Chromium: CVE-2022-0791 Use after free in Omnibox

2022-03-03T08:00:00

Description

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](<https://chromereleases.googleblog.com/2022>) for more information.

{"id": "MS:CVE-2022-0791", "vendorId": null, "type": "mscve", "bulletinFamily": "microsoft", "title": "Chromium: CVE-2022-0791 Use after free in Omnibox", "description": "This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](<https://chromereleases.googleblog.com/2022>) for more information.\n", "published": "2022-03-03T08:00:00", "modified": "2022-03-03T08:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-0791", "reporter": "Microsoft", "references": [], "cvelist": ["CVE-2022-0791"], "immutableFields": [], "lastseen": "2022-04-11T13:15:38", "viewCount": 39, "enchantments": {"dependencies": {"references": [{"type": "chrome", "idList": ["GCSA-6939266571131734261"]}, {"type": "debian", "idList": ["DEBIAN:DSA-5089-1:AD3EF"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-0791"]}, {"type": "fedora", "idList": ["FEDORA:7AA7C307F074", "FEDORA:BD29330987FD"]}, {"type": "freebsd", "idList": ["E0914087-9A09-11EC-9E61-3065EC8FD3EC"]}, {"type": "hivepro", "idList": ["HIVEPRO:BCE2BBD9B7F60262FC88072724858373"]}, {"type": "kaspersky", "idList": ["KLA12482"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:55AA70B1AC881E67BF014D654B7B1554"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-5089.NASL", "FREEBSD_PKG_E09140879A0911EC9E613065EC8FD3EC.NASL", "GOOGLE_CHROME_99_0_4844_51.NASL", "MACOSX_GOOGLE_CHROME_99_0_4844_51.NASL", "MICROSOFT_EDGE_CHROMIUM_99_0_1150_30.NASL", "OPENSUSE-2022-0075-1.NASL"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:C62665D003B287EB5E4FC604B7578606"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0075-1"]}]}, "score": {"value": 3.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "chrome", "idList": ["GCSA-6939266571131734261"]}, {"type": "debian", "idList": ["DEBIAN:DSA-5089-1:AD3EF"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-0791"]}, {"type": "fedora", "idList": ["FEDORA:7AA7C307F074"]}, {"type": "hivepro", "idList": ["HIVEPRO:BCE2BBD9B7F60262FC88072724858373"]}, {"type": "kaspersky", "idList": ["KLA12482"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_E09140879A0911EC9E613065EC8FD3EC.NASL", "GOOGLE_CHROME_99_0_4844_51.NASL", "MACOSX_GOOGLE_CHROME_99_0_4844_51.NASL", "MICROSOFT_EDGE_CHROMIUM_99_0_1150_30.NASL"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:C62665D003B287EB5E4FC604B7578606"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0075-1"]}]}, "vulnersScore": 3.6}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "kbList": ["KBRelease Notes"], "msrc": "", "mscve": "CVE-2022-0791", "msAffectedSoftware": [{"name": "Microsoft Edge (Chromium-based)", "kbSupersedence": "", "kb": "KBRelease Notes", "msplatform": "", "version": "99.0.1150.30", "operator": "lt"}], "vendorCvss": {"baseScore": "", "temporalScore": "", "vectorString": ""}}

{"debiancve": [{"lastseen": "2022-06-25T01:58:32", "description": "Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-04-05T01:15:00", "type": "debiancve", "title": "CVE-2022-0791", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0791"], "modified": "2022-04-05T01:15:00", "id": "DEBIANCVE:CVE-2022-0791", "href": "https://security-tracker.debian.org/tracker/CVE-2022-0791", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-04-11T10:44:31", "description": "Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-04-05T01:15:00", "type": "cve", "title": "CVE-2022-0791", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0791"], "modified": "2022-04-11T09:40:00", "cpe": [], "id": "CVE-2022-0791", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0791", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}], "veracode": [{"lastseen": "2022-05-12T00:11:01", "description": "Chrome is vulnerable to denial of service. The vulnerability exists due to a Omnibox.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-03-07T00:11:45", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0791"], "modified": "2022-04-11T10:38:18", "id": "VERACODE:34521", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-34521/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "malwarebytes": [{"lastseen": "2022-03-02T17:27:15", "description": "The Chrome team [announced](<https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html>) the promotion of Chrome 99 to the stable channel for Windows, Mac and Linux on March 1, 2022. This will roll out over the coming days/weeks.\n\nIn the desktop version, a total of 28 vulnerabilities were closed. Of these, 11 were classified as high, 15 as medium and two as low. Below we will discuss a few of those vulnerabilities as far as there are details available.\n\nThe Chrome versions for iOS and Android were also updated, to 99.0.4844.47 and 99.0.4844.48 respectively. These updates are stability and performance improvements.\n\n## Vulnerabilities\n\nPublicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). All the vulnerabilities discussed below were classified as high and found by external researchers.\n\n[CVE-2022-0789](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0789>): Heap buffer overflow in ANGLE. ANGLE is used as the default WebGL backend for both Google Chrome and Mozilla Firefox on Windows platforms. Heap is the name for a region of a process\u2019 memory which is used to store dynamic variables. A buffer overflow is a type of software vulnerability that exists when an area of memory within a software application reaches its address boundary and writes into an adjacent memory region. In software exploit code, the two common areas that are targeted for overflows are the stack and the heap.\n\n[CVE-2022-0790](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0790>): Use after free in Cast UI. Use after free (UAF) is a vulnerability due to incorrect use of dynamic memory during a program\u2019s operation. If after freeing a memory location, a program does not clear the pointer to that memory, an attacker can use the error to manipulate the program. The Cast UI is the menu that allows you to cast a browser tab to an external screen, e.g. via Chromecast.\n\n[CVE-2022-0791](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0791>): Use after free in Omnibox. The Omnibox is the Google Chrome address bar which is called Omnibox because it can be used for many other functions besides surfing to a web address.\n\n[CVE-2022-0792](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0792>): Out of bounds read in ANGLE. An out of bounds read vulnerability means that the program reads data from outside the bounds of allocated memory. Potentially this type of vulnerability could be used to exfiltrate data from the affected machine.\n\n[CVE-2022-0793](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0793>): Use after free in Views. Views is the framework that allows Chrome developers to build a custom user interface for use on the Windows platform.