DATABASE RESOURCES PRICING ABOUT US

{"id": "ALPINE:CVE-2022-0971", "vendorId": null, "type": "alpinelinux", "bulletinFamily": "unix", "title": "CVE-2022-0971", "description": "Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", "published": "2022-07-21T23:15:00", "modified": "2022-10-27T23:15:00", "epss": [{"cve": "CVE-2022-0971", "epss": 0.00241, "percentile": 0.61882, "modified": "2023-12-06"}], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://security.alpinelinux.org/vuln/CVE-2022-0971", "reporter": "Alpine Linux Development Team", "references": [], "cvelist": ["CVE-2022-0971"], "immutableFields": [], "lastseen": "2023-12-07T16:20:47", "viewCount": 12, "enchantments": {"score": {"value": 7.4, "vector": "NONE"}, "dependencies": {"references": [{"type": "chrome", "idList": ["GCSA-7849219922267498677"]}, {"type": "cve", "idList": ["CVE-2022-0971"]}, {"type": "debian", "idList": ["DEBIAN:DSA-5104-1:FCFAF"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-0971"]}, {"type": "freebsd", "idList": ["857BE71A-A4B0-11EC-95FC-3065EC8FD3EC"]}, {"type": "gentoo", "idList": ["GLSA-202208-25"]}, {"type": "hivepro", "idList": ["HIVEPRO:B772F2F7B4C9AE8452D1197E2E240204"]}, {"type": "kaspersky", "idList": ["KLA12487", "KLA12490"]}, {"type": "mageia", "idList": ["MGASA-2022-0107"]}, {"type": "mscve", "idList": ["MS:CVE-2022-0971"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-5104.NASL", "FREEBSD_PKG_857BE71AA4B011EC95FC3065EC8FD3EC.NASL", "GENTOO_GLSA-202208-25.NASL", "GOOGLE_CHROME_99_0_4844_74.NASL", "MACOSX_GOOGLE_CHROME_99_0_4844_74.NASL", "MICROSOFT_EDGE_CHROMIUM_99_0_1150_46.NASL", "OPENSUSE-2022-0085-1.NASL"]}, {"type": "prion", "idList": ["PRION:CVE-2022-0971"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0085-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2022-0971"]}, {"type": "veracode", "idList": ["VERACODE:34814"]}]}, "vulnersScore": 7.4}, "_state": {"score": 1701966111, "dependencies": 1701966185}, "_internal": {"score_hash": "82a1ccc77aedce36562040c026104f12"}, "affectedPackage": [{"OS": "Alpine", "OSVersion": "edge-community", "packageFilename": "UNKNOWN", "arch": "noarch", "packageVersion": "5.15.3_git20220407-r0", "operator": "lt", "packageName": "qt5-qtwebengine"}, {"OS": "Alpine", "OSVersion": "3.15-community", "packageFilename": "UNKNOWN", "arch": "noarch", "packageVersion": "5.15.3_git20211127-r5", "operator": "lt", "packageName": "qt5-qtwebengine"}, {"OS": "Alpine", "OSVersion": "3.16-community", "packageFilename": "UNKNOWN", "arch": "noarch", "packageVersion": "5.15.3_git20220407-r0", "operator": "lt", "packageName": "qt5-qtwebengine"}, {"OS": "Alpine", "OSVersion": "3.17-community", "packageFilename": "UNKNOWN", "arch": "noarch", "packageVersion": "5.15.3_git20220407-r0", "operator": "lt", "packageName": "qt5-qtwebengine"}, {"OS": "Alpine", "OSVersion": "3.18-community", "packageFilename": "UNKNOWN", "arch": "noarch", "packageVersion": "5.15.3_git20220407-r0", "operator": "lt", "packageName": "qt5-qtwebengine"}, {"OS": "Alpine", "OSVersion": "3.19-community", "packageFilename": "UNKNOWN", "arch": "noarch", "packageVersion": "5.15.3_git20220407-r0", "operator": "lt", "packageName": "qt5-qtwebengine"}]}

{"prion": [{"lastseen": "2023-11-20T23:18:01", "description": "Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-07-21T23:15:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971"], "modified": "2022-10-27T23:15:00", "id": "PRION:CVE-2022-0971", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2022-0971", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-12-06T14:45:13", "description": "Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-07-21T23:15:00", "type": "cve", "title": "CVE-2022-0971", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971"], "modified": "2022-10-27T23:15:00", "cpe": [], "id": "CVE-2022-0971", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0971", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}], "ubuntucve": [{"lastseen": "2023-12-07T13:40:08", "description": "Use after free in Blink Layout in Google Chrome on Android prior to\n99.0.4844.74 allowed a remote attacker who had compromised the renderer\nprocess to potentially exploit heap corruption via a crafted HTML page.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[alexmurray](<https://launchpad.net/~alexmurray>) | The Debian chromium source package is called chromium-browser in Ubuntu \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | starting with Ubuntu 19.10, the chromium-browser package is just a script that installs the Chromium snap\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-07-21T00:00:00", "type": "ubuntucve", "title": "CVE-2022-0971", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971"], "modified": "2022-07-21T00:00:00", "id": "UB:CVE-2022-0971", "href": "https://ubuntu.com/security/CVE-2022-0971", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "mscve": [{"lastseen": "2023-12-06T17:02:11", "description": "This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](<https://chromereleases.googleblog.com/2022>) for more information.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-03-17T07:00:00", "type": "mscve", "title": "Chromium: CVE-2022-0971 Use after free in Blink Layout", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971"], "modified": "2022-03-17T07:00:00", "id": "MS:CVE-2022-0971", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-0971", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2023-12-06T18:21:14", "description": "Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-07-21T23:15:00", "type": "debiancve", "title": "CVE-2022-0971", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971"], "modified": "2022-07-21T23:15:00", "id": "DEBIANCVE:CVE-2022-0971", "href": "https://security-tracker.debian.org/tracker/CVE-2022-0971", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "veracode": [{"lastseen": "2022-10-28T01:20:26", "description": "chrome is vulnerable to use after free. The vulnerability exists due to a memory corruption in Blink Layout which allows an attacker to cause an application crash.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-03-25T01:26:34", "type": "veracode", "title": "Use After Free", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-0971"], "modified": "2022-10-28T00:15:56", "id": "VERACODE:34814", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-34814/summary", "cvss": {"score": 0.0, "vector": "NONE"}}], "nessus": [{"lastseen": "2023-11-07T16:26:42", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 857be71a-a4b0-11ec-95fc-3065ec8fd3ec advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-16T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (857be71a-a4b0-11ec-95fc-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2023-11-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_857BE71AA4B011EC95FC3065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/158983", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158983);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\n \"CVE-2022-0971\",\n \"CVE-2022-0972\",\n \"CVE-2022-0973\",\n \"CVE-2022-0974\",\n \"CVE-2022-0975\",\n \"CVE-2022-0976\",\n \"CVE-2022-0977\",\n \"CVE-2022-0978\",\n \"CVE-2022-0979\",\n \"CVE-2022-0980\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0120-S\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (857be71a-a4b0-11ec-95fc-3065ec8fd3ec)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple\nvulnerabilities as referenced in the 857be71a-a4b0-11ec-95fc-3065ec8fd3ec advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via specific user\n interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote\n attacker who convinced a user to engage in specific user interaction to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?43ad24da\");\n # https://vuxml.freebsd.org/freebsd/857be71a-a4b0-11ec-95fc-3065ec8fd3ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8701a948\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0980\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'chromium<98.0.4844.74'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:31", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5104 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-21T00:00:00", "type": "nessus", "title": "Debian DSA-5104-1 : chromium - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium", "p-cpe:/a:debian:debian_linux:chromium-common", "p-cpe:/a:debian:debian_linux:chromium-driver", "p-cpe:/a:debian:debian_linux:chromium-l10n", "p-cpe:/a:debian:debian_linux:chromium-sandbox", "p-cpe:/a:debian:debian_linux:chromium-shell", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5104.NASL", "href": "https://www.tenable.com/plugins/nessus/159112", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5104. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159112);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\n \"CVE-2022-0971\",\n \"CVE-2022-0972\",\n \"CVE-2022-0973\",\n \"CVE-2022-0974\",\n \"CVE-2022-0975\",\n \"CVE-2022-0976\",\n \"CVE-2022-0977\",\n \"CVE-2022-0978\",\n \"CVE-2022-0979\",\n \"CVE-2022-0980\"\n );\n\n script_name(english:\"Debian DSA-5104-1 : chromium - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5104 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via specific user\n interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote\n attacker who convinced a user to engage in specific user interaction to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/chromium\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0973\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0976\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0979\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0980\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/chromium\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the chromium packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 99.0.4844.74-1~deb11u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0980\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-driver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-sandbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'chromium', 'reference': '99.0.4844.74-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-common', 'reference': '99.0.4844.74-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-driver', 'reference': '99.0.4844.74-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-l10n', 'reference': '99.0.4844.74-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-sandbox', 'reference': '99.0.4844.74-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-shell', 'reference': '99.0.4844.74-1~deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromium / chromium-common / chromium-driver / chromium-l10n / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:27", "description": "The version of Google Chrome installed on the remote Windows host is prior to 99.0.4844.74. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_03_stable-channel-update-for-desktop_15 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-15T00:00:00", "type": "nessus", "title": "Google Chrome < 99.0.4844.74 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2023-03-21T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_99_0_4844_74.NASL", "href": "https://www.tenable.com/plugins/nessus/158936", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158936);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\n \"CVE-2022-0971\",\n \"CVE-2022-0972\",\n \"CVE-2022-0973\",\n \"CVE-2022-0974\",\n \"CVE-2022-0975\",\n \"CVE-2022-0976\",\n \"CVE-2022-0977\",\n \"CVE-2022-0978\",\n \"CVE-2022-0979\",\n \"CVE-2022-0980\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0120-S\");\n\n script_name(english:\"Google Chrome < 99.0.4844.74 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 99.0.4844.74. