Lucene search

K
mageiaGentoo FoundationMGASA-2022-0043
HistoryFeb 03, 2022 - 12:29 a.m.

Updated chromium-browser-stable packages fix security vulnerability

2022-02-0300:29:30
Gentoo Foundation
advisories.mageia.org
25

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

9.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS

0.012

Percentile

85.4%

CVE-2022-0096: Use after free in Storage. CVE-2022-0097: Inappropriate implementation in DevTools. CVE-2022-0098: Use after free in Screen Capture. CVE-2022-0099: Use after free in Sign-in. CVE-2022-0100: Heap buffer overflow in Media streams API. CVE-2022-0101: Heap buffer overflow in Bookmarks. CVE-2022-0102: Type Confusion in V8. CVE-2022-0103: Use after free in SwiftShader. CVE-2022-0104: Heap buffer overflow in ANGLE. CVE-2022-0105: Use after free in PDF. CVE-2022-0106: Use after free in Autofill. CVE-2022-0107: Use after free in File Manager API. CVE-2022-0108: Inappropriate implementation in Navigation. CVE-2022-0109: Inappropriate implementation in Autofill. CVE-2022-0110: Incorrect security UI in Autofill. CVE-2022-0111: Inappropriate implementation in Navigation. CVE-2022-0112: Incorrect security UI in Browser UI. CVE-2022-0113: Inappropriate implementation in Blink. CVE-2022-0114: Out of bounds memory access in Web Serial. CVE-2022-0115: Uninitialized Use in File API. CVE-2022-0116: Inappropriate implementation in Compositing. CVE-2022-0117: Policy bypass in Service Workers. CVE-2022-0118: Inappropriate implementation in WebShare. CVE-2022-0120: Inappropriate implementation in Passwords. CVE-2022-0289: Use after free in Safe browsing. CVE-2022-0290: Use after free in Site isolation. CVE-2022-0291: Inappropriate implementation in Storage. CVE-2022-0292: Inappropriate implementation in Fenced Frames. CVE-2022-0293: Use after free in Web packaging. CVE-2022-0294: Inappropriate implementation in Push messaging. CVE-2022-0295: Use after free in Omnibox. CVE-2022-0296: Use after free in Printing. CVE-2022-0297: Use after free in Vulkan. CVE-2022-0298: Use after free in Scheduling. CVE-2022-0300: Use after free in Text Input Method Editor. CVE-2022-0301: Heap buffer overflow in DevTools. CVE-2022-0302: Use after free in Omnibox. CVE-2022-0304: Use after free in Bookmarks. CVE-2022-0305: Inappropriate implementation in Service Worker API. CVE-2022-0306: Heap buffer overflow in PDFium. CVE-2022-0307: Use after free in Optimization Guide. CVE-2022-0308: Use after free in Data Transfer. CVE-2022-0309: Inappropriate implementation in Autofill. CVE-2022-0310: Heap buffer overflow in Task Manager. CVE-2022-0311: Heap buffer overflow in Task Manager. CVE-2022-0337: Inappropriate implementation in File System API.

OSVersionArchitecturePackageVersionFilename
Mageia8noarchchromium-browser-stable< 97.0.4692.99-1chromium-browser-stable-97.0.4692.99-1.mga8

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

9.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS

0.012

Percentile

85.4%