\n\n[CVE-2022-0794](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0794>): Use after free in WebShare. Web Share is an API for sharing data (text, URLs, images) from the web to an app of the user's choosing. A user can share current tab and selected text using the installed apps on their computer.\n\n[CVE-2022-0795](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0795>): Type Confusion in Blink Layout. A type confusion vulnerability exists when a piece of code doesn\u2019t verify the type of object that is passed to it. In some cases of type confusion, wrong function pointers or data are fed into the wrong piece of code. Under some circumstances this can lead to code execution. Blink is an open-source browser layout engine developed by Google as part of the Chromium Project and part of the Chrome browser.\n\n[CVE-2022-0796](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0796>): Use after free in Media. The Media component is used to display many media types in the browser.\n\n[CVE-2022-0797](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0797>): Out of bounds memory access in Mojo. Mojo is a platform for sandboxed services communicating over IPC. Inter-process Communication (IPC) is the component that was designed to regulate communication between the processes in Chrome\u2019s multi-process architecture.\n\nAs more details about the vulnerabilities will be released once everyone has had a chance to install the latest version, we will keep you posted on any important additional information.\n\n## How to update\n\nThe easiest way to update Chrome is to allow it to update automatically, which basically uses the same method as outlined below but does not require your attention. However, you can end up lagging behind if you never close the browser or if something goes wrong, such as an extension stopping you from updating the browser.\n\nSo, it doesn\u2019t hurt to check now and then. And now would be a good time, given the severity of the vulnerability. My preferred method is to have Chrome open the page **chrome://settings/help** which you can also find by clicking **Settings > About Chrome**.\n\nIf there is an update available, Chrome will notify you and start downloading it. Then all you have to do is relaunch the browser in order for the update to complete.\n\n## Nearing 100\n\nThe desktop version has now been updated to the new version 99 (99.0.4844.51), which means we are one step closer to the [potential problems with user agent strings](<https://blog.malwarebytes.com/101/2022/02/firefox-and-chrome-reaching-major-versions-100-may-break-some-websites/>) that may arise when we reach major version 100. This is currently slated for released on March 29.\n\nStay safe, everyone!\n\nThe post [Google launches Chrome 99, fixes 28 vulnerabilities](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/03/google-launches-chrome-99-fixes-28-vulnerabilities/>) appeared first on [Malwarebytes Labs](<https://blog.malwarebytes.com>).", "cvss3": {}, "published": "2022-03-02T14:57:56", "type": "malwarebytes", "title": "Google launches Chrome 99, fixes 28 vulnerabilities", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797"], "modified": "2022-03-02T14:57:56", "id": "MALWAREBYTES:55AA70B1AC881E67BF014D654B7B1554", "href": "https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/03/google-launches-chrome-99-fixes-28-vulnerabilities/", "cvss": {"score": 0.0, "vector": "NONE"}}], "hivepro": [{"lastseen": "2022-03-09T13:28:33", "description": "For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Targeted Countries Targeted Industries ATT&CK TTPs 381 19 3 5 22 The first week of March 2022 witnessed the discovery of 381 vulnerabilities out of which 19 garnered the attention of security researchers worldwide. Among these 19, there were 2 zero-days and 1 other vulnerability about which the National vulnerability Database (NVD) is still awaiting analysis while 18 were not present in the NVD at all. Hive Pro Threat Research Team has curated a list of 19 CVEs that require immediate action. Last week was all about Russia and Ukraine cyber warfare, there were two malware that targeted Ukraine, namely HermeticWiper and Isaacwiper. These are data wiper malware threats that disable infiltrated systems by erasing or wiping essential data rather than rendering it inaccessible through encryption. Daxin was another sophisticated rootkit backdoor malware that emerged last week. The main target for daxin was the organizations and governments of strategic interest to China. This report lastly talks about the common TTPs which could potentially be exploited by this malware or CVEs. Detailed Report: Interesting Vulnerabilities: Vendor CVEs Patch Link CVE-2022-26485* CVE-2022-26486* https://cdn.stubdownloader.services.mozilla.com/builds/firefox-stub/enUS/win/bb09da6defac4081f06e02ac17730b9b6f1e13db4315d371a03b167a2f4b3155/Firefox%20Installer.exe CVE-2022-0492 https://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-container-5.4.17-2136.302.7.2.3.el7.src.rpm https://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17-2136.302.7.2.3.el7uek.src.rpm https://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-container-5.4.17-2136.302.7.2.3.el8.src.rpm https://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.302.7.2.3.el8uek.src.rpm CVE-2021-4191 CVE-2022-0489 CVE-2022-0738 CVE-2022-0741 CVE-2022-0751 CVE-2022-0549 CVE-2022-0735 https://gitlab.com/gitlab-org/omnibus-gitlab/-/tree/14.8.2-Security-Hotpatches/config/patches/gitlab-rails https://about.gitlab.com/update/ https://docs.gitlab.com/runner/install/linux-repository.html#updating-the-runner CVE-2022-0789^ CVE-2022-0790^ CVE-2022-0791^ CVE-2022-0792^ CVE-2022-0793^ CVE-2022-0794^ CVE-2022-0795^ CVE-2022-0796^ CVE-2022-0797^ https://www.google.com/intl/en/chrome/?standalone=1 Targeted Location: Targeted Sectors: Common TTPs: TA0042: Resource Development TA0001: Initial Access TA0002: Execution TA0003: Persistence TA0004: Privilege Escalation TA0005: Defense Evasion T1588: Obtain Capabilities T1190: Exploit Public-Facing Application T1059: Command and Scripting Interpreter T1078: Valid Accounts T1078: Valid Accounts T1078: Valid Accounts T1588.002: Tool T1078: Valid Accounts T1059.003: Windows Command Shell T1078.002: Domain Accounts T1078.002: Domain Accounts T1078.002: Domain Accounts T1588.003: Code Signing Certificates T1078.002: Domain Accounts T1106: Native API T1098: Account Manipulation T1068: Exploitation for Privilege Escalation T1189: Drive-by Compromise T1047: Windows Management Instrumentation T1611: Escape to Host T1569: System Services T1569.002: Service Execution TA0006: Credential Access TA0007: Discovery TA0008: Lateral Movement TA0009: Collection TA0040: Impact T1056: Input Capture T1087: Account Discovery T1021: Remote Services T1056: Input Capture T1499: Endpoint Denial of Service T1110: Brute Force T1018: Remote System Discovery