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2022_03_stable-channel-update-for-desktop_15 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via specific user\n interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote\n attacker who convinced a user to engage in specific user interaction to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?43ad24da\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1299422\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1301320\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1297498\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1291986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1295411\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1296866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1299225\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1299264\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1302644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1302157\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 99.0.4844.74 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0980\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'99.0.4844.74', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:27", "description": "The version of Google Chrome installed on the remote macOS host is prior to 99.0.4844.74. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_03_stable-channel-update-for-desktop_15 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-15T00:00:00", "type": "nessus", "title": "Google Chrome < 99.0.4844.74 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2023-03-23T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_99_0_4844_74.NASL", "href": "https://www.tenable.com/plugins/nessus/158935", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158935);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\n \"CVE-2022-0971\",\n \"CVE-2022-0972\",\n \"CVE-2022-0973\",\n \"CVE-2022-0974\",\n \"CVE-2022-0975\",\n \"CVE-2022-0976\",\n \"CVE-2022-0977\",\n \"CVE-2022-0978\",\n \"CVE-2022-0979\",\n \"CVE-2022-0980\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0120-S\");\n\n script_name(english:\"Google Chrome < 99.0.4844.74 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 99.0.4844.74. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2022_03_stable-channel-update-for-desktop_15 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via specific user\n interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote\n attacker who convinced a user to engage in specific user interaction to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?43ad24da\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1299422\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1301320\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1297498\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1291986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1295411\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1296866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1299225\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1299264\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1302644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1302157\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 99.0.4844.74 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0980\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'99.0.4844.74', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:43:09", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0085-1 advisory.\n\n - Use after free in Blink Layout. (CVE-2022-0971)\n\n - Use after free in Extensions. (CVE-2022-0972)\n\n - Use after free in Safe Browsing. (CVE-2022-0973, CVE-2022-0979)\n\n - : Use after free in Splitscreen. (CVE-2022-0974)\n\n - Use after free in ANGLE. (CVE-2022-0975, CVE-2022-0978)\n\n - Heap buffer overflow in GPU. (CVE-2022-0976)\n\n - Use after free in Browser UI. (CVE-2022-0977)\n\n - Use after free in New Tab Page. (CVE-2022-0980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-21T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2022:0085-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0085-1.NASL", "href": "https://www.tenable.com/plugins/nessus/159078", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0085-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159078);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\n \"CVE-2022-0971\",\n \"CVE-2022-0972\",\n \"CVE-2022-0973\",\n \"CVE-2022-0974\",\n \"CVE-2022-0975\",\n \"CVE-2022-0976\",\n \"CVE-2022-0977\",\n \"CVE-2022-0978\",\n \"CVE-2022-0979\",\n \"CVE-2022-0980\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0120-S\");\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2022:0085-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0085-1 advisory.\n\n - Use after free in Blink Layout. (CVE-2022-0971)\n\n - Use after free in Extensions. (CVE-2022-0972)\n\n - Use after free in Safe Browsing. (CVE-2022-0973, CVE-2022-0979)\n\n - : Use after free in Splitscreen. (CVE-2022-0974)\n\n - Use after free in ANGLE. (CVE-2022-0975, CVE-2022-0978)\n\n - Heap buffer overflow in GPU. (CVE-2022-0976)\n\n - Use after free in Browser UI. (CVE-2022-0977)\n\n - Use after free in New Tab Page. (CVE-2022-0980)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197163\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4Z4LLOJXXGP4GXUSNG4BEUSYEPI3FBAL/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ef39fd6c\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0973\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0976\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0979\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0980\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0980\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-99.0.4844.74-bp153.2.69.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromedriver-99.0.4844.74-bp153.2.69.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-99.0.4844.74-bp153.2.69.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-99.0.4844.74-bp153.2.69.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-07T16:25:09", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 99.0.1150.46. It is, therefore, affected by multiple vulnerabilities as referenced in the March 17, 2022 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-17T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 99.0.1150.46 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980", "CVE-2022-26899"], "modified": "2023-11-06T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_99_0_1150_46.NASL", "href": "https://www.tenable.com/plugins/nessus/159037", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159037);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/06\");\n\n script_cve_id(\n \"CVE-2022-0971\",\n \"CVE-2022-0972\",\n \"CVE-2022-0973\",\n \"CVE-2022-0974\",\n \"CVE-2022-0975\",\n \"CVE-2022-0976\",\n \"CVE-2022-0977\",\n \"CVE-2022-0978\",\n \"CVE-2022-0979\",\n \"CVE-2022-0980\",\n \"CVE-2022-26899\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0120-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0544-S\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 99.0.1150.46 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 99.0.1150.46. It is, therefore, affected\nby multiple vulnerabilities as referenced in the March 17, 2022 advisory.\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via specific user\n interactions. (CVE-2022-0980)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote\n attacker who convinced a user to engage in specific user interaction to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-0974)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#march-17-2022\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0cc84aae\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0973\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0976\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0979\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0980\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26899\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 99.0.1150.46 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-26899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-0977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '99.0.1150.46' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-19T15:00:47", "description": "The remote host is affected by the vulnerability described in GLSA-202208-25 (Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities)\n\n - Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-30551)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2021-4055)\n\n - Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4056)\n\n - Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-4057)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4058)\n\n - Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-4059)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4061, CVE-2021-4078)\n\n - Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-4062)\n\n - Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4063)\n\n - Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4064)\n\n - Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4065)\n\n - Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4066)\n\n - Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4067)\n\n - Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-4068)\n\n - Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets. (CVE-2021-4079)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0789)\n\n - Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page. (CVE-2022-0790)\n\n - Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.\n (CVE-2022-0791)\n\n - Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0792)\n\n - Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2022-0793)\n\n - Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0794)\n\n - Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0795)\n\n - Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0796)\n\n - Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (CVE-2022-0797)\n\n - Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2022-0798)\n\n - Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file.\n (CVE-2022-0799)\n\n - Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0800)\n\n - Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2022-0802, CVE-2022-0804)\n\n - Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2022-0803)\n\n - Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. (CVE-2022-0805)\n\n - Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page. (CVE-2022-0806)\n\n - Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (CVE-2022-0807)\n\n - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions. (CVE-2022-0808)\n\n - Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0809)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0974)\n\n - Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0975, CVE-2022-0978)\n\n - Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0976)\n\n - Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0977)\n\n - Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0979)\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. (CVE-2022-0980)\n\n - Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1096)\n\n - Use after free in Portals in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.