VYPR

rpm package

suse/chromium&distro=SUSE Package Hub 15 SP3

pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP3

Vulnerabilities (505)

  • CVE-2022-2854Sep 26, 2022
    affected < 104.0.5112.101-bp154.2.23.1fixed 104.0.5112.101-bp154.2.23.1

    Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-3201Sep 26, 2022
    affected < 105.0.5195.127-bp154.2.29.1fixed 105.0.5195.127-bp154.2.29.1

    Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3200Sep 26, 2022
    affected < 105.0.5195.127-bp154.2.29.1fixed 105.0.5195.127-bp154.2.29.1

    Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3199Sep 26, 2022
    affected < 105.0.5195.127-bp154.2.29.1fixed 105.0.5195.127-bp154.2.29.1

    Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3198Sep 26, 2022
    affected < 105.0.5195.127-bp154.2.29.1fixed 105.0.5195.127-bp154.2.29.1

    Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2022-3197Sep 26, 2022
    affected < 105.0.5195.127-bp154.2.29.1fixed 105.0.5195.127-bp154.2.29.1

    Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2022-3196Sep 26, 2022
    affected < 105.0.5195.127-bp154.2.29.1fixed 105.0.5195.127-bp154.2.29.1

    Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2022-3195Sep 26, 2022
    affected < 105.0.5195.127-bp154.2.29.1fixed 105.0.5195.127-bp154.2.29.1

    Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-2853Sep 26, 2022
    affected < 104.0.5112.101-bp154.2.23.1fixed 104.0.5112.101-bp154.2.23.1

    Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2852Sep 26, 2022
    affected < 104.0.5112.101-bp154.2.23.1fixed 104.0.5112.101-bp154.2.23.1

    Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2624Aug 12, 2022
    affected < 104.0.5112.79-bp153.2.113.1fixed 104.0.5112.79-bp153.2.113.1

    Heap buffer overflow in PDF in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2022-2623Aug 12, 2022
    affected < 104.0.5112.79-bp153.2.113.1fixed 104.0.5112.79-bp153.2.113.1

    Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2622Aug 12, 2022
    affected < 104.0.5112.79-bp153.2.113.1fixed 104.0.5112.79-bp153.2.113.1

    Insufficient validation of untrusted input in Safe Browsing in Google Chrome on Windows prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a crafted file.

  • CVE-2022-2621Aug 12, 2022
    affected < 104.0.5112.79-bp153.2.113.1fixed 104.0.5112.79-bp153.2.113.1

    Use after free in Extensions in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2620Aug 12, 2022
    affected < 104.0.5112.79-bp153.2.113.1fixed 104.0.5112.79-bp153.2.113.1

    Use after free in WebUI in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2619Aug 12, 2022
    affected < 104.0.5112.79-bp153.2.113.1fixed 104.0.5112.79-bp153.2.113.1

    Insufficient validation of untrusted input in Settings in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted HTML page.

  • CVE-2022-2618Aug 12, 2022
    affected < 104.0.5112.79-bp153.2.113.1fixed 104.0.5112.79-bp153.2.113.1

    Insufficient validation of untrusted input in Internals in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a malicious file .

  • CVE-2022-2617Aug 12, 2022
    affected < 104.0.5112.79-bp153.2.113.1fixed 104.0.5112.79-bp153.2.113.1

    Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2616Aug 12, 2022
    affected < 104.0.5112.79-bp153.2.113.1fixed 104.0.5112.79-bp153.2.113.1

    Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the Omnibox (URL bar) via a crafted Chrome Extension.

  • CVE-2022-2615Aug 12, 2022
    affected < 104.0.5112.79-bp153.2.113.1fixed 104.0.5112.79-bp153.2.113.1

    Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Page 6 of 26