T1021.002: SMB/Windows Admin Shares T1561: Disk Wipe T1049: System Network Connections Discovery T1021.003: Distributed Component Object Model T1561.002: Disk Wipe: Disk Structure Wipe T1561.001: Disk Wipe: Disk Content Wipe Threat Advisories: Multiple government entities targeted by China-linked Daxin malware Destructive data wipers and worms targeting Ukrainian organizations Thousands of GitLab instances impacted by multiple security flaws Linux Distributions affected by a privilege escalation vulnerability Two actively exploited Zero-Day vulnerabilities discovered in Mozilla Firefox", "cvss3": {}, "published": "2022-03-09T11:09:41", "type": "hivepro", "title": "Weekly Threat Digest: 28 February \u2013 6 March 2022", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-4191", "CVE-2022-0489", "CVE-2022-0492", "CVE-2022-0549", "CVE-2022-0735", "CVE-2022-0738", "CVE-2022-0741", "CVE-2022-0751", "CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-26485", "CVE-2022-26486"], "modified": "2022-03-09T11:09:41", "id": "HIVEPRO:BCE2BBD9B7F60262FC88072724858373", "href": "https://www.hivepro.com/weekly-threat-digest-28-february-6-march-2022/", "cvss": {"score": 0.0, "vector": "NONE"}}], "debian": [{"lastseen": "2022-04-11T13:44:02", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5089-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMarch 04, 2022 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : chromium\nCVE ID : CVE-2022-0789 CVE-2022-0790 CVE-2022-0791 CVE-2022-0792 \n CVE-2022-0793 CVE-2022-0794 CVE-2022-0795 CVE-2022-0796 \n CVE-2022-0797 CVE-2022-0798 CVE-2022-0799 CVE-2022-0800 \n CVE-2022-0801 CVE-2022-0802 CVE-2022-0803 CVE-2022-0804 \n CVE-2022-0805 CVE-2022-0806 CVE-2022-0807 CVE-2022-0808 \n CVE-2022-0809\n\nMultiple security issues were discovered in Chromium, which could result\nin the execution of arbitrary code, denial of service or information\ndisclosure.\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 99.0.4844.51-1~deb11u1.\n\nWe recommend that you upgrade your chromium packages.\n\nFor the detailed security status of chromium please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/chromium\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-04T23:07:15", "type": "debian", "title": "[SECURITY] [DSA 5089-1] chromium security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-03-04T23:07:15", "id": "DEBIAN:DSA-5089-1:AD3EF", "href": "https://lists.debian.org/debian-security-announce/2022/msg00056.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2022-04-11T12:23:45", "description": "### *Detect date*:\n03/03/2022\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges.\n\n### *Affected products*:\nMicrosoft Edge (Chromium-based)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2022-0789](<https://nvd.nist.gov/vuln/detail/CVE-2022-0789>) \n[CVE-2022-0790](<https://nvd.nist.gov/vuln/detail/CVE-2022-0790>) \n[CVE-2022-0808](<https://nvd.nist.gov/vuln/detail/CVE-2022-0808>) \n[CVE-2022-0807](<https://nvd.nist.gov/vuln/detail/CVE-2022-0807>) \n[CVE-2022-0802](<https://nvd.nist.gov/vuln/detail/CVE-2022-0802>) \n[CVE-2022-0795](<https://nvd.nist.gov/vuln/detail/CVE-2022-0795>) \n[CVE-2022-0794](<https://nvd.nist.gov/vuln/detail/CVE-2022-0794>) \n[CVE-2022-0809](<https://nvd.nist.gov/vuln/detail/CVE-2022-0809>) \n[CVE-2022-0793](<https://nvd.nist.gov/vuln/detail/CVE-2022-0793>) \n[CVE-2022-0800](<https://nvd.nist.gov/vuln/detail/CVE-2022-0800>) \n[CVE-2022-0806](<https://nvd.nist.gov/vuln/detail/CVE-2022-0806>) \n[CVE-2022-0797](<https://nvd.nist.gov/vuln/detail/CVE-2022-0797>) \n[CVE-2022-0801](<https://nvd.nist.gov/vuln/detail/CVE-2022-0801>) \n[CVE-2022-0791](<https://nvd.nist.gov/vuln/detail/CVE-2022-0791>) \n[CVE-2022-0796](<https://nvd.nist.gov/vuln/detail/CVE-2022-0796>) \n[CVE-2022-0798](<https://nvd.nist.gov/vuln/detail/CVE-2022-0798>) \n[CVE-2022-0804](<https://nvd.nist.gov/vuln/detail/CVE-2022-0804>) \n[CVE-2022-0803](<https://nvd.nist.gov/vuln/detail/CVE-2022-0803>) \n[CVE-2022-0792](<https://nvd.nist.gov/vuln/detail/CVE-2022-0792>) \n[CVE-2022-0799](<https://nvd.nist.gov/vuln/detail/CVE-2022-0799>) \n[CVE-2022-0805](<https://nvd.nist.gov/vuln/detail/CVE-2022-0805>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Edge](<https://threats.kaspersky.com/en/product/Microsoft-Edge/>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-03T00:00:00", "type": "kaspersky", "title": "KLA12482 Multiple vulnerabilities in Microsoft Browser", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-03-16T00:00:00", "id": "KLA12482", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12482/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2022-06-15T16:57:40", "description": "The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e0914087-9a09-11ec-9e61-3065ec8fd3ec advisory.\n\n - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions. (CVE-2022-0808)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0789)\n\n - Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page. (CVE-2022-0790)\n\n - Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.\n (CVE-2022-0791)\n\n - Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0792)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-02T00:00:00", "type": "nessus", "title": "FreeBSD : chromium -- multiple vulnerabilities (e0914087-9a09-11ec-9e61-3065ec8fd3ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-05-03T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:chromium", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_E09140879A0911EC9E613065EC8FD3EC.NASL", "href": "https://www.tenable.com/plugins/nessus/158521", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158521);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/03\");\n\n script_cve_id(\n \"CVE-2022-0789\",\n \"CVE-2022-0790\",\n \"CVE-2022-0791\",\n \"CVE-2022-0792\",\n \"CVE-2022-0793\",\n \"CVE-2022-0794\",\n \"CVE-2022-0795\",\n \"CVE-2022-0796\",\n \"CVE-2022-0797\",\n \"CVE-2022-0798\",\n \"CVE-2022-0799\",\n \"CVE-2022-0800\",\n \"CVE-2022-0801\",\n \"CVE-2022-0802\",\n \"CVE-2022-0803\",\n \"CVE-2022-0804\",\n \"CVE-2022-0805\",\n \"CVE-2022-0806\",\n \"CVE-2022-0807\",\n \"CVE-2022-0808\",\n \"CVE-2022-0809\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0096-S\");\n\n script_name(english:\"FreeBSD : chromium -- multiple vulnerabilities (e0914087-9a09-11ec-9e61-3065ec8fd3ec)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple\nvulnerabilities as referenced in the e0914087-9a09-11ec-9e61-3065ec8fd3ec advisory.\n\n - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote\n attacker who convinced a user to engage in a series of user interaction to potentially exploit heap\n corruption via user interactions. (CVE-2022-0808)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0789)\n\n - Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a\n user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML\n page. (CVE-2022-0790)\n\n - Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a\n user to engage in specific user interactions to potentially exploit heap corruption via user interactions.