\n (CVE-2022-1125)\n\n - Use after free in QR Code Generator in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. (CVE-2022-1127)\n\n - Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page.\n (CVE-2022-1128)\n\n - Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2022-1129)\n\n - Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to send arbitrary intents from any app via a malicious app. (CVE-2022-1130)\n\n - Use after free in Cast UI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1131)\n\n - Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device.\n (CVE-2022-1132)\n\n - Use after free in WebRTC Perf in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1133)\n\n - Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1134)\n\n - Use after free in Shopping Cart in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via standard feature user interaction. (CVE-2022-1135)\n\n - Use after free in Tab Strip in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific set of user gestures. (CVE-2022-1136)\n\n - Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page. (CVE-2022-1137)\n\n - Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2022-1138)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2022-1139)\n\n - Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture. (CVE-2022-1141)\n\n - Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. (CVE-2022-1142, CVE-2022-1143)\n\n - Use after free in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. (CVE-2022-1144)\n\n - Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interaction and profile destruction. (CVE-2022-1145)\n\n - Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2022-1146)\n\n - Type confusion in V8 in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1232)\n\n - Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1305)\n\n - Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2022-1306)\n\n - Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2022-1307)\n\n - Use after free in BFCache in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1308)\n\n - Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (CVE-2022-1309)\n\n - Use after free in regular expressions in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1310)\n\n - Use after free in shell in Google Chrome on ChromeOS prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1311)\n\n - Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.\n (CVE-2022-1312)\n\n - Use after free in tab groups in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1313)\n\n - Type confusion in V8 in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1314)\n\n - Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1364)\n\n - Use after free in Vulkan in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1477)\n\n - Use after free in SwiftShader in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1478)\n\n - Use after free in ANGLE in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1479)\n\n - Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1481)\n\n - Inappropriate implementation in WebGL in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1482)\n\n - Heap buffer overflow in WebGPU in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-1483)\n\n - Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1484)\n\n - Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1485)\n\n - Type confusion in V8 in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2022-1486)\n\n - Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test. (CVE-2022-1487)\n\n - Inappropriate implementation in Extensions API in Google Chrome prior to 101.0.4951.41 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (CVE-2022-1488)\n\n - Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific user interactions.\n (CVE-2022-1489)\n\n - Use after free in Browser Switcher in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1490)\n\n - Use after free in Bookmarks in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. (CVE-2022-1491)\n\n - Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page. (CVE-2022-1492)\n\n - Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. (CVE-2022-1493)\n\n - Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass trusted types policy via a crafted HTML page. (CVE-2022-1494)\n\n - Incorrect security UI in Downloads in Google Chrome on Android prior to 101.0.4951.41 allowed a remote attacker to spoof the APK downloads dialog via a crafted HTML page. (CVE-2022-1495)\n\n - Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. (CVE-2022-1496)\n\n - Inappropriate implementation in Input in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to spoof the contents of cross-origin websites via a crafted HTML page. (CVE-2022-1497)\n\n - Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2022-1498)\n\n - Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (CVE-2022-1499)\n\n - Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page. (CVE-2022-1500)\n\n - Inappropriate implementation in iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2022-1501)\n\n - Use after free in Sharesheet in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions. (CVE-2022-1633)\n\n - Use after free in Browser UI in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who had convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific user interactions. (CVE-2022-1634)\n\n - Use after free in Permission Prompts in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions. (CVE-2022-1635)\n\n - Use after free in Performance APIs in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1636)\n\n - Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2022-1637)\n\n - Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1639)\n\n - Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1640)\n\n - Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction. (CVE-2022-1641)\n\n - Use after free in Indexed DB in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (CVE-2022-1853)\n\n - Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1854)\n\n - Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1855)\n\n - Use after free in User Education in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension or specific user interaction. (CVE-2022-1856)\n\n - Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (CVE-2022-1857)\n\n - Out of bounds read in DevTools in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform an out of bounds memory read via specific user interaction. (CVE-2022-1858)\n\n - Use after free in Performance Manager in Google Chrome prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1859)\n\n - Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user interactions. (CVE-2022-1860)\n\n - Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific user interaction. (CVE-2022-1861)\n\n - Inappropriate implementation in Extensions in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass profile restrictions via a crafted HTML page.\n (CVE-2022-1862)\n\n - Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. (CVE-2022-1863)\n\n - Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. (CVE-2022-1864)\n\n - Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. (CVE-2022-1865)\n\n - Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions. (CVE-2022-1866)\n\n - Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass same origin policy via a crafted clipboard content. (CVE-2022-1867)\n\n - Inappropriate implementation in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (CVE-2022-1868)\n\n - Type Confusion in V8 in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1869)\n\n - Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (CVE-2022-1870)\n\n - Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted HTML page. (CVE-2022-1871)\n\n - Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page. (CVE-2022-1872)\n\n - Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2022-1873)\n\n - Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page. (CVE-2022-1874)\n\n - Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2022-1875)\n\n - Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-1876)\n\n - Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-2007)\n\n - Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2022-2010)\n\n - Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-2011)\n\n - Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-2156)\n\n - Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-2157)\n\n - Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-2158)\n\n - Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page. (CVE-2022-2160)\n\n - Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who convinced the user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. (CVE-2022-2161)\n\n - Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page. (CVE-2022-2162)\n\n - Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction. (CVE-2022-2163)\n\n - Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page. (CVE-2022-2164)\n\n - Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. (CVE-2022-2165)\n\n - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. (CVE-2022-22021)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912. (CVE-2022-24475)\n\n - Microsoft Edge (Chromium-based) Spoofing Vulnerability. (CVE-2022-24523, CVE-2022-26905)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912. (CVE-2022-26891)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912. (CVE-2022-26894)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912. (CVE-2022-26895)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912. (CVE-2022-26900)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26909, CVE-2022-26912. (CVE-2022-26908)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26912. (CVE-2022-26909)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909. (CVE-2022-26912)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30128. (CVE-2022-30127)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30127. (CVE-2022-30128)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33638, CVE-2022-33639. (CVE-2022-30192)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30192, CVE-2022-33639. (CVE-2022-33638)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30192, CVE-2022-33638. (CVE-2022-33639)\n\n - This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. (CVE-2022-0801) \n - Please review the referenced CVE identifiers for details. (CVE-2022-29144, CVE-2022-29146, CVE-2022-29147)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-15T00:00:00", "type": "nessus", "title": "GLSA-202208-25 : Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-30551", "CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068", "CVE-2021-4078", "CVE-2021-4079", "CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809", "CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980", "CVE-2022-1096", "CVE-2022-1125", "CVE-2022-1127", "CVE-2022-1128", "CVE-2022-1129", "CVE-2022-1130", "CVE-2022-1131", "CVE-2022-1132", "CVE-2022-1133", "CVE-2022-1134", "CVE-2022-1135", "CVE-2022-1136", "CVE-2022-1137", "CVE-2022-1138", "CVE-2022-1139", "CVE-2022-1141", "CVE-2022-1142", "CVE-2022-1143", "CVE-2022-1144", "CVE-2022-1145", "CVE-2022-1146", "CVE-2022-1232", "CVE-2022-1305", "CVE-2022-1306", "CVE-2022-1307", "CVE-2022-1308", "CVE-2022-1309", "CVE-2022-1310", "CVE-2022-1311", "CVE-2022-1312", "CVE-2022-1313", "CVE-2022-1314", "CVE-2022-1364", "CVE-2022-1477", "CVE-2022-1478", "CVE-2022-1479", "CVE-2022-1481", "CVE-2022-1482", "CVE-2022-1483", "CVE-2022-1484", "CVE-2022-1485", "CVE-2022-1486", "CVE-2022-1487", "CVE-2022-1488", "CVE-2022-1489", "CVE-2022-1490", "CVE-2022-1491", "CVE-2022-1492", "CVE-2022-1493", "CVE-2022-1494", "CVE-2022-1495", "CVE-2022-1496", "CVE-2022-1497", "CVE-2022-1498", "CVE-2022-1499", "CVE-2022-1500", "CVE-2022-1501", "CVE-2022-1633", "CVE-2022-1634", "CVE-2022-1635", "CVE-2022-1636", "CVE-2022-1637", "CVE-2022-1639", "CVE-2022-1640", "CVE-2022-1641", "CVE-2022-1853", "CVE-2022-1854", "CVE-2022-1855", "CVE-2022-1856", "CVE-2022-1857", "CVE-2022-1858", "CVE-2022-1859", "CVE-2022-1860", "CVE-2022-1861", "CVE-2022-1862", "CVE-2022-1863", "CVE-2022-1864", "CVE-2022-1865", "CVE-2022-1866", "CVE-2022-1867", "CVE-2022-1868", "CVE-2022-1869", "CVE-2022-1870", "CVE-2022-1871", "CVE-2022-1872", "CVE-2022-1873", "CVE-2022-1874", "CVE-2022-1875", "CVE-2022-1876", "CVE-2022-2007", "CVE-2022-2010", "CVE-2022-2011", "CVE-2022-2156", "CVE-2022-2157", "CVE-2022-2158", "CVE-2022-2160", "CVE-2022-2161", "CVE-2022-2162", "CVE-2022-2163", "CVE-2022-2164", "CVE-2022-2165", "CVE-2022-22021", "CVE-2022-24475", "CVE-2022-24523", "CVE-2022-26891", "CVE-2022-26894", "CVE-2022-26895", "CVE-2022-26900", "CVE-2022-26905", "CVE-2022-26908", "CVE-2022-26909", "CVE-2022-26912", "CVE-2022-29144", "CVE-2022-29146", "CVE-2022-29147", "CVE-2022-30127", "CVE-2022-30128", "CVE-2022-30192", "CVE-2022-33638", "CVE-2022-33639"], "modified": "2023-10-16T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:chromium", "p-cpe:/a:gentoo:linux:google-chrome", "p-cpe:/a:gentoo:linux:microsoft-edge", "p-cpe:/a:gentoo:linux:qtwebengine", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202208-25.NASL", "href": "https://www.tenable.com/plugins/nessus/164112", "sourceData": "#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202208-25.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164112);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/16\");\n\n script_cve_id(\n \"CVE-2021-4052\",\n \"CVE-2021-4053\",\n \"CVE-2021-4054\",\n \"CVE-2021-4055\",\n \"CVE-2021-4056\",\n \"CVE-2021-4057\",\n \"CVE-2021-4058\",\n \"CVE-2021-4059\",\n \"CVE-2021-4061\",\n \"CVE-2021-4062\",\n \"CVE-2021-4063\",\n \"CVE-2021-4064\",\n \"CVE-2021-4065\",\n \"CVE-2021-4066\",\n \"CVE-2021-4067\",\n \"CVE-2021-4068\",\n \"CVE-2021-4078\",\n \"CVE-2021-4079\",\n \"CVE-2021-30551\",\n \"CVE-2022-0789\",\n \"CVE-2022-0790\",\n \"CVE-2022-0791\",\n \"CVE-2022-0792\",\n \"CVE-2022-0793\",\n \"CVE-2022-0794\",\n \"CVE-2022-0795\",\n \"CVE-2022-0796\",\n \"CVE-2022-0797\",\n \"CVE-2022-0798\",\n \"CVE-2022-0799\",\n \"CVE-2022-0800\",\n \"CVE-2022-0801\",\n \"CVE-2022-0802\",\n \"CVE-2022-0803\",\n \"CVE-2022-0804\",\n \"CVE-2022-0805\",\n \"CVE-2022-0806\",\n \"CVE-2022-0807\",\n \"CVE-2022-0808\",\n \"CVE-2022-0809\",\n \"CVE-2022-0971\",\n \"CVE-2022-0972\",\n \"CVE-2022-0973\",\n \"CVE-2022-0974\",\n \"CVE-2022-0975\",\n \"CVE-2022-0976\",\n \"CVE-2022-0977\",\n \"CVE-2022-0978\",\n \"CVE-2022-0979\",\n \"CVE-2022-0980\",\n \"CVE-2022-1096\",\n \"CVE-2022-1125\",\n \"CVE-2022-1127\",\n \"CVE-2022-1128\",\n \"CVE-2022-1129\",\n \"CVE-2022-1130\",\n \"CVE-2022-1131\",\n \"CVE-2022-1132\",\n \"CVE-2022-1133\",\n \"CVE-2022-1134\",\n \"CVE-2022-1135\",\n \"CVE-2022-1136\",\n \"CVE-2022-1137\",\n \"CVE-2022-1138\",\n \"CVE-2022-1139\",\n \"CVE-2022-1141\",\n \"CVE-2022-1142\",\n \"CVE-2022-1143\",\n \"CVE-2022-1144\",\n \"CVE-2022-1145\",\n \"CVE-2022-1146\",\n \"CVE-2022-1232\",\n \"CVE-2022-1305\",\n \"CVE-2022-1306\",\n \"CVE-2022-1307\",\n \"CVE-2022-1308\",\n \"CVE-2022-1309\",\n \"CVE-2022-1310\",\n \"CVE-2022-1311\",\n \"CVE-2022-1312\",\n \"CVE-2022-1313\",\n \"CVE-2022-1314\",\n \"CVE-2022-1364\",\n \"CVE-2022-1477\",\n \"CVE-2022-1478\",\n \"CVE-2022-1479\",\n \"CVE-2022-1481\",\n \"CVE-2022-1482\",\n \"CVE-2022-1483\",\n \"CVE-2022-1484\",\n \"CVE-2022-1485\",\n \"CVE-2022-1486\",\n \"CVE-2022-1487\",\n \"CVE-2022-1488\",\n \"CVE-2022-1489\",\n \"CVE-2022-1490\",\n \"CVE-2022-1491\",\n \"CVE-2022-1492\",\n \"CVE-2022-1493\",\n \"CVE-2022-1494\",\n \"CVE-2022-1495\",\n \"CVE-2022-1496\",\n \"CVE-2022-1497\",\n \"CVE-2022-1498\",\n \"CVE-2022-1499\",\n \"CVE-2022-1500\",\n \"CVE-2022-1501\",\n \"CVE-2022-1633\",\n \"CVE-2022-1634\",\n \"CVE-2022-1635\",\n \"CVE-2022-1636\",\n \"CVE-2022-1637\",\n \"CVE-2022-1639\",\n \"CVE-2022-1640\",\n \"CVE-2022-1641\",\n \"CVE-2022-1853\",\n \"CVE-2022-1854\",\n \"CVE-2022-1855\",\n \"CVE-2022-1856\",\n \"CVE-2022-1857\",\n \"CVE-2022-1858\",\n \"CVE-2022-1859\",\n \"CVE-2022-1860\",\n \"CVE-2022-1861\",\n \"CVE-2022-1862\",\n \"CVE-2022-1863\",\n \"CVE-2022-1864\",\n \"CVE-2022-1865\",\n \"CVE-2022-1866\",\n \"CVE-2022-1867\",\n \"CVE-2022-1868\",\n \"CVE-2022-1869\",\n \"CVE-2022-1870\",\n \"CVE-2022-1871\",\n \"CVE-2022-1872\",\n \"CVE-2022-1873\",\n \"CVE-2022-1874\",\n \"CVE-2022-1875\",\n \"CVE-2022-1876\",\n \"CVE-2022-2007\",\n \"CVE-2022-2010\",\n \"CVE-2022-2011\",\n \"CVE-2022-2156\",\n \"CVE-2022-2157\",\n \"CVE-2022-2158\",\n \"CVE-2022-2160\",\n \"CVE-2022-2161\",\n \"CVE-2022-2162\",\n \"CVE-2022-2163\",\n \"CVE-2022-2164\",\n \"CVE-2022-2165\",\n \"CVE-2022-22021\",\n \"CVE-2022-24475\",\n \"CVE-2022-24523\",\n \"CVE-2022-26891\",\n \"CVE-2022-26894\",\n \"CVE-2022-26895\",\n \"CVE-2022-26900\",\n \"CVE-2022-26905\",\n \"CVE-2022-26908\",\n \"CVE-2022-26909\",\n \"CVE-2022-26912\",\n \"CVE-2022-29144\",\n \"CVE-2022-29146\",\n \"CVE-2022-29147\",\n \"CVE-2022-30127\",\n \"CVE-2022-30128\",\n \"CVE-2022-30192\",\n \"CVE-2022-33638\",\n \"CVE-2022-33639\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/18\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/06\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"IAVA\", value:\"2021-A-0544-S\");\n\n script_name(english:\"GLSA-202208-25 : Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202208-25 (Chromium, Google Chrome, Microsoft Edge,\nQtWebEngine: Multiple Vulnerabilities)\n\n - Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-30551)\n\n - Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user\n to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.\n (CVE-2021-4052)\n\n - Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4053)\n\n - Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n perform domain spoofing via a crafted HTML page. (CVE-2021-4054)\n\n - Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who\n convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n Chrome Extension. (CVE-2021-4055)\n\n - Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4056)\n\n - Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-4057)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4058)\n\n - Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n leak cross-origin data via a crafted HTML page. (CVE-2021-4059)\n\n - Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4061, CVE-2021-4078)\n\n - Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2021-4062)\n\n - Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4063)\n\n - Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote\n attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4064)\n\n - Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4065)\n\n - Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2021-4066)\n\n - Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote\n attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2021-4067)\n\n - Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote\n attacker to leak cross-origin data via a crafted HTML page. (CVE-2021-4068)\n\n - Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to\n potentially exploit heap corruption via crafted WebRTC packets. (CVE-2021-4079)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0789)\n\n - Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a\n user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML\n page. (CVE-2022-0790)\n\n - Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a\n user to engage in specific user interactions to potentially exploit heap corruption via user interactions.\n (CVE-2022-0791)\n\n - Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0792)\n\n - Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to\n install a malicious extension and engage in specific user interaction to potentially exploit heap\n corruption via a crafted Chrome Extension. (CVE-2022-0793)\n\n - Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced\n a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML\n page. (CVE-2022-0794)\n\n - Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0795)\n\n - Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-0796)\n\n - Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n perform an out of bounds memory write via a crafted HTML page. (CVE-2022-0797)\n\n - Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome\n Extension. (CVE-2022-0798)\n\n - Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a\n remote attacker to perform local privilege escalation via a crafted offline installer file.\n (CVE-2022-0799)\n\n - Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who\n convinced a user to engage in specific user interaction to potentially exploit heap corruption via a\n crafted HTML page. (CVE-2022-0800)\n\n - Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed\n a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2022-0802,\n CVE-2022-0804)\n\n - Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote\n attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2022-0803)\n\n - Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who\n convinced a user to engage in specific user interaction to potentially exploit heap corruption via user\n interaction. (CVE-2022-0805)\n\n - Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user\n to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page. (CVE-2022-0806)\n\n - Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker\n to bypass navigation restrictions via a crafted HTML page. (CVE-2022-0807)\n\n - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote\n attacker who convinced a user to engage in a series of user interaction to potentially exploit heap\n corruption via user interactions. (CVE-2022-0808)\n\n - Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0809)\n\n - Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker\n who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0971)\n\n - Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-0972)\n\n - Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0973)\n\n - Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote\n attacker who convinced a user to engage in specific user interaction to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-0974)\n\n - Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-0975, CVE-2022-0978)\n\n - Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0976)\n\n - Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker\n who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a\n crafted HTML page. (CVE-2022-0977)\n\n - Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote\n attacker who convinced a user to engage in specific user interaction to potentially exploit heap\n corruption via a crafted HTML page. (CVE-2022-0979)\n\n - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via specific user\n interactions. (CVE-2022-0980)\n\n - Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-1096)\n\n - Use after free in Portals in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced\n a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.