010-06-23 11:28:27
              0
              0
              1
              1
              145

            
              574750
              Critical
              July 20, 2010
              2010-06-25 11:50:01
              0
              0
              1
              1
              56

            
              575294
              
              October 9, 2012
              
              0
              0
              0
              1

            
              575836
              Critical
              July 20, 2010
              2010-06-29 16:50:18
              0
              0
              1
              1
              56

            
              576070
              Critical
              September 7, 2010
              2010-06-30 13:13:55
              0
              0
              1
              1
              145

            
              576075
              Critical
              September 7, 2010
              2010-06-30 13:22:35
              
              0
              1
              1
              145

            
              576447
              Critical
              September 7, 2010
              2010-07-01 22:00:17
              0
              0
              1
              1
              145

            
              576616
              High
              October 19, 2010
              2010-07-02 13:08:13
              0
              0
              1
              1
              155

            
              576649
              Critical
              March 1, 2011
              2010-07-02 15:09:00
              0
              0
              1
              1
              92

            
              577512
              Low
              June 22, 2010
              2010-07-08 10:13:57
              
              0
              1
              1
              60

            
              578697
              Moderate
              October 19, 2010
              2010-07-14 10:00:08
              
              0
              1
              1
              133

            
              579593
              Critical
              September 7, 2010
              2010-07-16 18:29:58
              1
              3000
              1
              1
              4

            
              579655
              Critical
              September 7, 2010
              2010-07-17 09:01:56
              0
              0
              1
              1
              60

            
              579744
              High
              September 7, 2010
              2010-07-18 09:39:02
              1
              3000
              1
              1
              105

            
              580151
              Critical
              October 19, 2010
              2010-07-19 19:54:22
              0
              0
              1
              1
              92

            
              580445
              Critical
              September 7, 2010
              2010-07-20 16:50:01
              0
              0
              1
              1
              145

            
              581784
              Critical
              September 7, 2010
              2010-07-25 02:48:52
              0
              0
              1
              1
              66

            
              583077
              Critical
              October 19, 2010
              2010-07-29 14:05:02
              0
              0
              1
              1
              17

            
              583225
              Critical
              September 7, 2010
              2010-07-30 05:59:08
              0
              0
              1
              1
              139

            
              583520
              Critical
              September 7, 2010
              2010-07-31 16:13:08
              0
              0
              1
              1
              34

            
              583957
              Critical
              October 19, 2010
              2010-08-02 19:25:02
              0
              0
              1
              1
              92

            
              584180
              Critical
              September 7, 2010
              2010-08-03 13:53:56
              0
              0
              1
              1
              130

            
              584357
              Critical
              September 7, 2010
              2010-08-04 07:21:30
              0
              0
              1
              1
              36

            
              584512
              Critical
              September 7, 2010
              2010-08-04 14:43:51
              0
              0
              1
              1
              152

            
              585284
              High
              September 7, 2010
              2010-08-07 04:14:56
              0
              0
              1
              1
              124

            
              585815
              Critical
              September 7, 2010
              2010-08-09 17:05:39
              0
              0
              1
              1
              145

            
              588233
              Critical
              
              2010-08-17 16:55:40
              1
              3000
              1
              0
              108

            
              588929
              Critical
              October 19, 2010
              2010-08-19 13:20:47
              1
              3000
              1
              1
              152

            
              589041
              Critical
              December 9, 2010
              2010-08-19 20:11:40
              1
              3000
              1
              1
              68

            
              589190
              Critical
              October 19, 2010
              2010-08-20 09:16:01
              0
              0
              1
              1
              61

            
              590116
              Critical
              October 19, 2010
              2010-08-24 07:20:36
              1
              3000
              1
              1
              153

            
              590291
              Critical
              October 19, 2010
              2010-08-24 13:44:40
              0
              0
              1
              1
              113

            
              590753
              Moderate
              October 19, 2010
              2010-08-25 15:53:02
              0
              0
              1
              1
              69

            
              590771
              Critical
              December 9, 2010
              2010-08-25 16:22:33
              0
              0
              1
              1
              145

            
              592477
              Critical
              
              2010-08-31 15:34:38
              1
              3000
              1
              0
              172

            
              593174
              Moderate
              
              2010-09-02 15:37:13
              1
              3000
              1
              0
              64

            
              594547
              Critical
              December 9, 2010
              2010-09-08 14:26:45
              1
              3000
              1
              1
              172

            
              594760
              Critical
              October 19, 2010
              2010-09-09 07:05:29
              0
              0
              1
              1
              36

            
              595300
              
              October 19, 2010
              2010-09-10 12:53:15
              
              0
              1
              1
              171

            
              596232
              Critical
              March 1, 2011
              2010-09-14 08:32:07
              0
              0
              1
              1
              36

            
              597162
              Critical
              June 21, 2011
              2010-09-16 13:11:02
              0
              0
              1
              1
              60

            
              598669
              Critical
              October 19, 2010
              2010-09-22 09:39:39
              0
              0
              1
              1
              34

            
              599166
              Critical
              December 9, 2010
              2010-09-23 16:21:14
              0
              0
              1
              1
              29

            
              599468
              Critical
              December 9, 2010
              2010-09-24 13:02:35
              0
              0
              1
              1
              145

            
              599607
              Critical
              December 9, 2010
              2010-09-25 05:47:25
              0
              0
              1
              1
              77

            
              599610
              
              March 1, 2011
              
              0
              0
              0
              1

            
              600853
              Critical
              March 1, 2011
              2010-09-30 08:37:08
              0
              0
              1
              1
              77

            
              600974
              Critical
              March 1, 2011
              2010-09-30 14:23:25
              0
              0
              1
              1
              54

            
              601102
              Critical
              April 28, 2011
              2010-10-01 05:11:17
              0
              0
              1
              1
              149

            
              601429
              Moderate
              December 9, 2010
              2010-10-02 20:18:54
              
              0
              1
              1
              12

            
              601699
              Critical
              December 9, 2010
              2010-10-04 12:32:08
              0
              0
              1
              1
              92

            
              602115
              Critical
              March 1, 2011
              2010-10-05 17:53:38
              0
              0
              1
              1
              92

            
              602780
              High
              December 9, 2010
              2010-10-07 22:05:09
              1
              3000
              1
              1
              104

            
              603333
              Critical
              
              2010-10-11 07:32:28
              1
              3000
              1
              0
              161

            
              604843
              Critical
              December 9, 2010
              2010-10-15 19:43:06
              0
              0
              1
              1
              92

            
              605307
              Critical
              December 9, 2010
              2010-10-18 15:37:35
              0
              0
              1
              1
              137

            
              605672
              Critical
              March 1, 2011
              2010-10-19 17:08:40
              0
              0
              1
              1
              92

            
              606997
              Critical
              
              2010-10-25 10:13:34
              1
              3000
              1
              0
              20

            
              607160
              Critical
              March 1, 2011
              2010-10-25 16:58:29
              1
              3000
              1
              1
              17

            
              607222
              Critical
              October 27, 2010
              2010-10-25 21:28:45
              0
              0
              1
              1
              145

            
              608336
              Critical
              December 9, 2010
              2010-10-29 11:38:57
              1
              3000
              1
              1
              57

            
              609437
              Critical
              December 9, 2010
              2010-11-03 16:37:36
              1
              3000
              1
              1
              167

            
              610223
              High
              
              2010-11-07 08:02:00
              1
              3000
              1
              0
              44

            
              610498
              Critical
              
              2010-11-08 15:10:55
              1
              3000
              1
              0
              83

            
              610525
              Low
              December 9, 2010
              2010-11-08 16:15:12
              0
              0
              1
              1
              156

