rpm package
suse/libqt5-qtwebengine&distro=SUSE Package Hub 15 SP4
pkg:rpm/suse/libqt5-qtwebengine&distro=SUSE%20Package%20Hub%2015%20SP4
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-1493 | Hig | 8.8 | < 5.15.10-bp154.2.3.2 | 5.15.10-bp154.2.3.2 | Jul 26, 2022 | Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. | |
| CVE-2022-1314 | Hig | 8.8 | < 5.15.10-bp154.2.3.2 | 5.15.10-bp154.2.3.2 | Jul 25, 2022 | Type confusion in V8 in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2022-1310 | Hig | 8.8 | < 5.15.10-bp154.2.3.2 | 5.15.10-bp154.2.3.2 | Jul 25, 2022 | Use after free in regular expressions in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2022-1305 | Hig | 8.8 | < 5.15.10-bp154.2.3.2 | 5.15.10-bp154.2.3.2 | Jul 25, 2022 | Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2022-1138 | Med | 6.5 | < 5.15.10-bp154.2.3.2 | 5.15.10-bp154.2.3.2 | Jul 23, 2022 | Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page. | |
| CVE-2022-1125 | Hig | 8.8 | < 5.15.10-bp154.2.3.2 | 5.15.10-bp154.2.3.2 | Jul 23, 2022 | Use after free in Portals in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. | |
| CVE-2022-0797 | Hig | 8.8 | < 5.15.10-bp154.2.3.2 | 5.15.10-bp154.2.3.2 | Apr 5, 2022 | Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. |
- affected < 5.15.10-bp154.2.3.2fixed 5.15.10-bp154.2.3.2
Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction.
- affected < 5.15.10-bp154.2.3.2fixed 5.15.10-bp154.2.3.2
Type confusion in V8 in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 5.15.10-bp154.2.3.2fixed 5.15.10-bp154.2.3.2
Use after free in regular expressions in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 5.15.10-bp154.2.3.2fixed 5.15.10-bp154.2.3.2
Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 5.15.10-bp154.2.3.2fixed 5.15.10-bp154.2.3.2
Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page.
- affected < 5.15.10-bp154.2.3.2fixed 5.15.10-bp154.2.3.2
Use after free in Portals in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.
- affected < 5.15.10-bp154.2.3.2fixed 5.15.10-bp154.2.3.2
Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.