\n (CVE-2022-1125)\n\n - Use after free in QR Code Generator in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who\n convinced a user to engage in specific user interaction to potentially exploit heap corruption via user\n interaction. (CVE-2022-1127)\n\n - Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed\n an attacker on the local network segment to leak cross-origin data via a crafted HTML page.\n (CVE-2022-1128)\n\n - Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60\n allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.\n (CVE-2022-1129)\n\n - Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60\n allowed a remote attacker to send arbitrary intents from any app via a malicious app. (CVE-2022-1130)\n\n - Use after free in Cast UI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-1131)\n\n - Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60\n allowed a local attacker to bypass navigation restrictions via physical access to the device.\n (CVE-2022-1132)\n\n - Use after free in WebRTC Perf in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1133)\n\n - Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-1134)\n\n - Use after free in Shopping Cart in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to\n potentially exploit heap corruption via standard feature user interaction. (CVE-2022-1135)\n\n - Use after free in Tab Strip in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via specific set of user\n gestures. (CVE-2022-1136)\n\n - Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who\n convinced a user to install a malicious extension to leak potentially sensitive information via a crafted\n HTML page. (CVE-2022-1137)\n\n - Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote\n attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a\n crafted HTML page. (CVE-2022-1138)\n\n - Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a\n remote attacker to leak cross-origin data via a crafted HTML page. (CVE-2022-1139)\n\n - Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who\n convinced a user to engage in specific user interaction to potentially exploit heap corruption via\n specific user gesture. (CVE-2022-1141)\n\n - Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who\n convinced a user to engage in specific user interaction to potentially exploit heap corruption via\n specific input into DevTools. (CVE-2022-1142, CVE-2022-1143)\n\n - Use after free in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a\n user to engage in specific user interaction to potentially exploit heap corruption via specific input into\n DevTools. (CVE-2022-1144)\n\n - Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via specific user interaction\n and profile destruction. (CVE-2022-1145)\n\n - Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote\n attacker to leak cross-origin data via a crafted HTML page. (CVE-2022-1146)\n\n - Type confusion in V8 in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-1232)\n\n - Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-1305)\n\n - Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a remote\n attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2022-1306)\n\n - Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88 allowed a\n remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (CVE-2022-1307)\n\n - Use after free in BFCache in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-1308)\n\n - Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a\n remote attacker to potentially perform a sandbox escape via a crafted HTML page. (CVE-2022-1309)\n\n - Use after free in regular expressions in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1310)\n\n - Use after free in shell in Google Chrome on ChromeOS prior to 100.0.4896.88 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1311)\n\n - Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an attacker who convinced a user\n to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.\n (CVE-2022-1312)\n\n - Use after free in tab groups in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1313)\n\n - Type confusion in V8 in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-1314)\n\n - Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1364)\n\n - Use after free in Vulkan in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-1477)\n\n - Use after free in SwiftShader in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1478)\n\n - Use after free in ANGLE in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-1479)\n\n - Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed a remote attacker who\n convinced a user to engage in specific user interaction to potentially exploit heap corruption via a\n crafted HTML page. (CVE-2022-1481)\n\n - Inappropriate implementation in WebGL in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1482)\n\n - Heap buffer overflow in WebGPU in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who had\n compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-1483)\n\n - Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker\n to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1484)\n\n - Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1485)\n\n - Type confusion in V8 in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to obtain\n potentially sensitive information from process memory via a crafted HTML page. (CVE-2022-1486)\n\n - Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially\n exploit heap corruption via running a Wayland test. (CVE-2022-1487)\n\n - Inappropriate implementation in Extensions API in Google Chrome prior to 101.0.4951.41 allowed an attacker\n who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome\n Extension. (CVE-2022-1488)\n\n - Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41\n allowed a remote attacker to potentially exploit heap corruption via specific user interactions.\n (CVE-2022-1489)\n\n - Use after free in Browser Switcher in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who\n convinced a user to engage in specific user interaction to potentially exploit heap corruption via a\n crafted HTML page. (CVE-2022-1490)\n\n - Use after free in Bookmarks in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to\n potentially exploit heap corruption via specific and direct user interaction. (CVE-2022-1491)\n\n - Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote\n attacker to inject arbitrary scripts or HTML via a crafted HTML page. (CVE-2022-1492)\n\n - Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to\n potentially exploit heap corruption via specific and direct user interaction. (CVE-2022-1493)\n\n - Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote\n attacker to bypass trusted types policy via a crafted HTML page. (CVE-2022-1494)\n\n - Incorrect security UI in Downloads in Google Chrome on Android prior to 101.0.4951.41 allowed a remote\n attacker to spoof the APK downloads dialog via a crafted HTML page. (CVE-2022-1495)\n\n - Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to\n potentially exploit heap corruption via specific and direct user interaction. (CVE-2022-1496)\n\n - Inappropriate implementation in Input in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to\n spoof the contents of cross-origin websites via a crafted HTML page. (CVE-2022-1497)\n\n - Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote\n attacker to leak cross-origin data via a crafted HTML page. (CVE-2022-1498)\n\n - Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote\n attacker to bypass same origin policy via a crafted HTML page. (CVE-2022-1499)\n\n - Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote\n attacker to bypass content security policy via a crafted HTML page. (CVE-2022-1500)\n\n - Inappropriate implementation in iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker\n to leak cross-origin data via a crafted HTML page. (CVE-2022-1501)\n\n - Use after free in Sharesheet in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote\n attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption\n via specific user interactions. (CVE-2022-1633)\n\n - Use after free in Browser UI in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who had\n convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific\n user interactions. (CVE-2022-1634)\n\n - Use after free in Permission Prompts in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who\n convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific\n user interactions. (CVE-2022-1635)\n\n - Use after free in Performance APIs in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1636)\n\n - Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote\n attacker to leak cross-origin data via a crafted HTML page. (CVE-2022-1637)\n\n - Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-1639)\n\n - Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced\n a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML\n page. (CVE-2022-1640)\n\n - Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote\n attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption\n via specific user interaction. (CVE-2022-1641)\n\n - Use after free in Indexed DB in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to\n potentially perform a sandbox escape via a crafted HTML page. (CVE-2022-1853)\n\n - Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-1854)\n\n - Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-1855)\n\n - Use after free in User Education in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced\n a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome\n Extension or specific user interaction. (CVE-2022-1856)\n\n - Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a\n remote attacker to bypass file system restrictions via a crafted HTML page. (CVE-2022-1857)\n\n - Out of bounds read in DevTools in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to\n perform an out of bounds memory read via specific user interaction. (CVE-2022-1858)\n\n - Use after free in Performance Manager in Google Chrome prior to 102.0.5005.61 allowed a remote attacker\n who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a\n crafted HTML page. (CVE-2022-1859)\n\n - Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote\n attacker who convinced a user to engage in specific user interaction to potentially exploit heap\n corruption via specific user interactions. (CVE-2022-1860)\n\n - Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker\n who convinced a user to enage in specific user interactions to potentially exploit heap corruption via\n specific user interaction. (CVE-2022-1861)\n\n - Inappropriate implementation in Extensions in Google Chrome prior to 102.0.5005.61 allowed an attacker who\n convinced a user to install a malicious extension to bypass profile restrictions via a crafted HTML page.