            
              610601
              Critical
              March 1, 2011
              2010-11-09 00:23:08
              1
              3000
              1
              1
              89

            
              611897
              High
              December 9, 2010
              2010-11-12 16:57:38
              0
              0
              1
              1
              156

            
              613376
              Critical
              March 1, 2011
              2010-11-18 16:01:06
              0
              0
              1
              1
              129

            
              614151
              Low
              August 16, 2011
              2010-11-22 19:31:09
              0
              0
              1
              1
              92

            
              614499
              Critical
              March 1, 2011
              2010-11-24 00:16:23
              0
              0
              1
              1
              92

            
              615147
              Critical
              April 28, 2011
              2010-11-28 18:31:01
              0
              0
              1
              1
              118

            
              615657
              Critical
              March 1, 2011
              2010-11-30 12:21:22
              1
              3000
              1
              1
              44

            
              615970
              Critical
              August 16, 2011
              2010-12-01 13:04:07
              0
              0
              1
              1
              77

            
              616009
              Critical
              March 1, 2011
              2010-12-01 15:29:57
              0
              0
              1
              1
              145

            
              616264
              Moderate
              June 21, 2011
              2010-12-02 13:28:25
              
              0
              1
              1
              55

            
              616659
              Critical
              March 1, 2011
              2010-12-03 21:38:34
              1
              3000
              1
              1
              71

            
              617247
              Critical
              June 21, 2011
              2010-12-06 20:17:05
              1
              3000
              1
              1
              114

            
              617935
              Critical
              
              2010-12-09 07:34:53
              1
              3000
              1
              0
              44

            
              618129
              Critical
              
              2010-12-09 15:57:09
              1
              3000
              1
              0
              83

            
              618362
              Critical
              
              2010-12-10 10:38:31
              1
              3000
              1
              0
              83

            
              619021
              Critical
              April 28, 2011
              2010-12-14 00:11:19
              1
              3000
              1
              1
              16

            
              619255
              Critical
              March 1, 2011
              2010-12-14 18:26:27
              0
              0
              1
              1
              77

            
              620662
              Critical
              
              2010-12-21 04:40:47
              1
              3000
              1
              0
              83

            
              621137
              Critical
              
              2010-12-23 03:52:27
              1
              3000
              1
              0
              44

            
              621202
              Critical
              
              2010-12-23 12:30:42
              1
              3000
              1
              0
              44

            
              622015
              Critical
              March 1, 2011
              2010-12-29 16:00:10
              0
              0
              1
              1
              145

            
              622167
              High
              
              2010-12-30 13:02:29
              1
              3000
              1
              0
              44

            
              623297
              Critical
              
              2011-01-05 12:34:33
              1
              3000
              1
              0
              44

            
              623301
              Critical
              
              2011-01-05 12:57:45
              1
              3000
              1
              0
              44

            
              623791
              Critical
              April 28, 2011
              2011-01-06 17:44:58
              0
              0
              1
              1
              43

            
              623863
              Critical
              
              2011-01-07 02:24:20
              1
              3000
              1
              0
              44

            
              623998
              Critical
              April 28, 2011
              2011-01-07 12:49:32
              1
              3000
              1
              1
              76

            
              624187
              Critical
              April 28, 2011
              2011-01-08 13:13:37
              1
              3000
              1
              1
              114

            
              624439
              Critical
              
              2011-01-10 10:40:13
              1
              3000
              1
              0
              44

            
              624621
              Moderate
              April 24, 2012
              2011-01-10 20:09:30
              
              0
              1
              1
              155

            
              624764
              Moderate
              April 28, 2011
              2011-01-11 09:58:53
              
              3000
              1
              1
              80

            
              626262
              High
              June 21, 2011
              2011-01-16 13:54:37
              0
              0
              1
              1
              92

            
              626297
              High
              
              2011-01-16 18:00:32
              1
              3000
              1
              0
              157

            
              626464
              Critical
              
              2011-01-17 11:14:53
              1
              3000
              1
              0
              44

            
              626631
              Critical
              March 1, 2011
              2011-01-18 06:46:02
              1
              3000
              1
              1
              49

            
              626745
              Critical
              
              2011-01-18 12:25:11
              1
              3000
              1
              0
              157

            
              629650
              Critical
              
              2011-01-28 05:12:54
              1
              3000
              1
              0
              44

            
              629858
              Moderate
              June 21, 2011
              2011-01-29 01:06:51
              0
              0
              1
              1
              66

            
              630865
              Critical
              
              2011-02-02 07:54:22
              1
              3000
              1
              0
              83

            
              630919
              Critical
              April 28, 2011
              2011-02-02 10:29:19
              0
              0
              1
              1
              145

            
              632206
              Critical
              August 16, 2011
              2011-02-07 15:04:46
              0
              0
              1
              1
              66

            
              633691
              Moderate
              July 17, 2012
              2011-02-11 22:02:38
              
              0
              1
              1
              119

            
              634257
              Moderate
              April 28, 2011
              2011-02-15 06:30:44
              0
              0
              1
              1
              73

            
              634444
              
              October 9, 2012
              2011-02-15 15:46:23
              0
              0
              1
              1
              74

            
              634724
              
              April 28, 2011
              
              0
              0
              0
              1

            
              634983
              Critical
              April 28, 2011
              2011-02-17 11:19:23
              0
              0
              1
              1
              34

            
              634986
              Critical
              April 28, 2011
              2011-02-17 11:26:49
              0
              0
              1
              1
              34

            
              635235
              Moderate
              June 21, 2011
              2011-02-18 07:10:44
              0
              0
              1
              1
              66

            
              635705
              Critical
              April 28, 2011
              2011-02-21 06:28:11
              1
              3000
              1
              1
              76

            
              635776
              High
              
              2011-02-21 13:47:56
              1
              3000
              1
              0
              71

            
              635977
              Moderate
              April 28, 2011
              2011-02-22 13:08:04
              1
              3000
              1
              1
              16

            
              637621
              Critical
              April 28, 2011
              2011-03-01 04:12:43
              0
              0
              1
              1
              92

            
              637957
              Moderate
              April 28, 2011
              2011-03-01 17:44:47
              0
              0
              1
              1
              107

            
              638018
              Critical
              June 21, 2011
              2011-03-01 22:49:22
              1
              3000
              1
              1
              89

            
              638236
              Critical
              April 28, 2011
              2011-03-02 14:12:10
              0
              0
              1
              1
              26

            
              639303
              Critical
              June 21, 2011
              2011-03-06 06:13:21
              0
              0
              1
              1
              38

            
              639343
              Critical
              April 28, 2011
              2011-03-06 09:59:49
              0
              0
              1
              1
              66

            
              639648
              Critical
              June 21, 2011
              2011-03-07 15:35:47
              0
              0
              1
              1
              137

            
              639728
              Critical
              April 28, 2011
              2011-03-07 19:32:27
              0
              0
              1
              1
              92

            
              639885
              Moderate
              April 28, 2011
              2011-03-08 10:00:18
              0
              0
              1
              1
              159

            
              640339
              Low
              April 28, 2011
              2011-03-09 14:28:42
              
              0
              1
              1
              60

            
              641388
              Critical
              April 28, 2011
              2011-03-13 15:09:00
              0
              0
              1
              1
              137

            
              641630
              High
              April 28, 2011
              2011-03-14 13:41:51
              0
              0
              1
              1
              103

            
              642338
              Critical
              June 21, 2011
              2011-03-16 17:53:41
              0
              0
              1
              1
              100

            
              642395
              High
              March 22, 2011
              2011-03-17 02:44:13
              0
              0
              1
              1
              60

            
              642469
              High
              August 16, 2011
              2011-03-17 09:07:57
              1
              3000
              1
              1
              8