\n (CVE-2022-0791)\n\n - Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0792)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a12f8a5f\");\n # https://vuxml.freebsd.org/freebsd/e0914087-9a09-11ec-9e61-3065ec8fd3ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?576a9de7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0808\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nvar flag = 0;\n\nvar packages = [\n 'chromium<99.0.4844.51'\n];\n\nforeach var package( packages ) {\n if (pkg_test(save_report:TRUE, pkg: package)) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : pkg_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T22:25:16", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5089 advisory.\n\n - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions. (CVE-2022-0808)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0789)\n\n - Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page. (CVE-2022-0790)\n\n - Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.\n (CVE-2022-0791)\n\n - Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0792)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-07T00:00:00", "type": "nessus", "title": "Debian DSA-5089-1 : chromium - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-05-03T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:chromium", "p-cpe:/a:debian:debian_linux:chromium-common", "p-cpe:/a:debian:debian_linux:chromium-driver", "p-cpe:/a:debian:debian_linux:chromium-l10n", "p-cpe:/a:debian:debian_linux:chromium-sandbox", "p-cpe:/a:debian:debian_linux:chromium-shell", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5089.NASL", "href": "https://www.tenable.com/plugins/nessus/158684", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5089. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158684);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/03\");\n\n script_cve_id(\n \"CVE-2022-0789\",\n \"CVE-2022-0790\",\n \"CVE-2022-0791\",\n \"CVE-2022-0792\",\n \"CVE-2022-0793\",\n \"CVE-2022-0794\",\n \"CVE-2022-0795\",\n \"CVE-2022-0796\",\n \"CVE-2022-0797\",\n \"CVE-2022-0798\",\n \"CVE-2022-0799\",\n \"CVE-2022-0800\",\n \"CVE-2022-0801\",\n \"CVE-2022-0802\",\n \"CVE-2022-0803\",\n \"CVE-2022-0804\",\n \"CVE-2022-0805\",\n \"CVE-2022-0806\",\n \"CVE-2022-0807\",\n \"CVE-2022-0808\",\n \"CVE-2022-0809\"\n );\n\n script_name(english:\"Debian DSA-5089-1 : chromium - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5089 advisory.\n\n - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote\n attacker who convinced a user to engage in a series of user interaction to potentially exploit heap\n corruption via user interactions. (CVE-2022-0808)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0789)\n\n - Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a\n user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML\n page. (CVE-2022-0790)\n\n - Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a\n user to engage in specific user interactions to potentially exploit heap corruption via user interactions.\n (CVE-2022-0791)\n\n - Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0792)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/chromium\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5089\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0789\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0792\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0794\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0795\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0797\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0798\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0801\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0804\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0806\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0807\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/chromium\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the chromium packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 99.0.4844.51-1~deb11u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0808\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-driver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-sandbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:chromium-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'chromium', 'reference': '99.0.4844.51-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-common', 'reference': '99.0.4844.51-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-driver', 'reference': '99.0.4844.51-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-l10n', 'reference': '99.0.4844.51-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-sandbox', 'reference': '99.0.4844.51-1~deb11u1'},\n {'release': '11.0', 'prefix': 'chromium-shell', 'reference': '99.0.4844.51-1~deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromium / chromium-common / chromium-driver / chromium-l10n / etc');\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T16:57:59", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0075-1 advisory.\n\n - Heap buffer overflow in ANGLE. (CVE-2022-0789)\n\n - Use after free in Cast UI. (CVE-2022-0790)\n\n - Use after free in Omnibox. (CVE-2022-0791)\n\n - Out of bounds read in ANGLE. (CVE-2022-0792)\n\n - Use after free in Views. (CVE-2022-0793)\n\n - Use after free in WebShare. (CVE-2022-0794)\n\n - Type Confusion in Blink Layout. (CVE-2022-0795)\n\n - Use after free in Media. (CVE-2022-0796)\n\n - Out of bounds memory access in Mojo. (CVE-2022-0797)\n\n - Use after free in MediaStream. (CVE-2022-0798)\n\n - Insufficient policy enforcement in Installer. (CVE-2022-0799)\n\n - Heap buffer overflow in Cast UI. (CVE-2022-0800)\n\n - Inappropriate implementation in HTML parser. (CVE-2022-0801)\n\n - Inappropriate implementation in Full screen mode. (CVE-2022-0802, CVE-2022-0804)\n\n - Inappropriate implementation in Permissions. (CVE-2022-0803)\n\n - Use after free in Browser Switcher. (CVE-2022-0805)\n\n - Data leak in Canvas. (CVE-2022-0806)\n\n - Inappropriate implementation in Autofill. (CVE-2022-0807)\n\n - Use after free in Chrome OS Shell. (CVE-2022-0808)\n\n - Out of bounds memory access in WebXR. (CVE-2022-0809)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-08T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : chromium (openSUSE-SU-2022:0075-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-04-26T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:chromedriver", "p-cpe:/a:novell:opensuse:chromium", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0075-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158689", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0075-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158689);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/26\");\n\n script_cve_id(\n \"CVE-2022-0789\",\n \"CVE-2022-0790\",\n \"CVE-2022-0791\",\n \"CVE-2022-0792\",\n \"CVE-2022-0793\",\n \"CVE-2022-0794\",\n \"CVE-2022-0795\",\n \"CVE-2022-0796\",\n \"CVE-2022-0797\",\n \"CVE-2022-0798\",\n \"CVE-2022-0799\",\n \"CVE-2022-0800\",\n \"CVE-2022-0801\",\n \"CVE-2022-0802\",\n \"CVE-2022-0803\",\n \"CVE-2022-0804\",\n \"CVE-2022-0805\",\n \"CVE-2022-0806\",\n \"CVE-2022-0807\",\n \"CVE-2022-0808\",\n \"CVE-2022-0809\"\n );\n\n script_name(english:\"openSUSE 15 Security Update : chromium (openSUSE-SU-2022:0075-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0075-1 advisory.