\n (CVE-2022-1862)\n\n - Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome\n Extension and specific user interaction. (CVE-2022-1863)\n\n - Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who\n convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted\n Chrome Extension and specific user interaction. (CVE-2022-1864)\n\n - Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome\n Extension and specific user interaction. (CVE-2022-1865)\n\n - Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote\n attacker who convinced a user to engage in specific user interactions to potentially exploit heap\n corruption via specific user interactions. (CVE-2022-1866)\n\n - Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61\n allowed a remote attacker to bypass same origin policy via a crafted clipboard content. (CVE-2022-1867)\n\n - Inappropriate implementation in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker\n who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML\n page. (CVE-2022-1868)\n\n - Type Confusion in V8 in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-1869)\n\n - Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a\n user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome\n Extension. (CVE-2022-1870)\n\n - Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an\n attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted\n HTML page. (CVE-2022-1871)\n\n - Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an\n attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted\n HTML page. (CVE-2022-1872)\n\n - Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker\n to leak cross-origin data via a crafted HTML page. (CVE-2022-1873)\n\n - Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a\n remote attacker to bypass downloads protection policy via a crafted HTML page. (CVE-2022-1874)\n\n - Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to\n leak cross-origin data via a crafted HTML page. (CVE-2022-1875)\n\n - Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced\n a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-1876)\n\n - Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-2007)\n\n - Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who\n had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.\n (CVE-2022-2010)\n\n - Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-2011)\n\n - Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-2156)\n\n - Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who\n had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.\n (CVE-2022-2157)\n\n - Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially\n exploit heap corruption via a crafted HTML page. (CVE-2022-2158)\n\n - Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an\n attacker who convinced a user to install a malicious extension to obtain potentially sensitive information\n from a user's local files via a crafted HTML page. (CVE-2022-2160)\n\n - Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who\n convinced the user to engage in specific user interactions to potentially exploit heap corruption via\n specific UI interactions. (CVE-2022-2161)\n\n - Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53\n allowed a remote attacker to bypass file system access via a crafted HTML page. (CVE-2022-2162)\n\n - Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who\n convinced a user to install a malicious extension to potentially exploit heap corruption via UI\n interaction. (CVE-2022-2163)\n\n - Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker\n who convinced a user to install a malicious extension to bypass discretionary access control via a crafted\n HTML page. (CVE-2022-2164)\n\n - Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote\n attacker to perform domain spoofing via IDN homographs via a crafted domain name. (CVE-2022-2165)\n\n - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. (CVE-2022-22021)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from\n CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909,\n CVE-2022-26912. (CVE-2022-24475)\n\n - Microsoft Edge (Chromium-based) Spoofing Vulnerability. (CVE-2022-24523, CVE-2022-26905)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from\n CVE-2022-24475, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909,\n CVE-2022-26912. (CVE-2022-26891)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from\n CVE-2022-24475, CVE-2022-26891, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909,\n CVE-2022-26912. (CVE-2022-26894)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from\n CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909,\n CVE-2022-26912. (CVE-2022-26895)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from\n CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26908, CVE-2022-26909,\n CVE-2022-26912. (CVE-2022-26900)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from\n CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26909,\n CVE-2022-26912. (CVE-2022-26908)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from\n CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908,\n CVE-2022-26912. (CVE-2022-26909)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from\n CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908,\n CVE-2022-26909. (CVE-2022-26912)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from\n CVE-2022-30128. (CVE-2022-30127)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from\n CVE-2022-30127. (CVE-2022-30128)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from\n CVE-2022-33638, CVE-2022-33639. (CVE-2022-30192)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from\n CVE-2022-30192, CVE-2022-33639. (CVE-2022-33638)\n\n - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from\n CVE-2022-30192, CVE-2022-33638. (CVE-2022-33639)\n\n - This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this\n vulnerability. Please see Google Chrome Releases for more information. (CVE-2022-0801)\n \n - Please review the referenced CVE identifiers for details. (CVE-2022-29144, CVE-2022-29146,\n CVE-2022-29147)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202208-25\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=773040\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=787950\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=800181\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=810781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=815397\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=828519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=829161\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=834477\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=835397\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=835761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=836011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=836381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=836777\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=836830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=837497\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=838049\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=838433\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=838682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=841371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=843035\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=843728\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=847370\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=847613\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=848864\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=851003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=851009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=853229\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=853643\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=854372\");\n script_set_attribute(attribute:\"solution\", value:\n\"All Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/chromium-103.0.5060.53\n \nAll Chromium binary users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/chromium-bin-103.0.5060.53\n \nAll Google Chrome users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/google-chrome-103.0.5060.53\n \nAll Microsoft Edge users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=www-client/chromium-103.0.5060.53\n \nAll QtWebEngine users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=dev-qt/qtwebengine-5.15.5_p20220618\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0809\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1853\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:google-chrome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:microsoft-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:qtwebengine\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : \"dev-qt/qtwebengine\",\n 'unaffected' : make_list(\"ge 5.15.5_p20220618\"),\n 'vulnerable' : make_list(\"lt 5.15.5_p20220618\")\n },\n {\n 'name' : \"www-client/chromium\",\n 'unaffected' : make_list(\"ge 103.0.5060.53\"),\n 'vulnerable' : make_list(\"lt 103.0.5060.53\")\n },\n {\n 'name' : \"www-client/google-chrome\",\n 'unaffected' : make_list(\"ge 103.0.5060.53\"),\n 'vulnerable' : make_list(\"lt 103.0.5060.53\")\n },\n {\n 'name' : \"www-client/microsoft-edge\",\n 'unaffected' : make_list(\"ge 101.0.1210.47\"),\n 'vulnerable' : make_list(\"lt 101.0.1210.47\")\n }\n];\n\nforeach package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Chromium / Google Chrome / Microsoft Edge / QtWebEngine\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "freebsd": [{"lastseen": "2023-12-06T15:47:18", "description": "\n\nChrome Releases reports:\n\nThis release contains 11 security fixes, including:\n\n[1299422] Critical CVE-2022-0971: Use after free in Blink\n\t Layout. Reported by Sergei Glazunov of Google Project Zero on\n\t 2022-02-21\n[1301320] High CVE-2022-0972: Use after free in Extensions.\n\t Reported by Sergei Glazunov of Google Project Zero on\n\t 2022-02-28\n[1297498] High CVE-2022-0973: Use after free in Safe Browsing.\n\t Reported by avaue and Buff3tts at S.S.L. on 2022-02-15\n[1291986] High CVE-2022-0974: Use after free in Splitscreen.\n\t Reported by @ginggilBesel on 2022-01-28\n[1295411] High CVE-2022-0975: Use after free in ANGLE. Reported\n\t by SeongHwan Park (SeHwa) on 2022-02-09\n[1296866] High CVE-2022-0976: Heap buffer overflow in GPU.\n\t Reported by Omair on 2022-02-13\n[1299225] High CVE-2022-0977: Use after free in Browser UI.\n\t Reported by Khalil Zhani on 2022-02-20\n[1299264] High CVE-2022-0978: Use after free in ANGLE. Reported\n\t by Cassidy Kim of Amber Security Lab, OPPO Mobile\n\t Telecommunications Corp. Ltd. on 2022-02-20\n[1302644] High CVE-2022-0979: Use after free in Safe Browsing.\n\t Reported by anonymous on 2022-03-03\n[1302157] Medium CVE-2022-0980: Use after free in New Tab Page.\n\t Reported by Krace on 2022-03-02\n\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-15T00:00:00", "type": "freebsd", "title": "chromium -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2022-03-15T00:00:00", "id": "857BE71A-A4B0-11EC-95FC-3065EC8FD3EC", "href": "https://vuxml.freebsd.org/freebsd/857be71a-a4b0-11ec-95fc-3065ec8fd3ec.