            
              642717
              Critical
              April 28, 2011
              2011-03-17 20:36:58
              0
              0
              1
              1
              40

            
              642734
              Critical
              June 21, 2011
              2011-03-17 23:35:50
              0
              0
              1
              1
              26

            
              643051
              
              June 21, 2011
              2011-03-18 17:21:05
              0
              0
              1
              1
              41

            
              643062
              Critical
              August 16, 2011
              2011-03-18 18:27:25
              0
              0
              1
              1
              137

            
              643450
              Critical
              August 16, 2011
              2011-03-21 09:51:05
              0
              0
              1
              1
              124

            
              643649
              Moderate
              April 28, 2011
              2011-03-21 17:35:55
              0
              0
              1
              1
              131

            
              643839
              Critical
              June 21, 2011
              2011-03-22 11:47:45
              0
              0
              1
              1
              66

            
              643927
              Critical
              June 21, 2011
              2011-03-22 14:52:15
              0
              0
              1
              1
              77

            
              643967
              Critical
              June 5, 2012
              2011-03-22 15:57:41
              0
              0
              1
              1
              77

            
              644069
              Critical
              April 28, 2011
              2011-03-23 00:02:23
              1
              3000
              1
              1
              53

            
              644682
              Critical
              April 28, 2011
              2011-03-24 10:56:37
              0
              0
              1
              1
              156

            
              645289
              Critical
              April 28, 2011
              2011-03-26 01:26:12
              0
              0
              1
              1
              149

            
              645565
              Critical
              April 28, 2011
              2011-03-27 15:49:32
              1
              3000
              1
              1
              76

            
              645572
              Critical
              June 21, 2011
              2011-03-27 16:21:40
              0
              0
              1
              1
              137

            
              645699
              Low
              June 21, 2011
              2011-03-28 08:09:57
              
              0
              1
              1
              124

            
              646662
              Critical
              June 21, 2011
              2011-03-30 15:44:05
              0
              0
              1
              1
              137

            
              646825
              Critical
              August 16, 2011
              2011-03-31 07:10:01
              0
              0
              1
              1
              98

            
              646968
              Critical
              November 8, 2011
              2011-03-31 13:18:08
              0
              0
              1
              1
              90

            
              648022
              Critical
              June 21, 2011
              2011-04-06 10:18:28
              0
              0
              1
              1
              129

            
              648065
              Critical
              August 16, 2011
              2011-04-06 11:54:26
              0
              0
              1
              1
              34

            
              648090
              Critical
              June 21, 2011
              2011-04-06 12:58:24
              0
              0
              1
              1
              34

            
              648094
              Critical
              August 16, 2011
              2011-04-06 13:24:11
              0
              0
              1
              1
              34

            
              648100
              Critical
              June 21, 2011
              2011-04-06 13:36:42
              0
              0
              1
              1
              34

            
              648160
              Critical
              June 21, 2011
              2011-04-06 16:34:08
              0
              0
              1
              1
              34

            
              648206
              Critical
              August 16, 2011
              2011-04-06 22:29:09
              0
              0
              1
              1
              92

            
              648705
              Critical
              June 21, 2011
              2011-04-08 20:33:17
              0
              0
              1
              1
              25

            
              649079
              High
              December 20, 2011
              2011-04-11 11:59:48
              0
              0
              1
              1
              147

            
              650001
              Moderate
              June 21, 2011
              2011-04-14 08:33:34
              
              0
              1
              1
              110

            
              650252
              High
              August 16, 2011
              2011-04-15 06:42:31
              0
              0
              1
              1
              124

            
              650273
              
              August 16, 2011
              2011-04-15 07:12:22
              0
              0
              1
              1
              124

            
              650275
              Critical
              August 16, 2011
              2011-04-15 07:14:45
              0
              0
              1
              1
              124

            
              650732
              Critical
              August 16, 2011
              2011-04-17 23:10:20
              0
              0
              1
              1
              56

            
              650874
              Critical
              June 21, 2011
              2011-04-18 11:31:37
              0
              0
              1
              1
              135

            
              651030
              Critical
              August 16, 2011
              2011-04-18 21:26:49
              0
              0
              1
              1
              92

            
              651990
              Critical
              June 21, 2011
              2011-04-21 15:11:45
              1
              3000
              1
              1
              146

            
              652054
              Critical
              November 8, 2011
              2011-04-21 23:34:55
              0
              0
              1
              1
              40

            
              652401
              Moderate
              June 21, 2011
              2011-04-24 01:39:21
              0
              0
              1
              1
              36

            
              653026
              Critical
              June 21, 2011
              2011-04-26 18:10:04
              0
              0
              1
              1
              170

            
              653238
              Critical
              June 21, 2011
              2011-04-27 14:03:22
              0
              0
              1
              1
              36

            
              653672
              Critical
              September 27, 2011
              2011-04-29 01:37:24
              1
              3000
              1
              1
              16

            
              653926
              Critical
              September 27, 2011
              2011-04-30 08:47:17
              1
              3000
              1
              1
              51

            
              654015
              Critical
              June 21, 2011
              2011-05-01 13:16:26
              0
              0
              1
              1
              92

            
              655098
              Critical
              September 27, 2011
              2011-05-05 11:41:51
              0
              0
              1
              1
              27

            
              655389
              Moderate
              September 27, 2011
              2011-05-06 15:19:25
              
              0
              1
              1
              103

            
              655649
              Moderate
              October 9, 2012
              2011-05-08 20:50:06
              0
              0
              1
              1
              126

            
              655660
              Critical
              August 16, 2011
              2011-05-09 00:30:50
              1
              3000
              1
              1
              33

            
              655742
              Critical
              June 21, 2011
              2011-05-09 09:25:57
              1
              3000
              1
              1

            
              655836
              High
              November 8, 2011
              2011-05-09 14:27:06
              1
              3000
              1
              1
              132

            
              655987
              High
              June 21, 2011
              2011-05-10 04:56:59
              
              0
              1
              1
              30

            
              656277
              Moderate
              June 21, 2011
              2011-05-11 06:50:16
              
              0
              1
              1
              30

            
              656752
              High
              June 21, 2011
              2011-05-12 14:05:16
              0
              0
              1
              1
              43

            
              657198
              Critical
              September 27, 2011
              2011-05-14 23:18:24
              0
              0
              1
              1
              66

            
              657201
              Critical
              June 21, 2011
              2011-05-15 01:42:57
              0
              0
              1
              1
              43

            
              657267
              Critical
              August 16, 2011
              2011-05-15 19:16:21
              1
              3000
              1
              1
              144

            
              657462
              Critical
              September 27, 2011
              2011-05-16 13:56:52
              1
              3000
              1
              1
              111

            
              657588
              Critical
              March 13, 2012
              2011-05-17 05:17:31
              0
              0
              1
              1
              26

            
              658864
              Critical
              September 27, 2011
              2011-05-22 04:42:35
              0
              0
              1
              1
              77

            
              659349
              High
              June 21, 2011
              2011-05-24 09:36:04
              
              3000
              1
              1
              39

            
              660453
              Critical
              September 27, 2011
              2011-05-28 08:01:53
              0
              0
              1
              1
              26

            
              660517
              Critical
              August 16, 2011
              2011-05-28 23:42:10
              0
              0
              1
              1
              92

            
              661567
              Moderate
              September 27, 2011
              2011-06-02 10:17:10
              0
              0
              1
              1
              90

            
              662132
              Critical
              August 16, 2011
              2011-06-05 01:14:42
              0
              0
              1
              1
              66

            
              662215
              Low
              September 27, 2011
              2011-06-05 19:42:18
              0
              0
              1
              1
              92