\n\n - Heap buffer overflow in ANGLE. (CVE-2022-0789)\n\n - Use after free in Cast UI. (CVE-2022-0790)\n\n - Use after free in Omnibox. (CVE-2022-0791)\n\n - Out of bounds read in ANGLE. (CVE-2022-0792)\n\n - Use after free in Views. (CVE-2022-0793)\n\n - Use after free in WebShare. (CVE-2022-0794)\n\n - Type Confusion in Blink Layout. (CVE-2022-0795)\n\n - Use after free in Media. (CVE-2022-0796)\n\n - Out of bounds memory access in Mojo. (CVE-2022-0797)\n\n - Use after free in MediaStream. (CVE-2022-0798)\n\n - Insufficient policy enforcement in Installer. (CVE-2022-0799)\n\n - Heap buffer overflow in Cast UI. (CVE-2022-0800)\n\n - Inappropriate implementation in HTML parser. (CVE-2022-0801)\n\n - Inappropriate implementation in Full screen mode. (CVE-2022-0802, CVE-2022-0804)\n\n - Inappropriate implementation in Permissions. (CVE-2022-0803)\n\n - Use after free in Browser Switcher. (CVE-2022-0805)\n\n - Data leak in Canvas. (CVE-2022-0806)\n\n - Inappropriate implementation in Autofill. (CVE-2022-0807)\n\n - Use after free in Chrome OS Shell. (CVE-2022-0808)\n\n - Out of bounds memory access in WebXR. (CVE-2022-0809)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196641\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/B5453Q4VJE7C3IX6ZNB5ISXRZJI77AX3/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5760d695\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0789\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0792\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0794\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0795\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0797\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0798\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0801\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0804\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0806\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0807\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0809\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected chromedriver and / or chromium packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0808\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromedriver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chromium\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'chromedriver-99.0.4844.51-bp153.2.66.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromedriver-99.0.4844.51-bp153.2.66.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-99.0.4844.51-bp153.2.66.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'chromium-99.0.4844.51-bp153.2.66.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'chromedriver / chromium');\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T20:33:53", "description": "The version of Microsoft Edge installed on the remote Windows host is prior to 99.0.1150.30. It is, therefore, affected by multiple vulnerabilities as referenced in the March 3, 2022 advisory.\n\n - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions. (CVE-2022-0808)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0789)\n\n - Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page. (CVE-2022-0790)\n\n - Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.\n (CVE-2022-0791)\n\n - Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0792)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-03T00:00:00", "type": "nessus", "title": "Microsoft Edge (Chromium) < 99.0.1150.30 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-05-03T00:00:00", "cpe": ["cpe:/a:microsoft:edge"], "id": "MICROSOFT_EDGE_CHROMIUM_99_0_1150_30.NASL", "href": "https://www.tenable.com/plugins/nessus/158583", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158583);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/03\");\n\n script_cve_id(\n \"CVE-2022-0789\",\n \"CVE-2022-0790\",\n \"CVE-2022-0791\",\n \"CVE-2022-0792\",\n \"CVE-2022-0793\",\n \"CVE-2022-0794\",\n \"CVE-2022-0795\",\n \"CVE-2022-0796\",\n \"CVE-2022-0797\",\n \"CVE-2022-0798\",\n \"CVE-2022-0799\",\n \"CVE-2022-0800\",\n \"CVE-2022-0801\",\n \"CVE-2022-0802\",\n \"CVE-2022-0803\",\n \"CVE-2022-0804\",\n \"CVE-2022-0805\",\n \"CVE-2022-0806\",\n \"CVE-2022-0807\",\n \"CVE-2022-0808\",\n \"CVE-2022-0809\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0096-S\");\n\n script_name(english:\"Microsoft Edge (Chromium) < 99.0.1150.30 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has an web browser installed that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Microsoft Edge installed on the remote Windows host is prior to 99.0.1150.30. It is, therefore, affected\nby multiple vulnerabilities as referenced in the March 3, 2022 advisory.\n\n - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote\n attacker who convinced a user to engage in a series of user interaction to potentially exploit heap\n corruption via user interactions. (CVE-2022-0808)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0789)\n\n - Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a\n user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML\n page. (CVE-2022-0790)\n\n - Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a\n user to engage in specific user interactions to potentially exploit heap corruption via user interactions.\n (CVE-2022-0791)\n\n - Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0792)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security#march-3-2022\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?764ee88a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0789\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0792\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0794\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0795\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0797\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0798\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0801\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0804\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0806\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0807\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0809\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Microsoft Edge version 99.0.1150.30 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0808\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:edge\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"microsoft_edge_chromium_installed.nbin\");\n script_require_keys(\"installed_sw/Microsoft Edge (Chromium)\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nvar app_info = vcf::get_app_info(app:'Microsoft Edge (Chromium)', win_local:TRUE);\nvar constraints = [\n { 'fixed_version' : '99.0.1150.30' }\n];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:17:25", "description": "The version of Google Chrome installed on the remote Windows host is prior to 99.0.4844.51. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_03_stable-channel-update-for-desktop advisory.\n\n - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions. (CVE-2022-0808)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0789)\n\n - Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page. (CVE-2022-0790)\n\n - Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.\n (CVE-2022-0791)\n\n - Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0792)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-01T00:00:00", "type": "nessus", "title": "Google Chrome < 99.0.4844.51 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-05-03T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_99_0_4844_51.NASL", "href": "https://www.tenable.com/plugins/nessus/158500", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158500);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/03\");\n\n script_cve_id(\n \"CVE-2022-0789\",\n \"CVE-2022-0790\",\n \"CVE-2022-0791\",\n \"CVE-2022-0792\",\n \"CVE-2022-0793\",\n \"CVE-2022-0794\",\n \"CVE-2022-0795\",\n \"CVE-2022-0796\",\n \"CVE-2022-0797\",\n \"CVE-2022-0798\",\n \"CVE-2022-0799\",\n \"CVE-2022-0800\",\n \"CVE-2022-0801\",\n \"CVE-2022-0802\",\n \"CVE-2022-0803\",\n \"CVE-2022-0804\",\n \"CVE-2022-0805\",\n \"CVE-2022-0806\",\n \"CVE-2022-0807\",\n \"CVE-2022-0808\",\n \"CVE-2022-0809\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0096-S\");\n\n script_name(english:\"Google Chrome < 99.0.4844.51 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote Windows host is prior to 99.0.4844.51. It is, therefore, affected\nby multiple vulnerabilities as referenced in the 2022_03_stable-channel-update-for-desktop advisory.\n\n - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote\n attacker who convinced a user to engage in a series of user interaction to potentially exploit heap\n corruption via user interactions. (CVE-2022-0808)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0789)\n\n - Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a\n user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML\n page. (CVE-2022-0790)\n\n - Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a\n user to engage in specific user interactions to potentially exploit heap corruption via user interactions.\n (CVE-2022-0791)\n\n - Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0792)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a12f8a5f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1289383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1274077\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1278322\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1285885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1291728\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1294097\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1282782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1295786\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1281908\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1283402\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1279188\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1242962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1231037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1270052\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1280233\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1264561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1290700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1283434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1287364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1292271\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1293428\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 99.0.4844.51 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0808\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('SMB/Google_Chrome/Installed');\nvar installs = get_kb_list('SMB/Google_Chrome/*');\n\ngoogle_chrome_check_version(installs:installs, fix:'99.0.4844.51', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T16:57:22", "description": "The version of Google Chrome installed on the remote macOS host is prior to 99.0.4844.51. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022_03_stable-channel-update-for-desktop advisory.\n\n - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions. (CVE-2022-0808)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0789)\n\n - Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page. (CVE-2022-0790)\n\n - Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.\n (CVE-2022-0791)\n\n - Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0792)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-01T00:00:00", "type": "nessus", "title": "Google Chrome < 99.0.4844.51 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-05-03T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "MACOSX_GOOGLE_CHROME_99_0_4844_51.NASL", "href": "https://www.tenable.com/plugins/nessus/158501", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158501);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/03\");\n\n script_cve_id(\n \"CVE-2022-0789\",\n \"CVE-2022-0790\",\n \"CVE-2022-0791\",\n \"CVE-2022-0792\",\n \"CVE-2022-0793\",\n \"CVE-2022-0794\",\n \"CVE-2022-0795\",\n \"CVE-2022-0796\",\n \"CVE-2022-0797\",\n \"CVE-2022-0798\",\n \"CVE-2022-0799\",\n \"CVE-2022-0800\",\n \"CVE-2022-0801\",\n \"CVE-2022-0802\",\n \"CVE-2022-0803\",\n \"CVE-2022-0804\",\n \"CVE-2022-0805\",\n \"CVE-2022-0806\",\n \"CVE-2022-0807\",\n \"CVE-2022-0808\",\n \"CVE-2022-0809\"\n );\n script_xref(name:\"IAVA\", value:\"2022-A-0096-S\");\n\n script_name(english:\"Google Chrome < 99.0.4844.51 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Chrome installed on the remote macOS host is prior to 99.0.4844.51. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the 2022_03_stable-channel-update-for-desktop advisory.\n\n - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote\n attacker who convinced a user to engage in a series of user interaction to potentially exploit heap\n corruption via user interactions. (CVE-2022-0808)\n\n - Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0789)\n\n - Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a\n user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML\n page. (CVE-2022-0790)\n\n - Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a\n user to engage in specific user interactions to potentially exploit heap corruption via user interactions.