CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS
Percentile
90.2%
The chromium-browser-stable package has been updated to the 100.0.4896.127 version, fixing many CVE, along with fixes from the 100.0.4896.75 and 100.0.4896.88 versions. Google is aware that an exploit for CVE-2022-1364 exists in the wild. [1315901] High CVE-2022-1364: Type Confusion in V8. Reported by Clément Lecigne of Google’s Threat Analysis Group on 2022-04-13 [1311641] High CVE-2022-1232: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2022-03-30 [1285234] High CVE-2022-1305: Use after free in storage. Reported by Anonymous on 2022-01-07 [1299287] High CVE-2022-1306: Inappropriate implementation in compositing. Reported by Sven Dysthe on 2022-02-21 [1301873] High CVE-2022-1307: Inappropriate implementation in full screen. Reported by Irvan Kurniawan (sourc7) on 2022-03-01 [1283050] High CVE-2022-1308: Use after free in BFCache. Reported by Samet Bekmezci @sametbekmezci on 2021-12-28 [1106456] High CVE-2022-1309: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-07-17 [1307610] High CVE-2022-1310: Use after free in regular expressions. Reported by Brendon Tiszka on 2022-03-18 [1310717] High CVE-2022-1311: Use after free in Chrome OS shell. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-03-28 [1311701] High CVE-2022-1312: Use after free in storage. Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2022-03-30 [1270539] Medium CVE-2022-1313: Use after free in tab groups. Reported by Thomas Orlita on 2021-11-16 [1304658] Medium CVE-2022-1314: Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2022-03-09 [1315276] Various fixes from internal audits, fuzzing and other initiatives [1316420] Various fixes from internal audits, fuzzing and other initiatives
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | chromium-browser-stable | < 100.0.4896.127-1 | chromium-browser-stable-100.0.4896.127-1.mga8 |
bugs.mageia.org/show_bug.cgi?id=30259
bugs.mageia.org/show_bug.cgi?id=30276
chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop.html
chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html
chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_14.html