            
              662309
              Critical
              September 27, 2011
              2011-06-06 10:34:55
              0
              0
              1
              1
              60

            
              663899
              Critical
              September 27, 2011
              2011-06-13 10:59:14
              0
              0
              1
              1
              60

            
              664009
              Critical
              June 21, 2011
              2011-06-13 16:06:09
              1
              3000
              1
              1
              3

            
              664930
              Critical
              September 27, 2011
              2011-06-16 23:27:12
              0
              0
              1
              1
              92

            
              664983
              High
              August 16, 2011
              2011-06-17 05:45:30
              1
              3000
              1
              1
              127

            
              665070
              High
              November 8, 2011
              2011-06-17 11:50:32
              0
              0
              1
              1
              30

            
              665360
              Critical
              September 27, 2011
              2011-06-19 10:19:00
              0
              0
              1
              1
              26

            
              665518
              Critical
              August 16, 2011
              2011-06-20 05:50:38
              0
              0
              1
              1
              43

            
              665548
              High
              September 27, 2011
              2011-06-20 08:12:39
              0
              0
              1
              1
              40

            
              665814
              Moderate
              
              2011-06-20 18:03:57
              1
              3000
              1
              0
              11

            
              665934
              Critical
              August 16, 2011
              2011-06-21 09:47:06
              1
              3000
              1
              1
              7

            
              665936
              Critical
              August 16, 2011
              2011-06-21 09:56:08
              1
              3000
              1
              1
              7

            
              667011
              Critical
              September 27, 2011
              2011-06-24 12:10:47
              0
              0
              1
              1
              47

            
              667092
              Critical
              August 16, 2011
              2011-06-24 15:35:53
              0
              0
              1
              1
              113

            
              667315
              Critical
              August 16, 2011
              2011-06-26 11:47:17
              0
              0
              1
              1
              163

            
              667507
              Critical
              September 27, 2011
              2011-06-27 10:15:10
              0
              0
              1
              1
              66

            
              667512
              Critical
              August 16, 2011
              2011-06-27 10:30:39
              0
              0
              1
              1
              113

            
              668245
              Critical
              August 16, 2011
              2011-06-29 10:01:17
              0
              0
              1
              1
              26

            
              668941
              Critical
              September 27, 2011
              2011-07-01 19:30:30
              0
              0
              1
              1
              92

            
              669228
              Critical
              September 27, 2011
              2011-07-04 15:56:07
              0
              0
              1
              1
              92

            
              669584
              Critical
              August 16, 2011
              2011-07-06 03:49:38
              0
              0
              1
              1
              96

            
              670317
              Moderate
              June 5, 2012
              2011-07-08 23:52:07
              0
              0
              1
              1
              92

            
              670319
              Critical
              September 27, 2011
              2011-07-09 00:02:30
              0
              0
              1
              1
              92

            
              670514
              High
              June 5, 2012
              2011-07-10 05:38:54
              1
              3000
              1
              1
              39

            
              671160
              High
              November 8, 2011
              2011-07-12 18:48:09
              0
              0
              1
              1
              118

            
              671756
              Critical
              September 27, 2011
              2011-07-14 20:48:42
              0
              0
              1
              1
              65

            
              672182
              
              November 8, 2011
              
              0
              0
              0
              1

            
              672436
              Critical
              September 27, 2011
              2011-07-18 20:50:55
              0
              0
              1
              1
              26

            
              672485
              Critical
              September 27, 2011
              2011-07-19 06:34:26
              1
              3000
              1
              1
              111

            
              672789
              Critical
              August 16, 2011
              2011-07-20 07:10:44
              1
              3000
              1
              1
              15

            
              672892
              Critical
              November 8, 2011
              2011-07-20 12:02:59
              0
              0
              1
              1
              44

            
              673757
              Critical
              September 27, 2011
              2011-07-24 00:42:28
              0
              0
              1
              1
              92

            
              674042
              Critical
              August 16, 2011
              2011-07-25 13:38:58
              1
              3000
              1
              1
              22

            
              674182
              Critical
              November 8, 2011
              2011-07-26 01:53:59
              0
              0
              1
              1
              124

            
              674545
              Critical
              August 16, 2011
              2011-07-27 08:36:22
              0
              0
              1
              1
              26

            
              674776
              Critical
              November 8, 2011
              2011-07-27 17:04:44
              1
              3000
              1
              1
              108

            
              674843
              Critical
              November 8, 2011
              2011-07-28 02:32:26
              0
              0
              1
              1
              44

            
              675515
              Critical
              November 8, 2011
              2011-07-31 12:37:44
              0
              0
              1
              1
              92

            
              675747
              Critical
              September 27, 2011
              2011-08-01 14:41:07
              1
              3000
              1
              1
              151

            
              676918
              High
              November 8, 2011
              2011-08-05 13:01:15
              0
              0
              1
              1
              30

            
              677847
              Critical
              November 8, 2011
              2011-08-09 22:27:02
              0
              0
              1
              1
              26

            
              678818
              Critical
              September 27, 2011
              2011-08-14 06:07:12
              0
              0
              1
              1
              92

            
              679494
              
              December 20, 2011
              2011-08-16 13:57:35
              0
              0
              1
              1
              141

            
              679588
              
              August 16, 2011
              2011-08-16 20:05:44
              0
              0
              1
              1
              140

            
              679593
              Critical
              November 8, 2011
              2011-08-16 20:43:55
              0
              0
              1
              1
              170

            
              679986
              High
              December 20, 2011
              2011-08-17 21:41:25
              0
              0
              1
              1
              44

            
              680687
              Critical
              December 20, 2011
              2011-08-20 11:35:56
              0
              0
              1
              1
              92

            
              680840
              Critical
              September 27, 2011
              2011-08-22 00:01:05
              0
              0
              1
              1
              60

            
              680880
              Critical
              November 8, 2011
              2011-08-22 06:19:19
              0
              0
              1
              1
              124

            
              682252
              High
              December 20, 2011
              2011-08-26 04:12:27
              0
              0
              1
              1
              44

            
              682335
              Critical
              September 27, 2011
              2011-08-26 10:49:00
              1
              3000
              1
              1
              2

            
              682562
              
              September 27, 2011
              
              
              0
              0
              1

            
              682727
              Critical
              November 8, 2011
              2011-08-28 11:09:57
              1
              3000
              1
              1
              146

            
              684555
              Critical
              March 13, 2012
              2011-09-03 20:38:55
              1
              3000
              1
              1
              31

            
              684815
              Critical
              September 27, 2011
              2011-09-06 03:35:29
              1
              3000
              1
              1
              112

            
              684882
              High
              November 8, 2011
              2011-09-06 09:42:53
              0
              0
              1
              1
              45

            
              685186
              Critical
              December 20, 2011
              2011-09-07 09:16:18
              0
              0
              1
              1
              54

            
              685321
              Critical
              December 20, 2011
              2011-09-07 14:54:11
              0
              0
              1
              1
              44

            
              686044
              Critical
              November 8, 2011
              2011-09-09 16:14:33
              0
              0
              1
              1
              92

            
              686107
              Critical
              December 20, 2011
              2011-09-10 03:10:49
              0
              0
              1
              1
              44

            
              687745
              High
              April 24, 2012
              2011-09-19 18:26:11
              1
              3000
              1
              1
              89

            
              688208
              Critical
              March 13, 2012
              2011-09-21 10:31:51
              0
              0
              1
              1
              116

            
              688364
              Critical
              December 20, 2011
              2011-09-21 21:18:29
              0
              0
              1
              1
              32

            
              688974
              Critical
              December 20, 2011
              2011-09-24 05:58:30
              0
              0
              1
              1
              44

            
              689892
              Critical
              December 20, 2011
              2011-09-28 03:26:18
              0
              0
              1
              1
              44