\n (CVE-2022-0791)\n\n - Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2022-0792)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a12f8a5f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1289383\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1274077\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1278322\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1285885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1291728\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1294097\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1282782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1295786\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1281908\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1283402\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1279188\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1242962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1231037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1270052\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1280233\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1264561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1290700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1283434\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1287364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1292271\");\n script_set_attribute(attribute:\"see_also\", value:\"https://crbug.com/1293428\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Chrome version 99.0.4844.51 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0808\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_google_chrome_installed.nbin\");\n script_require_keys(\"MacOSX/Google Chrome/Installed\");\n\n exit(0);\n}\ninclude('google_chrome_version.inc');\n\nget_kb_item_or_exit('MacOSX/Google Chrome/Installed');\n\ngoogle_chrome_check_version(fix:'99.0.4844.51', severity:SECURITY_HOLE, xss:FALSE, xsrf:FALSE);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "chrome": [{"lastseen": "2022-04-11T12:22:59", "description": "The Chrome team is delighted to announce the promotion of Chrome 99 to the stable channel for Windows, Mac and Linux.This will roll out over the coming days/weeks.\n\nChrome 99.0.4844.51 for Windows,Mac and Linux contains a number of fixes and improvements -- a list of changes is available in the [log](<https://chromium.googlesource.com/chromium/src/+log/98.0.4758.102..99.0.4844.51?pretty=fuller&n=10000>). Watch out for upcoming [Chrome](<https://chrome.blogspot.com/>) and [Chromium](<https://blog.chromium.org/>) blog posts about new features and big efforts delivered in 99.\n\n\n\n\nSecurity Fixes and Rewards\n\n\nNote: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.\n\n\n\n\nThis update includes [28](<https://bugs.chromium.org/p/chromium/issues/list?can=1&q=type%3Abug-security+os%3DAndroid%2Cios%2Clinux%2Cmac%2Cwindows%2Call%2Cchrome+label%3ARelease-0-M99>) security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the [Chrome Security Page](<https://sites.google.com/a/chromium.org/dev/Home/chromium-security>) for more information.\n\n** \n**\n\n[$10000][[1289383](<https://crbug.com/1289383>)] High CVE-2022-0789: Heap buffer overflow in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-01-21 \n\n[$7000][[1274077](<https://crbug.com/1274077>)] High CVE-2022-0790: Use after free in Cast UI. Reported by Anonymous on 2021-11-23 \n\n[$7000][[1278322](<https://crbug.com/1278322>)] High CVE-2022-0791: Use after free in Omnibox. Reported by Zhihua Yao of KunLun Lab on 2021-12-09 \n\n[$7000][[1285885](<https://crbug.com/1285885>)] High CVE-2022-0792: Out of bounds read in ANGLE. Reported by Jaehun Jeong(@n3sk) of Theori on 2022-01-11 \n\n[$7000][[1291728](<https://crbug.com/1291728>)] High CVE-2022-0793: Use after free in Views. Reported by Thomas Orlita on 2022-01-28 \n\n[$7000][[1294097](<https://crbug.com/1294097>)] High CVE-2022-0794: Use after free in WebShare. Reported by Khalil Zhani on 2022-02-04 \n\n[$5000][[1282782](<https://crbug.com/1282782>)] High CVE-2022-0795: Type Confusion in Blink Layout. Reported by 0x74960 on 2021-12-27 \n\n[$5000][[1295786](<https://crbug.com/1295786>)] High CVE-2022-0796: Use after free in Media. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-02-10 \n\n[$NA][[1281908](<https://crbug.com/1281908>)] High CVE-2022-0797: Out of bounds memory access in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-12-21 \n\n[$15000][[1283402](<https://crbug.com/1283402>)] Medium CVE-2022-0798: Use after free in MediaStream. Reported by Samet Bekmezci @sametbekmezci on 2021-12-30 \n\n[$10000][[1279188](<https://crbug.com/1279188>)] Medium CVE-2022-0799: Insufficient policy enforcement in Installer. Reported by Abdelhamid Naceri (halov) on 2021-12-12 \n\n[$7000][[1242962](<https://crbug.com/1242962>)] Medium CVE-2022-0800: Heap buffer overflow in Cast UI. Reported by Khalil Zhani on 2021-08-24 \n\n[$5000][[1231037](<https://crbug.com/1231037>)] Medium CVE-2022-0801: Inappropriate implementation in HTML parser. Reported by Micha\u0142 Bentkowski of Securitum on 2021-07-20 \n\n[$3000][[1270052](<https://crbug.com/1270052>)] Medium CVE-2022-0802: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2021-11-14 \n\n[$3000][[1280233](<https://crbug.com/1280233>)] Medium CVE-2022-0803: Inappropriate implementation in Permissions. Reported by Abdulla Aldoseri on 2021-12-15 \n\n[$2500][[1264561](<https://crbug.com/1264561>)] Medium CVE-2022-0804: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2021-10-29 \n\n[$2000][[1290700](<https://crbug.com/1290700>)] Medium CVE-2022-0805: Use after free in Browser Switcher. Reported by raven at KunLun Lab on 2022-01-25 \n\n[$1000][[1283434](<https://crbug.com/1283434>)] Medium CVE-2022-0806: Data leak in Canvas. Reported by Paril on 2021-12-31 \n\n[$TBD][[1287364](<https://crbug.com/1287364>)] Medium CVE-2022-0807: Inappropriate implementation in Autofill. Reported by Alesandro Ortiz on 2022-01-14 \n\n[$TBD][[1292271](<https://crbug.com/1292271>)] Medium CVE-2022-0808: Use after free in Chrome OS Shell. Reported by @ginggilBesel on 2022-01-29 \n\n[$TBD][[1293428](<https://crbug.com/1293428>)] Medium CVE-2022-0809: Out of bounds memory access in WebXR. Reported by @uwu7586 on 2022-02-03 \n\n\n\n\nWe would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. \n\nAs usual, our ongoing internal security work was responsible for a wide range of fixes: \n\n\n[[1301878]](<https://crbug.com/1301878>) Various fixes from internal audits, fuzzing and other initiatives \n\n\nMany of our security bugs are detected using [AddressSanitizer](<https://code.google.com/p/address-sanitizer/wiki/AddressSanitizer>), [MemorySanitizer](<https://code.google.com/p/memory-sanitizer/wiki/MemorySanitizer>), [UndefinedBehaviorSanitizer](<https://www.chromium.org/developers/testing/undefinedbehaviorsanitizer>), [Control Flow Integrity](<https://sites.google.com/a/chromium.org/dev/developers/testing/control-flow-integrity>), [libFuzzer](<https://sites.google.com/a/chromium.org/dev/developers/testing/libfuzzer>), or [AFL](<https://github.com/google/afl>).