rpm package
suse/chromium&distro=SUSE Package Hub 15 SP3
pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP3
Vulnerabilities (505)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-0808 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions. | ||
| CVE-2022-0807 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | ||
| CVE-2022-0806 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page. | ||
| CVE-2022-0805 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. | ||
| CVE-2022-0804 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. | ||
| CVE-2022-0803 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page. | ||
| CVE-2022-0802 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. | ||
| CVE-2022-0800 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0799 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file. | ||
| CVE-2022-0798 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | ||
| CVE-2022-0797 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | ||
| CVE-2022-0796 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0795 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0794 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0793 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension. | ||
| CVE-2022-0792 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0791 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions. | ||
| CVE-2022-0790 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2022-0789 | — | < 99.0.4844.51-bp153.2.66.1 | 99.0.4844.51-bp153.2.66.1 | Apr 5, 2022 | Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0610 | — | < 98.0.4758.102-bp153.2.63.1 | 98.0.4758.102-bp153.2.63.1 | Apr 4, 2022 | Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
- CVE-2022-0808Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions.
- CVE-2022-0807Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
- CVE-2022-0806Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page.
- CVE-2022-0805Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.
- CVE-2022-0804Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.
- CVE-2022-0803Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.
- CVE-2022-0802Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.
- CVE-2022-0800Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0799Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file.
- CVE-2022-0798Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
- CVE-2022-0797Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
- CVE-2022-0796Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0795Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0794Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0793Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension.
- CVE-2022-0792Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0791Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.
- CVE-2022-0790Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2022-0789Apr 5, 2022affected < 99.0.4844.51-bp153.2.66.1fixed 99.0.4844.51-bp153.2.66.1
Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0610Apr 4, 2022affected < 98.0.4758.102-bp153.2.63.1fixed 98.0.4758.102-bp153.2.63.1
Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Page 13 of 26