            
              690225
              High
              November 8, 2011
              2011-09-28 20:56:20
              1
              3000
              1
              1
              173

            
              690376
              Critical
              December 20, 2011
              2011-09-29 08:47:51
              0
              0
              1
              1
              66

            
              691299
              Critical
              December 20, 2011
              2011-10-03 05:30:12
              1
              3000
              1
              1
              16

            
              691746
              Critical
              December 20, 2011
              2011-10-04 07:17:06
              0
              0
              1
              1
              44

            
              691873
              Critical
              December 20, 2011
              2011-10-04 12:08:31
              0
              0
              1
              1
              86

            
              693143
              Critical
              December 20, 2011
              2011-10-09 04:13:44
              0
              0
              1
              1
              149

            
              693144
              Critical
              December 20, 2011
              2011-10-09 04:29:06
              0
              0
              1
              1
              44

            
              693399
              Critical
              January 31, 2012
              2011-10-10 12:50:21
              0
              0
              1
              1
              92

            
              694200
              Critical
              December 20, 2011
              2011-10-12 16:58:00
              0
              0
              1
              1
              44

            
              694576
              Moderate
              April 24, 2012
              2011-10-14 08:57:41
              
              0
              1
              1
              154

            
              694953
              Critical
              November 8, 2011
              2011-10-17 05:15:26
              1
              3000
              1
              1
              16

            
              695076
              Critical
              January 31, 2012
              2011-10-17 11:40:19
              0
              0
              1
              1
              30

            
              696579
              Critical
              December 20, 2011
              2011-10-22 06:54:07
              0
              0
              1
              1
              106

            
              696748
              Critical
              January 31, 2012
              2011-10-24 06:20:30
              0
              0
              1
              1
              44

            
              697255
              Critical
              December 20, 2011
              2011-10-25 14:13:06
              0
              0
              1
              1
              66

            
              699033
              Critical
              March 13, 2012
              2011-11-02 07:04:06
              0
              0
              1
              1
              44

            
              699594
              Moderate
              June 5, 2012
              2011-11-03 14:53:26
              0
              0
              1
              1
              77

            
              700512
              High
              December 20, 2011
              2011-11-07 16:51:02
              0
              0
              1
              1
              102

            
              701071
              High
              January 31, 2012
              2011-11-09 09:59:55
              1
              3000
              1
              1
              1

            
              701248
              Critical
              December 20, 2011
              2011-11-09 17:10:12
              0
              0
              1
              1
              44

            
              701259
              Critical
              December 20, 2011
              2011-11-09 18:09:48
              1
              3000
              1
              1
              151

            
              701637
              Critical
              December 20, 2011
              2011-11-11 00:11:57
              0
              0
              1
              1
              26

            
              701806
              Critical
              January 31, 2012
              2011-11-11 11:45:18
              1
              3000
              1
              1
              16

            
              702466
              Critical
              January 31, 2012
              2011-11-14 15:41:40
              1
              3000
              1
              1
              136

            
              704354
              Moderate
              March 13, 2012
              2011-11-21 16:31:06
              
              3000
              1
              1
              80

            
              704482
              Moderate
              December 20, 2011
              2011-11-22 07:29:03
              
              0
              1
              1
              110

            
              704622
              Critical
              December 20, 2011
              2011-11-22 13:57:46
              0
              0
              1
              1
              60

            
              705347
              Critical
              January 31, 2012
              2011-11-25 11:37:46
              0
              0
              1
              1
              26

            
              705651
              Critical
              January 31, 2012
              2011-11-28 06:26:31
              0
              0
              1
              1
              124

            
              706249
              Critical
              December 20, 2011
              2011-11-29 13:36:44
              0
              0
              1
              1
              92

            
              706381
              Critical
              April 24, 2012
              2011-11-29 21:06:19
              0
              0
              1
              1
              26

            
              708186
              Critical
              December 20, 2011
              2011-12-06 22:31:44
              0
              0
              1
              1
              60

            
              708198
              Critical
              January 31, 2012
              2011-12-06 23:48:35
              0
              0
              1
              1
              60

            
              708688
              Moderate
              June 5, 2012
              2011-12-08 09:49:02
              0
              0
              1
              1
              78

            
              710079
              High
              January 31, 2012
              2011-12-12 17:03:34
              0
              0
              1
              1
              158

            
              711653
              Moderate
              March 13, 2012
              2011-12-16 16:00:35
              0
              0
              1
              1
              23

            
              712169
              Critical
              January 31, 2012
              2011-12-19 16:31:14
              0
              0
              1
              1
              44

            
              712914
              Moderate
              July 17, 2012
              2011-12-22 04:42:23
              0
              0
              1
              1
              35

            
              714590
              Critical
              March 13, 2012
              2012-01-02 01:05:49
              0
              0
              1
              1
              92

            
              714616
              Critical
              April 24, 2012
              2012-01-02 05:51:08
              0
              0
              1
              1
              44

            
              714631
              High
              April 24, 2012
              2012-01-02 07:22:52
              1
              3000
              1
              1
              84

            
              715073
              Moderate
              June 5, 2012
              2012-01-03 23:32:24
              
              3000
              1
              1
              125

            
              715319
              High
              April 24, 2012
              2012-01-04 13:44:21
              0
              0
              1
              1
              19

            
              716067
              Low
              June 5, 2012
              2012-01-06 13:58:01
              0
              0
              1
              1
              170

            
              716868
              
              January 31, 2012
              
              
              0
              0
              1

            
              717511
              Moderate
              March 13, 2012
              2012-01-11 20:17:47
              
              0
              1
              1
              63

            
              718202
              Critical
              March 13, 2012
              2012-01-14 09:50:32
              0
              0
              1
              1
              137

            
              718203
              Low
              March 13, 2012
              2012-01-14 09:53:09
              0
              0
              1
              1
              134

            
              718573
              Moderate
              April 24, 2012
              2012-01-17 00:26:59
              
              0
              1
              1
              115

            
              719612
              Critical
              January 31, 2012
              2012-01-19 14:55:58
              0
              0
              1
              1
              14

            
              719750
              Critical
              August 28, 2012
              2012-01-20 03:57:29
              0
              0
              1
              1
              44

            
              719994
              Critical
              March 13, 2012
              2012-01-20 13:47:09
              1
              3000
              1
              1
              111

            
              720079
              Critical
              March 13, 2012
              2012-01-20 22:27:11
              0
              0
              1
              1
              95

            
              720103
              Critical
              March 13, 2012
              2012-01-21 01:19:04
              1
              3000
              1
              1
              23

            
              720619
              Critical
              October 11, 2012
              2012-01-23 23:20:46
              0
              0
              1
              1
              124

            
              723446
              Critical
              March 13, 2012
              2012-02-02 03:01:03
              0
              0
              1
              1
              50

            
              723465
              Critical
              June 5, 2012
              2012-02-02 04:23:53
              0
              0
              1
              1
              36

            
              723808
              
              March 13, 2012
              2012-02-02 19:29:32
              0
              0
              1
              1
              67

            
              724247
              Moderate
              July 17, 2012
              2012-02-04 06:18:11
              
              0
              1
              1
              134

            
              724284
              Critical
              February 10, 2012
              2012-02-04 10:24:11
              0
              0
              1
              1
              47

            
              724599
              Moderate
              July 17, 2012
              2012-02-06 10:28:22
              
              0
              1
              1
              48

            
              725611
              Moderate
              July 17, 2012
              2012-02-09 03:59:30
              
              0
              1
              1
              168

            
              725770
              Critical
              October 9, 2012
              2012-02-09 12:02:14
              1
              3000
              1
              1
              80

