VYPR

rpm package

suse/chromium&distro=SUSE Package Hub 15 SP3

pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP3

Vulnerabilities (505)

  • CVE-2022-4182Nov 29, 2022
    affected < 108.0.5359.71-bp154.2.49.1fixed 108.0.5359.71-bp154.2.49.1

    Inappropriate implementation in Fenced Frames in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass fenced frame restrictions via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2022-4181Nov 29, 2022
    affected < 108.0.5359.71-bp154.2.49.1fixed 108.0.5359.71-bp154.2.49.1

    Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-4180Nov 29, 2022
    affected < 108.0.5359.71-bp154.2.49.1fixed 108.0.5359.71-bp154.2.49.1

    Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

  • CVE-2022-4179Nov 29, 2022
    affected < 108.0.5359.71-bp154.2.49.1fixed 108.0.5359.71-bp154.2.49.1

    Use after free in Audio in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

  • CVE-2022-4178Nov 29, 2022
    affected < 108.0.5359.71-bp154.2.49.1fixed 108.0.5359.71-bp154.2.49.1

    Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-4177Nov 29, 2022
    affected < 108.0.5359.71-bp154.2.49.1fixed 108.0.5359.71-bp154.2.49.1

    Use after free in Extensions in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install an extension to potentially exploit heap corruption via a crafted Chrome Extension and UI interaction. (Chromium security severity: High)

  • CVE-2022-4176Nov 29, 2022
    affected < 108.0.5359.71-bp154.2.49.1fixed 108.0.5359.71-bp154.2.49.1

    Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: Hig

  • CVE-2022-4175Nov 29, 2022
    affected < 108.0.5359.71-bp154.2.49.1fixed 108.0.5359.71-bp154.2.49.1

    Use after free in Camera Capture in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-4174Nov 29, 2022
    affected < 108.0.5359.71-bp154.2.49.1fixed 108.0.5359.71-bp154.2.49.1

    Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-4135KEVNov 25, 2022
    affected < 107.0.5304.121-bp154.2.46.1fixed 107.0.5304.121-bp154.2.46.1

    Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3890Nov 9, 2022
    affected < 107.0.5304.110-bp154.2.43.1fixed 107.0.5304.110-bp154.2.43.1

    Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3889Nov 9, 2022
    affected < 107.0.5304.110-bp154.2.43.1fixed 107.0.5304.110-bp154.2.43.1

    Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3888Nov 9, 2022
    affected < 107.0.5304.110-bp154.2.43.1fixed 107.0.5304.110-bp154.2.43.1

    Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3887Nov 9, 2022
    affected < 107.0.5304.110-bp154.2.43.1fixed 107.0.5304.110-bp154.2.43.1

    Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3886Nov 9, 2022
    affected < 107.0.5304.110-bp154.2.43.1fixed 107.0.5304.110-bp154.2.43.1

    Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3885Nov 9, 2022
    affected < 107.0.5304.110-bp154.2.43.1fixed 107.0.5304.110-bp154.2.43.1

    Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3450Nov 9, 2022
    affected < 106.0.5249.119-bp153.2.128.1fixed 106.0.5249.119-bp153.2.128.1

    Use after free in Peer Connection in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3449Nov 9, 2022
    affected < 106.0.5249.119-bp153.2.128.1fixed 106.0.5249.119-bp153.2.128.1

    Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

  • CVE-2022-3448Nov 9, 2022
    affected < 106.0.5249.119-bp153.2.128.1fixed 106.0.5249.119-bp153.2.128.1

    Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3447Nov 9, 2022
    affected < 106.0.5249.119-bp153.2.128.1fixed 106.0.5249.119-bp153.2.128.1

    Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)

Page 2 of 26