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2022-11-06T10:39:22", "description": "An update that fixes 10 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n Update to version 99.0.4844.74 (boo#1197163)\n\n * CVE-2022-0971: Use after free in Blink Layout\n * CVE-2022-0972: Use after free in Extensions\n * CVE-2022-0973: Use after free in Safe Browsing\n * CVE-2022-0974: Use after free in Splitscreen\n * CVE-2022-0975: Use after free in ANGLE\n * CVE-2022-0976: Heap buffer overflow in GPU\n * CVE-2022-0977: Use after free in Browser UI\n * CVE-2022-0978: Use after free in ANGLE\n * CVE-2022-0979: Use after free in Safe Browsing\n * CVE-2022-0980: Use after free in New Tab Page\n * Various fixes from internal audits, fuzzing and other initiatives\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP3:\n\n zypper in -t patch openSUSE-2022-85=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-20T00:00:00", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2022-03-20T00:00:00", "id": "OPENSUSE-SU-2022:0085-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4Z4LLOJXXGP4GXUSNG4BEUSYEPI3FBAL/", "cvss": {"score": 0.0, "vector": "NONE"}}], "mageia": [{"lastseen": "2023-12-06T16:56:01", "description": "The chromium-browser-stable package has been updated to the 99.0.4844.74 version that fixes multiples security vulnerabilities. [1299422] Critical CVE-2022-0971: Use after free in Blink Layout. [1301320] High CVE-2022-0972: Use after free in Extensions. [1297498] High CVE-2022-0973: Use after free in Safe Browsing. [1291986] High CVE-2022-0974 : Use after free in Splitscreen. [1295411] High CVE-2022-0975: Use after free in ANGLE. [1296866] High CVE-2022-0976: Heap buffer overflow in GPU. [1299225] High CVE-2022-0977: Use after free in Browser UI. [1299264] High CVE-2022-0978: Use after free in ANGLE. [1302644] High CVE-2022-0979: Use after free in Safe Browsing. [1302157] Medium CVE-2022-0980: Use after free in New Tab Page. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-21T23:18:30", "type": "mageia", "title": "Updated chromium-browser-stable packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2022-03-21T23:18:30", "id": "MGASA-2022-0107", "href": "https://advisories.mageia.org/MGASA-2022-0107.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "chrome": [{"lastseen": "2023-12-06T20:11:54", "description": "The Stable channel has been updated to 99.0.4844.74 for Windows, Mac and Linux which will roll out over the coming days/weeks. \n\nA full list of changes in this build is available in the [log](<https://chromium.googlesource.com/chromium/src/+log/99.0.4844.51..99.0.4844.74?pretty=fuller&n=10000>). Interested in switching release channels? Find out how [here](<https://www.chromium.org/getting-involved/dev-channel>). If you find a new issue, please let us know by [filing a bug](<https://crbug.com/>). The [community help forum](<https://productforums.google.com/forum/#!forum/chrome>) is also a great place to reach out for help or learn about common issues.\n\n\n\n\nSecurity Fixes and Rewards\n\n\nNote: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven&#x27;t yet fixed. \n\nThis update includes [11](<https://bugs.chromium.org/p/chromium/issues/list?can=1&q=type%3Abug-security+os%3DAndroid%2Cios%2Clinux%2Cmac%2Cwindows%2Call%2Cchrome+label%3ARelease-1-M99>) security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the [Chrome Security Page](<https://sites.google.com/a/chromium.org/dev/Home/chromium-security>) for more information. \n\n\n\n\n[$NA][[1299422](<https://crbug.com/1299422>)] Critical CVE-2022-0971: Use after free in Blink Layout. Reported by Sergei Glazunov of Google Project Zero on 2022-02-21 \n\n[$NA][[1301320](<https://crbug.com/1301320>)] High CVE-2022-0972: Use after free in Extensions. Reported by Sergei Glazunov of Google Project Zero on 2022-02-28 \n\n[$15000][[1297498](<https://crbug.com/1297498>)] High CVE-2022-0973: Use after free in Safe Browsing. Reported by avaue and Buff3tts at S.S.L. on 2022-02-15 \n\n[$7000][[1291986](<https://crbug.com/1291986>)] High CVE-2022-0974 : Use after free in Splitscreen. Reported by @ginggilBesel on 2022-01-28 \n\n[$7000][[1295411](<https://crbug.com/1295411>)] High CVE-2022-0975: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-02-09 \n\n[$7000][[1296866](<https://crbug.com/1296866>)] High CVE-2022-0976: Heap buffer overflow in GPU. Reported by Omair on 2022-02-13 \n\n[$3000][[1299225](<https://crbug.com/1299225>)] High CVE-2022-0977: Use after free in Browser UI. Reported by Khalil Zhani on 2022-02-20 \n\n[$TBD][[1299264](<https://crbug.com/1299264>)] High CVE-2022-0978: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-02-20 \n\n[$TBD][[1302644](<https://crbug.com/1302644>)] High CVE-2022-0979: Use after free in Safe Browsing. Reported by anonymous on 2022-03-03 \n\n[$TBD][[1302157](<https://crbug.com/1302157>)] Medium CVE-2022-0980: Use after free in New Tab Page. Reported by Krace on 2022-03-02 \n\n\nWe would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. \n\n\n\nAs usual, our ongoing internal security work was responsible for a wide range of fixes: \n[[1305655](<https://crbug.com/1305655>)] Various fixes from internal audits, fuzzing and other initiatives \n\nMany of our security bugs are detected using [AddressSanitizer](<https://code.google.com/p/address-sanitizer/wiki/AddressSanitizer>), [MemorySanitizer](<https://code.google.com/p/memory-sanitizer/wiki/MemorySanitizer>), [UndefinedBehaviorSanitizer](<https://www.chromium.org/developers/testing/undefinedbehaviorsanitizer>), [Control Flow Integrity](<https://sites.google.com/a/chromium.org/dev/developers/testing/control-flow-integrity>), [libFuzzer](<https://sites.google.com/a/chromium.org/dev/developers/testing/libfuzzer>), or [AFL](<https://github.com/google/afl>).\n\nInterested in switching release channels? Find out how [here](<https://www.chromium.org/getting-involved/dev-channel>). If you find a new issue, please let us know by [filing a bug](<https://crbug.com/>). The [community help forum](<https://productforums.google.com/forum/#!forum/chrome>) is also a great place to reach out for help or learn about common issues.\n\n\n\n\n\nPrudhvikumar Bommana\n\nGoogle Chrome", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-15T00:00:00", "type": "chrome", "title": "Stable Channel Update for Desktop", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2022-03-15T00:00:00", "id": "GCSA-7849219922267498677", "href": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2023-12-06T16:50:38", "description": "### *Detect date*:\n03/15/2022\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service.\n\n### *Affected products*:\nGoogle Chrome earlier than 99.0.4844.74\n\n### *Solution*:\nUpdate to the latest version \n[Download Google Chrome](<https://www.google.com/chrome/>)\n\n### *Original advisories*:\n[Stable Channel Update for Desktop](<https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Google Chrome](<https://threats.kaspersky.com/en/product/Google-Chrome/>)\n\n### *CVE-IDS*:\n[CVE-2022-0972](<https://vulners.com/cve/CVE-2022-0972>)5.0Warning \n[CVE-2022-0975](<https://vulners.com/cve/CVE-2022-0975>)5.0Warning \n[CVE-2022-0976](<https://vulners.com/cve/CVE-2022-0976>)5.0Warning \n[CVE-2022-0973](<https://vulners.com/cve/CVE-2022-0973>)5.0Warning \n[CVE-2022-0980](<https://vulners.com/cve/CVE-2022-0980>)5.0Warning \n[CVE-2022-0978](<https://vulners.com/cve/CVE-2022-0978>)5.0Warning \n[CVE-2022-0977](<https://vulners.com/cve/CVE-2022-0977>)5.0Warning \n[CVE-2022-0979](<https://vulners.com/cve/CVE-2022-0979>)5.0Warning \n[CVE-2022-0971](<https://vulners.com/cve/CVE-2022-0971>)5.0Warning \n[CVE-2022-0974](<https://vulners.com/cve/CVE-2022-0974>)5.0Warning", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-15T00:00:00", "type": "kaspersky", "title": "KLA12487 Multiple vulnerabilities in Google Chrome", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2023-09-29T00:00:00", "id": "KLA12487", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12487/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-06T16:50:18", "description": "### *Detect date*:\n03/17/2022\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges.\n\n### *Affected products*:\nMicrosoft Edge (Chromium-based)\n\n### *Solution*:\nInstall necessary updates from the Settings and more menu, that are listed in your About Microsoft Edge page (Microsoft Edge About page usually can be accessed from the Help and feedback option) \n[Microsoft Edge update settings](<https://support.microsoft.com/en-us/topic/microsoft-edge-update-settings-af8aaca2-1b69-4870-94fe-18822dbb7ef1>)\n\n### *Original advisories*:\n[CVE-2022-0979](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0979>) \n[CVE-2022-0972](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0972>) \n[CVE-2022-0973](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0973>) \n[CVE-2022-0971](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0971>) \n[CVE-2022-0978](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0978>) \n[CVE-2022-0974](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0974>) \n[CVE-2022-0976](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0976>) \n[CVE-2022-0977](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0977>) \n[CVE-2022-0975](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0975>) \n[CVE-2022-26899](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26899>) \n[CVE-2022-0980](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0980>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Edge](<https://threats.kaspersky.com/en/product/Microsoft-Edge/>)\n\n### *CVE-IDS*:\n[CVE-2022-0972](<https://vulners.com/cve/CVE-2022-0972>)5.0Warning \n[CVE-2022-0975](<https://vulners.com/cve/CVE-2022-0975>)5.0Warning \n[CVE-2022-0976](<https://vulners.com/cve/CVE-2022-0976>)5.0Warning \n[CVE-2022-0973](<https://vulners.com/cve/CVE-2022-0973>)5.0Warning \n[CVE-2022-0980](<https://vulners.com/cve/CVE-2022-0980>)5.0Warning \n[CVE-2022-0978](<https://vulners.com/cve/CVE-2022-0978>)5.0Warning \n[CVE-2022-0977](<https://vulners.com/cve/CVE-2022-0977>)5.0Warning \n[CVE-2022-0979](<https://vulners.com/cve/CVE-2022-0979>)5.0Warning \n[CVE-2022-0971](<https://vulners.com/cve/CVE-2022-0971>)5.0Warning \n[CVE-2022-0974](<https://vulners.com/cve/CVE-2022-0974>)5.0Warning \n[CVE-2022-26899](<https://vulners.com/cve/CVE-2022-26899>)5.0Warning\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-17T00:00:00", "type": "kaspersky", "title": "KLA12490 Multiple vulnerabilities in Microsoft Browser", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980", "CVE-2022-26899"], "modified": "2023-09-29T00:00:00", "id": "KLA12490", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12490/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2023-12-07T11:56:25", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5104-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMarch 18, 2022 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium\nCVE ID : CVE-2022-0971 CVE-2022-0972 CVE-2022-0973 CVE-2022-0974 \n CVE-2022-0975 CVE-2022-0976 CVE-2022-0977 CVE-2022-0978 \n CVE-2022-0979 CVE-2022-0980\n\nMultiple security issues were discovered in Chromium, which\ncould result in the execution of arbitrary code, denial of service\nor information disclosure.\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 99.0.4844.74-1~deb11u1.\n\nWe recommend that you upgrade your chromium packages.\n\nFor the detailed security status of chromium please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/chromium\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-18T18:56:05", "type": "debian", "title": "[SECURITY] [DSA 5104-1] chromium security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980"], "modified": "2022-03-18T18:56:05", "id": "DEBIAN:DSA-5104-1:FCFAF", "href": "https://lists.debian.org/debian-security-announce/2022/msg00072.