            
              726264
              
              October 9, 2012
              
              0
              0
              0
              1

            
              727303
              Moderate
              March 13, 2012
              2012-02-14 16:43:22
              
              0
              1
              1
              120

            
              727401
              Critical
              February 16, 2012
              2012-02-15 02:22:32
              0
              0
              1
              1
              75

            
              727547
              Critical
              April 24, 2012
              2012-02-15 11:21:24
              1
              3000
              1
              1
              9

            
              730425
              Critical
              March 13, 2012
              2012-02-24 13:25:01
              0
              0
              1
              1
              26

            
              732233
              Critical
              July 17, 2012
              2012-03-01 15:30:13
              0
              0
              1
              1
              30

            
              733282
              Critical
              April 24, 2012
              2012-03-05 21:13:00
              0
              0
              1
              1
              26

            
              733305
              
              January 8, 2013
              
              0
              0
              0
              1

            
              733512
              Critical
              April 24, 2012
              2012-03-06 12:56:57
              0
              0
              1
              1
              14

            
              734076
              High
              July 17, 2012
              2012-03-08 07:25:37
              0
              0
              1
              1
              124

            
              734288
              Critical
              April 24, 2012
              2012-03-08 16:45:16
              1
              3000
              1
              1
              23

            
              735104
              Critical
              March 13, 2012
              2012-03-12 16:39:30
              0
              0
              1
              1
              60

            
              736537
              Moderate
              November 20, 2012
              
              0
              0
              0
              1

            
              737129
              Critical
              April 24, 2012
              2012-03-19 12:27:29
              0
              0
              1
              1
              26

            
              737307
              High
              April 24, 2012
              2012-03-19 18:59:21
              1
              3000
              1
              1
              46

            
              737559
              Moderate
              July 17, 2012
              2012-03-20 11:48:25
              0
              0
              1
              1
              92

            
              738841
              Moderate
              July 17, 2012
              2012-03-23 16:05:08
              0
              0
              1
              1
              66

            
              738985
              Critical
              April 24, 2012
              2012-03-24 13:21:36
              1
              3000
              1
              1
              16

            
              739172
              Moderate
              
              2012-03-26 03:18:55
              
              3000
              1
              0
              46

            
              739343
              Critical
              June 18, 2012
              2012-03-26 12:38:27
              0
              0
              1
              1
              48

            
              739925
              Critical
              April 24, 2012
              2012-03-28 03:12:02
              0
              0
              1
              1
              75

            
              741050
              Moderate
              
              2012-03-31 00:02:34
              
              3000
              1
              0
              104

            
              743475
              High
              April 24, 2012
              2012-04-07 15:00:33
              1
              3000
              1
              1
              117

            
              743876
              Critical
              July 17, 2012
              2012-04-09 17:18:34
              0
              0
              1
              1
              44

            
              744480
              Critical
              April 24, 2012
              2012-04-11 10:54:53
              0
              0
              1
              1
              48

            
              744541
              Moderate
              June 5, 2012
              2012-04-11 12:36:00
              0
              0
              1
              1
              79

            
              744888
              Critical
              June 5, 2012
              2012-04-12 12:12:35
              0
              0
              1
              1
              30

            
              745158
              High
              August 28, 2012
              2012-04-13 04:41:05
              0
              0
              1
              1
              44

            
              745254
              High
              June 5, 2012
              2012-04-13 10:49:17
              0
              0
              1
              1
              40

            
              745494
              Critical
              June 5, 2012
              2012-04-14 17:15:57
              0
              0
              1
              1
              92

            
              745548
              Critical
              
              2012-04-15 09:16:21
              1
              3000
              1
              0
              79

            
              745580
              
              June 5, 2012
              
              0
              0
              0
              1

            
              746855
              Moderate
              August 28, 2012
              2012-04-18 19:05:36
              
              0
              1
              1
              136

            
              746896
              Critical
              July 17, 2012
              2012-04-18 23:47:21
              0
              0
              1
              1
              92

            
              747607
              High
              November 20, 2012
              
              0
              0
              0
              1

            
              747688
              Critical
              June 5, 2012
              2012-04-21 18:31:16
              1
              3000
              1
              1
              79

            
              748119
              Critical
              August 28, 2012
              2012-04-23 14:11:50
              0
              0
              1
              1
              44

            
              748613
              
              June 5, 2012
              
              0
              0
              0
              1

            
              748764
              Critical
              June 5, 2012
              2012-04-25 07:19:21
              1
              3000
              1
              1
              5

            
              749039
              Critical
              August 28, 2012
              2012-04-25 17:46:39
              0
              0
              1
              1
              44

            
              750066
              Critical
              June 5, 2012
              2012-04-29 07:31:09
              1
              3000
              1
              1
              79

            
              750096
              High
              July 17, 2012
              2012-04-29 10:08:57
              1
              3000
              1
              1
              110

            
              750109
              Critical
              June 5, 2012
              2012-04-29 12:35:52
              1
              3000
              1
              1
              24

            
              750820
              Moderate
              July 17, 2012
              2012-05-01 11:19:24
              
              0
              1
              1
              24

            
              750850
              High
              June 5, 2012
              2012-05-01 12:39:11
              0
              0
              1
              1
              81

            
              751422
              High
              June 5, 2012
              2012-05-02 16:49:11
              1
              3000
              1
              1
              13

            
              752902
              High
              July 17, 2012
              2012-05-08 07:31:43
              1
              3000
              1
              1
              79

            
              753230
              High
              August 28, 2012
              2012-05-08 20:30:24
              0
              0
              1
              1
              43

            
              753623
              High
              August 28, 2012
              2012-05-09 18:56:35
              0
              0
              1
              1
              43

            
              754044
              
              July 17, 2012
              
              0
              0
              0
              1

            
              756241
              Critical
              August 28, 2012
              2012-05-17 13:21:40
              1
              3000
              1
              1
              79

            
              756581
              
              January 8, 2013
              
              0
              0
              0
              1

            
              756719
              High
              August 28, 2012
              2012-05-18 20:40:33
              1
              3000
              1
              1
              111

            
              757128
              Critical
              August 28, 2012
              2012-05-21 10:44:36
              0
              0
              1
              1
              121

            
              757376
              High
              July 17, 2012
              2012-05-22 03:02:08
              1
              3000
              1
              1
              111

            
              758200
              Critical
              November 20, 2012
              2012-05-24 06:56:58
              1
              3000
              1
              1
              23

            
              758344
              Critical
              July 17, 2012
              2012-05-24 12:58:16
              0
              0
              1
              1
              124

            
              758408
              Critical
              August 28, 2012
              2012-05-24 15:03:36
              0
              0
              1
              1
              66

            
              758990
              Moderate
              July 17, 2012
              2012-05-27 14:18:00
              
              0
              1
              1
              92

            
              759249
              Critical
              July 17, 2012
              2012-05-28 23:28:57
              1
              3000
              1
              1
              79

            
              759802
              Critical
              
              2012-05-30 09:52:57
              1
              3000
              1
              0
              23

            
              760887
              High
              November 20, 2012
              
              0
              0
              0
              1

            
              760996
              Critical
              August 28, 2012
              2012-06-03 09:38:05
              1
              3000
              1
              1
              24

            
              761014
              Moderate
              July 17, 2012
              2012-06-03 12:46:21
              
              0
              1
              1
              87

            
              761655
              Moderate
              July 17, 2012
              2012-06-05 09:26:40
              
              0
              1
              1
              6

            
              761831
              
              August 28, 2012
              2012-06-05 15:43:38
              0
              0
              1
              1
              92

            
              762280
              Critical
              August 28, 2012
              2012-06-06 15:37:21
              1
              3000
              1
              1
              79

