rpm package
opensuse/nodejs-electron&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/nodejs-electron&distro=openSUSE%20Tumbleweed
Vulnerabilities (125)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-3422 | — | < 22.3.17-1.1 | 22.3.17-1.1 | Jun 26, 2023 | Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-3216 | — | < 22.3.14-1.1 | 22.3.14-1.1 | Jun 13, 2023 | Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-3215 | — | < 22.3.14-1.1 | 22.3.14-1.1 | Jun 13, 2023 | Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-3079 | — | KEV | < 22.3.13-1.1 | 22.3.13-1.1 | Jun 5, 2023 | Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2023-2930 | — | < 22.3.13-1.1 | 22.3.13-1.1 | May 30, 2023 | Use after free in Extensions in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-2725 | — | < 22.3.13-1.1 | 22.3.13-1.1 | May 16, 2023 | Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-2136 | — | KEV | < 22.3.7-1.1 | 22.3.7-1.1 | Apr 19, 2023 | Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2023-2135 | — | < 22.3.7-1.1 | 22.3.7-1.1 | Apr 19, 2023 | Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-2134 | — | < 22.3.7-1.1 | 22.3.7-1.1 | Apr 19, 2023 | Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-2133 | — | < 22.3.7-1.1 | 22.3.7-1.1 | Apr 19, 2023 | Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-2033 | — | KEV | < 22.3.7-1.1 | 22.3.7-1.1 | Apr 14, 2023 | Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2023-1811 | — | < 22.3.6-1.1 | 22.3.6-1.1 | Apr 4, 2023 | Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-1810 | — | < 22.3.6-1.1 | 22.3.6-1.1 | Apr 4, 2023 | Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-1534 | — | < 22.3.4-1.2 | 22.3.4-1.2 | Mar 21, 2023 | Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-1532 | — | < 22.3.4-1.2 | 22.3.4-1.2 | Mar 21, 2023 | Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-1529 | — | < 22.3.4-1.2 | 22.3.4-1.2 | Mar 21, 2023 | Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High) | ||
| CVE-2023-1220 | — | < 22.3.3-2.1 | 22.3.3-2.1 | Mar 7, 2023 | Heap buffer overflow in UMA in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-1219 | — | < 22.3.4-1.2 | 22.3.4-1.2 | Mar 7, 2023 | Heap buffer overflow in Metrics in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-1218 | — | < 22.3.4-1.2 | 22.3.4-1.2 | Mar 7, 2023 | Use after free in WebRTC in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-1215 | — | < 22.3.3-2.1 | 22.3.3-2.1 | Mar 7, 2023 | Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
- CVE-2023-3422Jun 26, 2023affected < 22.3.17-1.1fixed 22.3.17-1.1
Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-3216Jun 13, 2023affected < 22.3.14-1.1fixed 22.3.14-1.1
Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-3215Jun 13, 2023affected < 22.3.14-1.1fixed 22.3.14-1.1
Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 22.3.13-1.1fixed 22.3.13-1.1
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-2930May 30, 2023affected < 22.3.13-1.1fixed 22.3.13-1.1
Use after free in Extensions in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-2725May 16, 2023affected < 22.3.13-1.1fixed 22.3.13-1.1
Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 22.3.7-1.1fixed 22.3.7-1.1
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-2135Apr 19, 2023affected < 22.3.7-1.1fixed 22.3.7-1.1
Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-2134Apr 19, 2023affected < 22.3.7-1.1fixed 22.3.7-1.1
Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-2133Apr 19, 2023affected < 22.3.7-1.1fixed 22.3.7-1.1
Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 22.3.7-1.1fixed 22.3.7-1.1
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-1811Apr 4, 2023affected < 22.3.6-1.1fixed 22.3.6-1.1
Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-1810Apr 4, 2023affected < 22.3.6-1.1fixed 22.3.6-1.1
Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-1534Mar 21, 2023affected < 22.3.4-1.2fixed 22.3.4-1.2
Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-1532Mar 21, 2023affected < 22.3.4-1.2fixed 22.3.4-1.2
Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-1529Mar 21, 2023affected < 22.3.4-1.2fixed 22.3.4-1.2
Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)
- CVE-2023-1220Mar 7, 2023affected < 22.3.3-2.1fixed 22.3.3-2.1
Heap buffer overflow in UMA in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-1219Mar 7, 2023affected < 22.3.4-1.2fixed 22.3.4-1.2
Heap buffer overflow in Metrics in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-1218Mar 7, 2023affected < 22.3.4-1.2fixed 22.3.4-1.2
Use after free in WebRTC in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2023-1215Mar 7, 2023affected < 22.3.3-2.1fixed 22.3.3-2.1
Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Page 4 of 7