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "hivepro": [{"lastseen": "2022-03-23T09:28:58", "description": "For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&amp;CK TTPs 567 22 5 36 15 60 The third week of March 2022 witnessed the discovery of 567 vulnerabilities out of which 22 gained the attention of Threat Actors and security researchers worldwide. Among these 22, there were 2 vulnerabilities about which the National vulnerability Database (NVD) is awaiting analysis, while 2 more of them are undergoing reanalysis, and 14 were not present in the NVD at all. Hive Pro Threat Research Team has curated a list of 22 CVEs that require immediate action. Furthermore, we also observed five threat actor groups being highly active in the last week. The Sandworm Team, a well-known Russian threat actor group popular for sabotage and destruction, was observed using a new malware known as Cyclops Blink. Additionally, a new threat actor, Exotic Lily, was acting as Initial Access Broker (IAB) for Conti and Diavol ransomware groups exploiting the zero-day vulnerability in Microsoft MSHTML (CVE-2021-40444). Another threat actor from Russia, UAC-0056, was observed targeting Western European and North American ministries as well as private sectors. Two ransomware gangs, Pandora and Lockbit, were active across different organizations around the globe. Common TTPs which could potentially be exploited by these threat actors or CVEs can be found in the detailed section below. Detailed Report: Interesting Vulnerabilities: Vendor CVEs Patch Link CVE-2021-20083 https://wordpress.org/news/2022/03/wordpress-5-9-2-security-maintenance-release/ CVE-2022-24728 CVE-2022-24729 https://www.drupal.org/project/drupal/releases/9.2.15 https://www.drupal.org/project/drupal/releases/9.3.8 CVE-2022-0337 https://download3.operacdn.com/pub/opera/desktop/84.0.4316.42/win/Opera_84.0.4316.42_Setup_x64.exe CVE-2022-0337 https://files02.tchspt.com/temp/MicrosoftEdgeSetup.exe Vendor CVEs Patch Link CVE-2022-0971 CVE-2022-0972 CVE-2022-0973 CVE-2022-0974 CVE-2022-0975 CVE-2022-0976 CVE-2022-0977 CVE-2022-0978 CVE-2022-0979 CVE-2022-0980 CVE-2022-0337 https://www.google.com/intl/en/chrome/?standalone=1 CVE-2022-0778 https://github.com/openssl/openssl/commit/a466912611aa6cbdf550cd10601390e587451246 https://github.com/openssl/openssl/commit/3118eb64934499d93db3230748a452351d1d9a65 CVE-2022- 25636 https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/snapshot/nf-b1a5983f56e371046dcf164f90bfaf704d2b89f6.tar.gz CVE-2021-22986 https://support.f5.com/csp/article/K03009991 CVE-2018-13379 https://www.fortiguard.com/psirt/FG-IR-18-384 CVE-2021-25220 CVE-2022-0396 CVE-2022-0635 CVE-2022-0667 https://www.isc.org/bind/ Active Actors: Icon Name Origin Motive Exotic Lily Unknown Ecrime UAC-0056 (SaintBear, UNC2589, TA471) Russia Information theft Pandora Ransomware Gang Unknown Ecrime, Information theft, and Financial gain Lockbit 2.0 Unknown Financial gain Sandworm Team (ELECTRUM, Telebots, IRON VIKING, BlackEnergy (Group), Quedagh, VOODOO BEAR) Russia Sabotage anddestruction Targeted Location: Targeted Sectors: Common TTPs: TA0042: Resource Development TA0001: Initial Access TA0002: Execution TA0003: Persistence TA0004: Privilege Escalation TA0005: Defense Evasion TA0006: Credential Access T1587: Develop Capabilities T1190: Exploit Public-Facing Application T1059: Command and Scripting Interpreter T1547: Boot or Logon Autostart Execution T1547: Boot or Logon Autostart Execution T1562: Impair Defenses T1557: Adversary-in-the-Middle T1587.001: Malware T1133: External Remote Services T1059.007: JavaScript T1547.001: Registry Run Keys / Startup Folder T1547.001: Registry Run Keys / Startup Folder T1562.004: Disable or Modify System Firewall T1110: Brute Force T1588: Obtain Capabilities T1566: Phishing T1059.004: Unix Shell T1037: Boot or Logon Initialization Scripts T1037: Boot or Logon Initialization Scripts T1070: Indicator Removal on Host T1110.001: Password Guessing T1588.006: Vulnerabilities T1566.001: Spearphishing Attachment T1059.003: Windows Command Shell T1037.004: RC Scripts T1037.004: RC Scripts T1070.004: File Deletion T1056: Input Capture T1078: Valid Accounts T1203: Exploitation for Client Execution T1133: External Remote Services T1068: Exploitation for Privilege Escalation T1036: Masquerading T1056.004: Credential API Hooking T1204: User Execution T1556: Modify Authentication Process T1055: Process Injection T1036.005: Match Legitimate Name or Location T1556: Modify Authentication Process T1204.002: Malicious File T1137: Office Application Startup T1078: Valid Accounts T1556: Modify Authentication Process T1003: OS Credential Dumping T1047: Windows Management Instrumentation T1542: Pre-OS Boot T1112: Modify Registry T1003.003: NTDS T1542.001: System Firmware T1027: Obfuscated Files or Information T1137: Office Application Startup T1027.006: HTML Smuggling T1137.001: Office Template Macros T1027.002: Software Packing T1078: Valid Accounts T1542: Pre-OS Boot T1542.001: System Firmware T1055: Process Injection T1078: Valid Accounts T1497: Virtualization/Sandbox Evasion TA0007: Discovery TA0008: Lateral Movement TA0009: Collection TA0011: Command and Control TA0010: Exfiltration TA0040: Impact T1087: Account Discovery T1021: Remote Services T1557: Adversary-in-the-Middle T1071: Application Layer Protocol T1041: Exfiltration Over C2 Channel T1485: Data Destruction T1083: File and Directory Discovery T1021.001: Remote Desktop Protocol T1560: Archive Collected Data T1071.001: Web Protocols T1567: Exfiltration Over Web Service T1486: Data Encrypted for Impact T1057: Process Discovery T1021.002: SMB/Windows Admin Shares T1560.001: Archive via Utility T1132: Data Encoding T1567.002: Exfiltration to Cloud Storage T1565: Data Manipulation T1012: Query Registry T1056: Input Capture T1132.002: Non-Standard Encoding T1499: Endpoint Denial of Service T1018: Remote System Discovery T1056.004: Credential API Hooking T1573: Encrypted Channel T1499.004: Application or System Exploitation T1518: Software Discovery T1573.002: Asymmetric Cryptography T1490: Inhibit System Recovery T1082: System Information Discovery T1008: Fallback Channels T1498: Network Denial of Service T1497: Virtualization/Sandbox Evasion T1105: Ingress Tool Transfer T1498.001: Direct Network Flood T1571: Non-Standard Port T1090: Proxy T1090.003: Multi-hop Proxy Threat Advisories: Pandora Ransomware Targets Multiple Plants around the Globe LockBit 2.0 Ransomware affiliates targeting Renowned Organizations Sandworm Team using a new modular malware Cyclops Blink Environment Variables Leak affect Multiple browsers Major Content Management Systems affected by Multiple vulnerabilities New Threat Actor Exotic Lily acting as Initial Access Broker for Conti and Diavol ransomware group Russian threat actors leveraging misconfigured multifactor authentication to exploit PrintNightmare vulnerability Russian threat actor UAC-0056 targets European countries Multiple Google Chrome Vulnerabilities affects all Platforms Attackers could gain root access using vulnerability in Linux Kernel Netfilter Firewall OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop Attackers Escape Kubernetes Containers using \u201ccr8escape\u201d Vulnerability in CRI-O Russia under Attack from New RURansom Wiper", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2022-03-23T04:17:40", "type": "hivepro", "title": "Weekly Threat Digest: 14 \u2013 20 March 2022", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-13379", "CVE-2021-20083", "CVE-2021-22986", "CVE-2021-25220", "CVE-2021-40444", "CVE-2022-0337", "CVE-2022-0396", "CVE-2022-0635", "CVE-2022-0667", "CVE-2022-0778", "CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980", "CVE-2022-24728", "CVE-2022-24729"], "modified": "2022-03-23T04:17:40", "id": "HIVEPRO:B772F2F7B4C9AE8452D1197E2E240204", "href": "https://www.hivepro.com/weekly-threat-digest-14-20-march-2022/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2023-12-06T16:54:27", "description": "### Background\n\nChromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Microsoft Edge is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Chromium and its derivatives. Please review the CVE identifiers referenced below for details.\n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Chromium users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/chromium-103.0.5060.53\"\n \n\nAll Chromium binary users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/chromium-bin-103.0.5060.53\"\n \n\nAll Google Chrome users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/google-chrome-103.0.5060.53\"\n \n\nAll Microsoft Edge users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/chromium-103.0.5060.53\"\n \n\nAll QtWebEngine users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-qt/qtwebengine-5.15.5_p20220618\"", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-08-14T00:00:00", "type": "gentoo", "title": "Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-30551", "CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068", "CVE-2021-4078", "CVE-2021-4079", "CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809", "CVE-2022-0971", "CVE-2022-0972", "CVE-2022-0973", "CVE-2022-0974", "CVE-2022-0975", "CVE-2022-0976", "CVE-2022-0977", "CVE-2022-0978", "CVE-2022-0979", "CVE-2022-0980", "CVE-2022-1096", "CVE-2022-1125", "CVE-2022-1127", "CVE-2022-1128", "CVE-2022-1129", "CVE-2022-1130", "CVE-2022-1131", "CVE-2022-1132", "CVE-2022-1133", "CVE-2022-1134", "CVE-2022-1135", "CVE-2022-1136", "CVE-2022-1137", "CVE-2022-1138", "CVE-2022-1139", "CVE-2022-1141", "CVE-2022-1142", "CVE-2022-1143", "CVE-2022-1144", "CVE-2022-1145", "CVE-2022-1146", "CVE-2022-1232", "CVE-2022-1305", "CVE-2022-1306", "CVE-2022-1307", "CVE-2022-1308", "CVE-2022-1309", "CVE-2022-1310", "CVE-2022-1311", "CVE-2022-1312", "CVE-2022-1313", "CVE-2022-1314", "CVE-2022-1364", "CVE-2022-1477", "CVE-2022-1478", "CVE-2022-1479", "CVE-2022-1480", "CVE-2022-1481", "CVE-2022-1482", "CVE-2022-1483", "CVE-2022-1484", "CVE-2022-1485", "CVE-2022-1486", "CVE-2022-1487", "CVE-2022-1488", "CVE-2022-1489", "CVE-2022-1490", "CVE-2022-1491", "CVE-2022-1492", "CVE-2022-1493", "CVE-2022-1494", "CVE-2022-1495", "CVE-2022-1496", "CVE-2022-1497", "CVE-2022-1498", "CVE-2022-1499", "CVE-2022-1500", "CVE-2022-1501", "CVE-2022-1633", "CVE-2022-1634", "CVE-2022-1635", "CVE-2022-1636", "CVE-2022-1637", "CVE-2022-1639", "CVE-2022-1640", "CVE-2022-1641", "CVE-2022-1853", "CVE-2022-1854", "CVE-2022-1855", "CVE-2022-1856", "CVE-2022-1857", "CVE-2022-1858", "CVE-2022-1859", "CVE-2022-1860", "CVE-2022-1861", "CVE-2022-1862", "CVE-2022-1863", "CVE-2022-1864", "CVE-2022-1865", "CVE-2022-1866", "CVE-2022-1867", "CVE-2022-1868", "CVE-2022-1869", "CVE-2022-1870", "CVE-2022-1871", "CVE-2022-1872", "CVE-2022-1873", "CVE-2022-1874", "CVE-2022-1875", "CVE-2022-1876", "CVE-2022-2007", "CVE-2022-2010", "CVE-2022-2011", "CVE-2022-2156", "CVE-2022-2157", "CVE-2022-2158", "CVE-2022-2160", "CVE-2022-2161", "CVE-2022-2162", "CVE-2022-2163", "CVE-2022-2164", "CVE-2022-2165", "CVE-2022-22021", "CVE-2022-24475", "CVE-2022-24523", "CVE-2022-26891", "CVE-2022-26894", "CVE-2022-26895", "CVE-2022-26900", "CVE-2022-26905", "CVE-2022-26908", "CVE-2022-26909", "CVE-2022-26912", "CVE-2022-29144", "CVE-2022-29146", "CVE-2022-29147", "CVE-2022-30127", "CVE-2022-30128", "CVE-2022-30192", "CVE-2022-33638", "CVE-2022-33639"], "modified": "2022-08-14T00:00:00", "id": "GLSA-202208-25", "href": "https://security.gentoo.org/glsa/202208-25", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}