            
              762705
              Moderate
              
              2012-06-07 15:46:53
              
              3000
              1
              0
              80

            
              764296
              Critical
              July 17, 2012
              2012-06-13 01:31:21
              0
              0
              1
              1
              169

            
              765139
              Critical
              July 17, 2012
              2012-06-14 22:04:05
              1
              3000
              1
              1
              79

            
              765218
              Moderate
              July 17, 2012
              2012-06-15 06:25:28
              0
              0
              1
              1
              79

            
              765409
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              765527
              High
              October 9, 2012
              2012-06-16 18:11:00
              1
              3000
              1
              1
              111

            
              765621
              Critical
              October 9, 2012
              2012-06-17 14:29:53
              1
              3000
              1
              1
              79

            
              765628
              Moderate
              November 20, 2012
              
              
              0
              0
              1

            
              767765
              Critical
              November 20, 2012
              2012-06-23 22:35:29
              1
              3000
              1
              1
              79

            
              767778
              High
              July 17, 2012
              2012-06-24 01:57:55
              1
              3000
              1
              1
              99

            
              768101
              Critical
              October 9, 2012
              2012-06-25 11:03:04
              1
              3000
              1
              1
              111

            
              768243
              
              January 8, 2013
              
              0
              0
              0
              1

            
              768313
              
              October 9, 2012
              
              0
              0
              0
              1

            
              768568
              High
              August 28, 2012
              2012-06-26 11:20:00
              0
              0
              1
              1
              128

            
              768750
              
              January 8, 2013
              
              0
              0
              0
              1

            
              769108
              Critical
              August 28, 2012
              2012-06-27 17:12:32
              1
              3000
              1
              1
              111

            
              769120
              High
              August 28, 2012
              2012-06-27 18:37:04
              1
              3000
              1
              1
              79

            
              769265
              High
              August 28, 2012
              2012-06-28 07:13:52
              0
              0
              1
              1
              130

            
              769303
              Critical
              August 28, 2012
              2012-06-28 08:50:22
              1
              3000
              1
              1
              79

            
              770429
              High
              August 28, 2012
              2012-07-03 00:22:28
              0
              0
              1
              1
              124

            
              770478
              Moderate
              August 28, 2012
              2012-07-03 05:44:51
              
              0
              1
              1
              115

            
              770684
              Moderate
              August 28, 2012
              2012-07-03 14:44:43
              
              0
              1
              1
              166

            
              771318
              Critical
              
              2012-07-05 13:38:48
              1
              3000
              1
              0
              79

            
              771859
              High
              August 28, 2012
              2012-07-07 18:56:01
              1
              3000
              1
              1
              10

            
              771873
              Critical
              August 28, 2012
              2012-07-07 23:12:39
              1
              3000
              1
              1
              79

            
              771961
              Critical
              
              2012-07-08 19:21:42
              1
              3000
              1
              0
              79

            
              771976
              Critical
              August 28, 2012
              2012-07-08 21:55:12
              1
              3000
              1
              1
              79

            
              771994
              Critical
              August 28, 2012
              2012-07-09 01:51:30
              1
              3000
              1
              1
              79

            
              772346
              Critical
              August 28, 2012
              2012-07-09 22:34:53
              1
              3000
              1
              1
              79

            
              773207
              Critical
              August 28, 2012
              2012-07-12 03:11:55
              1
              3000
              1
              1
              79

            
              774548
              Critical
              August 28, 2012
              2012-07-16 18:12:31
              1
              3000
              1
              1
              79

            
              774597
              Critical
              August 28, 2012
              2012-07-17 01:37:46
              1
              3000
              1
              1
              79

            
              774953
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              775009
              High
              October 9, 2012
              2012-07-18 00:23:55
              1
              3000
              1
              1
              111

            
              775228
              Critical
              November 20, 2012
              2012-07-18 12:28:24
              1
              3000
              1
              1
              122

            
              775793
              Moderate
              August 28, 2012
              2012-07-19 17:38:57
              0
              0
              1
              1
              72

            
              775794
              Critical
              August 28, 2012
              2012-07-19 17:42:48
              1
              3000
              1
              1
              72

            
              775852
              Critical
              August 28, 2012
              2012-07-19 23:06:50
              1
              3000
              1
              1
              122

            
              775868
              High
              October 9, 2012
              2012-07-20 00:56:42
              0
              0
              1
              1
              93

            
              776213
              Critical
              August 28, 2012
              2012-07-20 22:23:12
              1
              3000
              1
              1
              79

            
              777028
              Critical
              August 28, 2012
              2012-07-24 12:21:08
              1
              3000
              1
              1
              122

            
              777578
              Critical
              August 28, 2012
              2012-07-25 17:04:07
              1
              3000
              1
              1
              79

            
              778428
              Critical
              August 28, 2012
              2012-07-28 08:07:53
              1
              3000
              1
              1
              79

            
              778582
              Critical
              October 9, 2012
              2012-07-29 14:23:01
              1
              3000
              1
              1
              123

            
              778603
              High
              November 20, 2012
              2012-07-29 18:33:55
              1
              3000
              1
              1
              150

            
              779413
              High
              September 21, 2012
              2012-07-31 23:00:25
              1
              3000
              1
              1
              160

            
              779821
              High
              November 20, 2012
              
              0
              0
              0
              1

            
              780370
              High
              October 9, 2012
              2012-08-04 02:42:50
              0
              0
              1
              1
              124

            
              780778
              Moderate
              November 20, 2012
              
              0
              0
              0
              1

            
              780963
              Critical
              
              2012-08-07 12:31:56
              1
              3000
              1
              0
              122

            
              780979
              
              January 8, 2013
              
              0
              0
              0
              1

            
              781859
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              782141
              Critical
              August 28, 2012
              2012-08-12 12:05:20
              1
              3000
              1
              1
              24

            
              783260
              Critical
              October 9, 2012
              2012-08-16 07:05:12
              1
              3000
              1
              1
              18

            
              783502
              High
              October 9, 2012
              2012-08-17 02:39:33
              0
              0
              1
              1
              44

            
              783867
              Critical
              October 9, 2012
              2012-08-19 03:03:47
              1
              3000
              1
              1
              9

            
              784404
              
              November 20, 2012
              
              0
              0
              0
              1

            
              785310
              Low
              
              2012-08-23 23:23:43
              
              3000
              1
              0
              62

            
              785358
              
              January 8, 2013
              
              0
              0
              0
              1

            
              785555
              
              January 8, 2013
              
              0
              0
              0
              1

            
              785574
              Critical
              October 9, 2012
              2012-08-24 19:26:05
              1
              3000
              1
              1
              79

            
              785720
              Critical
              October 9, 2012
              2012-08-26 09:18:09
              1
              3000
              1
              1
              79

            
              785734
              Critical
              November 20, 2012
              2012-08-26 11:23:58
              1
              3000
              1
              1
              122

            
              785753
              Critical
              October 9, 2012
              2012-08-26 15:09:06
              1
              3000
              1
              1
              23

            
              785967
              Critical
              October 9, 2012
              2012-08-27 11:22:24
              1
              3000
              1
              1
              23

            
              786111
              Critical
              October 9, 2012
              2012-08-27 17:07:23
              1
              3000
              1
              1
              79

            
              786142
              Critical
              November 20, 2012
              2012-08-27 19:32:33
              1
              3000
              1
              1
              79

            
              786895
              Critical
              October 9, 2012
              2012-08-29 18:07:13
              1
              3000
              1
              1
              79

            
              787089
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              787493
              Critical
              October 9, 2012
              2012-08-31 11:05:47
              1
              3000
              1
              1
              23

            
              787704
              Critical
              October 9, 2012
              2012-09-01 11:59:04
              1
              3000
              1
              1
              122

            
              787722
              Critical
              October 9, 2012
              2012-09-01 13:36:00
              1
              3000
              1
              1
              23

            
              787778
              Critical
              
              2012-09-02 02:59:27
              1
              3000
              1
              0
              122

            
              787818
              
              January 8, 2013
              
              0
              0
              0
              1

            
              787831
              
              January 8, 2013
              
              0
              0
              0
              1

            
              788822
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              788950
              Critical
              October 9, 2012
              2012-09-05 22:49:45
              1
              3000
              1
              1
              79

            
              788959
              Critical
              January 8, 2013
              2012-09-06 00:11:20
              1
              3000
              1
              1
              79

            
              789075
              
              November 20, 2012
              
              0
              0
              0
              1

            
              790139
              Critical
              October 11, 2012
              2012-09-10 21:56:02
              0
              0
              1
              1
              109

            
              790454
              
              January 8, 2013
              
              
              0
              0
              1

            
              790826
              Critical
              
              2012-09-12 17:42:57
              1
              3000
              1
              0
              79

            
              790856
              Critical
              October 9, 2012
              2012-09-12 20:34:03
              0
              0
              1
              1
              92

            
              790865
              Critical
              October 9, 2012
              2012-09-12 21:08:20
              0
              0
              1
              1
              92

            
              790879
              Critical
              November 20, 2012
              2012-09-13 00:58:16
              1
              3000
              1
              1
              122

            
              791601
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              791905
              
              January 8, 2013
              
              0
              0
              0
              1

            
              792106
              
              November 20, 2012
              
              0
              0
              0
              1

            
              792305
              Critical
              January 8, 2013
              2012-09-18 21:20:58
              1
              3000
              1
              1
              79

            
              792405
              High
              November 20, 2012
              2012-09-19 07:07:15
              1
              3000
              1
              1
              111

            
              792857
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              793121
              High
              October 26, 2012
              2012-09-21 03:23:16
              0
              0
              1
              1
              124

            
              793253
              Moderate
              November 20, 2012
              
              0
              0
              0
              1

            
              793848
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              794025
              Critical
              October 9, 2012
              2012-09-25 04:02:32
              0
              0
              1
              1
              44

            
              794158
              
              January 8, 2013
              
              0
              0
              0
              1

            
              794426
              
              January 8, 2013
              
              0
              0
              0
              1

            
              795281
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              795284
              
              January 8, 2013
              
              0
              0
              0
              1

            
              795592
              Critical
              
              2012-09-29 06:56:37
              1
              3000
              1
              0
              79

            
              795708
              Critical
              November 20, 2012
              2012-09-30 07:31:21
              1
              3000
              1
              1
              79

            
              795734
              Critical
              
              2012-09-30 10:53:02
              1
              3000
              1
              0
              79

            
              795750
              Critical
              
              2012-09-30 14:14:09
              1
              3000
              1
              0
              79

            
              795804
              Critical
              November 20, 2012
              2012-09-30 22:22:11
              1
              3000
              1
              1
              79

            
              796866
              Critical
              November 20, 2012
              2012-10-02 03:10:42
              1
              3000
              1
              1
              111

            
              797163
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              798045
              Critical
              October 11, 2012
              2012-10-04 14:24:46
              0
              0
              1
              1
              149

            
              798264
              High
              November 20, 2012
              
              0
              0
              0
              1

            
              798677
              Critical
              November 20, 2012
              2012-10-05 18:26:44
              1
              3000
              1
              1
              79

            
              798678
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              798853
              Critical
              November 20, 2012
              2012-10-06 21:47:59
              1
              3000
              1
              1
              79

            
              799952
              High
              October 11, 2012
              2012-10-10 07:42:47
              1
              3000
              1
              1
              61

            
              800363
              High
              November 20, 2012
              2012-10-11 07:27:00
              1
              3000
              1
              1
              115

            
              800666
              High
              October 26, 2012
              2012-10-11 18:03:32
              1
              3000
              1
              1
              111

            
              801195
              
              January 8, 2013
              
              0
              0
              0
              1

            
              801681
              High
              November 20, 2012
              2012-10-15 08:38:46
              1
              3000
              1
              1
              115

            
              801957
              Critical
              
              2012-10-15 17:18:11
              1
              3000
              1
              0
              79

            
              802026
              High
              January 8, 2013
              2012-10-16 00:12:54
              1
              3000
              1
              1
              115

            
              802168
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              802557
              High
              October 26, 2012
              2012-10-17 05:20:48
              1
              3000
              1
              1
              21

            
              802778
              Critical
              November 20, 2012
              2012-10-17 12:52:53
              1
              3000
              1
              1
              122

            
              802902
              Critical
              November 20, 2012
              2012-10-17 17:53:02
              1
              3000
              1
              1
              79

            
              803853
              Critical
              January 8, 2013
              2012-10-20 09:22:24
              1
              3000
              1
              1
              79

            
              804237
              
              January 8, 2013
              
              0
              0
              0
              1

            
              804927
              Critical
              November 20, 2012
              2012-10-23 22:55:55
              1
              3000
              1
              1
              79

            
              805024
              
              January 8, 2013
              
              0
              0
              0
              1

            
              805121
              
              January 8, 2013
              
              0
              0
              0
              1

            
              805287
              Critical
              November 20, 2012
              2012-10-24 17:34:07
              1
              3000
              1
              1
              79

            
              805745
              
              January 8, 2013
              
              0
              0
              0
              1

            
              805807
              High
              November 20, 2012
              
              0
              0
              0
              1

            
              805814
              
              January 8, 2013
              
              0
              0
              0
              1

            
              805957
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              806031
              
              January 8, 2013
              
              0
              0
              0
              1

            
              806483
              
              January 8, 2013
              
              0
              0
              0
              1

            
              808481
              
              January 8, 2013
              
              0
              0
              0
              1

            
              809064
              
              January 8, 2013
              
              0
              0
              0
              1

            
              809674
              Critical
              November 20, 2012
              
              0
              0
              0
              1

            
              811382
              
              January 8, 2013
              
              0
              0
              0
              1

            
              812161
              
              January 8, 2013
              
              0
              0
              0
              1

            
              812847
              
              January 8, 2013
              
              0
              0
              0
              1

            
              813901
              High
              January 8, 2013
              2012-11-21 01:54:56
              1
              3000
              1
              1
              111

            
              813906
              Critical
              January 8, 2013
              2012-11-21 02:13:44
              1
              3000
              1
              1
              111

            
              814001
              
              January 8, 2013
              
              0
              0
              0
              1

            
              814026
              
              January 8, 2013
              
              0
              0
              0
              1

            
              814027
              
              January 8, 2013
              
              0
              0
              0
              1

            
              814029
              
              January 8, 2013
              
              0
              0
              0
              1

            
              814407
              
              January 8, 2013
              
              0
              0
              0
              1

            
              814713
              Critical
              January 8, 2013
              2012-11-23 08:11:25
              1
              3000
              1
              1
              23

            
              814839
              
              January 8, 2013
              
              0
              0
              0
              1

            
              815489
              High
              
              2012-11-26 20:08:04
              1
              3000
              1
              0
              79

            
              815795
              Critical
              January 8, 2013
              2012-11-27 13:47:00
              1
              3000
              1
              1
              122

            
              816359
              Critical
              
              2012-11-28 17:45:12
              1
              3000
              1
              0
              79

            
              816842
              
              January 8, 2013
              
              0
              0
              0
              1

            
              816994
              
              January 8, 2013
              
              0
              0
              0
              1

            
              825022
              Critical
              January 8, 2013
              2012-12-27 11:18:30
              0
              0
              1
              1
              35