\n\n\n\n\n\n\n\nInterested in switching release channels? Find out how [here](<https://www.chromium.org/getting-involved/dev-channel>). If you find a new issue, please let us know by [filing a bug](<https://www.crbug.com>). The [community help forum](<https://productforums.google.com/forum/#!forum/chrome>) is also a great place to reach out for help or learn about common issues.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nPrudhvikumar Bommana \nGoogle Chrome", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-01T00:00:00", "type": "chrome", "title": "Stable Channel Update for Desktop", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-03-01T00:00:00", "id": "GCSA-6939266571131734261", "href": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2022-04-18T12:39:43", "description": "An update that fixes 21 vulnerabilities is now available.\n\nDescription:\n\n This update for chromium fixes the following issues:\n\n Chromium 99.0.4844.51 (boo#1196641)\n\n * CVE-2022-0789: Heap buffer overflow in ANGLE\n * CVE-2022-0790: Use after free in Cast UI\n * CVE-2022-0791: Use after free in Omnibox\n * CVE-2022-0792: Out of bounds read in ANGLE\n * CVE-2022-0793: Use after free in Views\n * CVE-2022-0794: Use after free in WebShare\n * CVE-2022-0795: Type Confusion in Blink Layout\n * CVE-2022-0796: Use after free in Media\n * CVE-2022-0797: Out of bounds memory access in Mojo\n * CVE-2022-0798: Use after free in MediaStream\n * CVE-2022-0799: Insufficient policy enforcement in Installer\n * CVE-2022-0800: Heap buffer overflow in Cast UI\n * CVE-2022-0801: Inappropriate implementation in HTML parser\n * CVE-2022-0802: Inappropriate implementation in Full screen mode\n * CVE-2022-0803: Inappropriate implementation in Permissions\n * CVE-2022-0804: Inappropriate implementation in Full screen mode\n * CVE-2022-0805: Use after free in Browser Switcher\n * CVE-2022-0806: Data leak in Canvas\n * CVE-2022-0807: Inappropriate implementation in Autofill\n * CVE-2022-0808: Use after free in Chrome OS Shell\n * CVE-2022-0809: Out of bounds memory access in WebXR\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP3:\n\n zypper in -t patch openSUSE-2022-75=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-07T00:00:00", "type": "suse", "title": "Security update for chromium (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-03-07T00:00:00", "id": "OPENSUSE-SU-2022:0075-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/B5453Q4VJE7C3IX6ZNB5ISXRZJI77AX3/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-14T11:57:49", "description": "An update that fixes 22 vulnerabilities is now available.\n\nDescription:\n\n This update for opera fixes the following issues:\n\n Opera was updated to 85.0.4341.28\n\n - CHR-8816 Update chromium on desktop-stable-99-4341 to 99.0.4844.84\n - DNA-98092 Crash at views::MenuItemView::GetMenuController()\n - DNA-98278 Translations for O85\n - DNA-98320 [Mac] Unable to delete recent search entries\n - DNA-98614 Show recent searches for non-BABE users\n - DNA-98615 Allow removal of recent searches\n - DNA-98616 Add recent searches to \ufffd\ufffd\ufffdold\ufffd\ufffd\ufffd BABE\n - DNA-98617 Make it possible to disable ad-blocker per-country\n - DNA-98651 Remove Instagram and Facebook Messenger in Russia\n - DNA-98653 Add flag #recent-searches\n - DNA-98696 smoketest\n PageInfoHistoryDataSourceTest.FormatTimestampString failing\n - DNA-98703 Port Chromium issue 1309225 to Opera Stable\n\n - The update to chromium 99.0.4844.84 fixes following issues: CVE-2022-1096\n\n - Changes in 85.0.4341.18\n\n - CHR-8789 Update chromium on desktop-stable-99-4341 to 99.0.4844.51\n - DNA-98059 [Linux] Crash at\n opera::FreedomSettingsImpl::IsBypassForDotlessDomainsEnabled\n - DNA-98349 [Linux] Crash at bluez::BluezDBusManager::Get()\n - DNA-98126 System crash dialog shown on macOS <= 10.15\n - DNA-98331 [Snap] Meme generator cropping / resizing broken\n - DNA-98394 Audio tab indicator set to \"muted\" on videoconferencing sites\n - DNA-98481 Report errors in opauto_collector\n\n - The update to chromium 99.0.4844.51 fixes following issues:\n CVE-2022-0789, CVE-2022-0790, CVE-2022-0791, CVE-2022-0792,\n CVE-2022-0793, CVE-2022-0794, CVE-2022-0795, CVE-2022-0796,\n CVE-2022-0797, CVE-2022-0798, CVE-2022-0799, CVE-2022-0800,\n CVE-2022-0801, CVE-2022-0802, CVE-2022-0803, CVE-2022-0804,\n CVE-2022-0805, CVE-2022-0806, CVE-2022-0807, CVE-2022-0808, CVE-2022-0809\n\n - Changes in 85.0.4341.13\n\n - DNA-94119 Upgrade curl to 7.81.0\n - DNA-97849 [Mac monterey] System shortcut interfere with Opera\ufffd\ufffd\ufffds\n `ToggleSearchInOpenTabs` shortcut\n - DNA-98204 Automatic popout happens when video is paused\n - DNA-98231 Shortcuts are blocked by displayed tab tooltip when\n triggered quickly after tooltip appears\n - DNA-98321 Add thinlto-cache warnings to suppression list\n - DNA-98395 Promote O85 to stable\n\n - Complete Opera 85.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-85/\n\n - Update to 84.0.4316.42\n\n - DNA-94119 Upgrade curl to 7.81.0\n - DNA-98092 Crash at views::MenuItemView::GetMenuController()\n - DNA-98204 Automatic popout happens when video is paused\n - DNA-98231 Shortcuts are blocked by displayed tab tooltip when\n triggered quickly after tooltip appears\n\n - Update to 84.0.4316.31\n\n - CHR-8772 Update chromium on desktop-stable-98-4316 to 98.0.4758.109\n - DNA-97573 [Win][Lin]\ufffd\ufffd\ufffdClose tab\ufffd\ufffd\ufffd button is not displayed on tabs\n playing media when many tabs are open\n - DNA-97729 cancelling the process uploading custom Wallpaper crashes\n the browser\n - DNA-97871 Google meet tab\ufffd\ufffd\ufffds icons don\ufffd\ufffd\ufffdt fit on pinned tab\n - DNA-97872 Tab is being unpinned when video conferencing button is\n clicked\n - DNA-98039 Dark theme top sites have black background\n - DNA-98117 Clicking current tab information should hide tooltip\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.3:NonFree:\n\n zypper in -t patch openSUSE-2022-103=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-04-04T00:00:00", "type": "suse", "title": "Security update for opera (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809", "CVE-2022-1096"], "modified": "2022-04-04T00:00:00", "id": "OPENSUSE-SU-2022:0103-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4ITLKQDHCBVY73BXRDDHU7JJZJG7TVNG/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-14T11:57:49", "description": "An update that fixes 241 vulnerabilities is now available.\n\nDescription:\n\n This update for opera fixes the following issues:\n\n Update to 85.0.4341.28\n\n - CHR-8816 Update chromium on desktop-stable-99-4341 to 99.0.4844.84\n - DNA-98092 Crash at views::MenuItemView::GetMenuController()\n - DNA-98278 Translations for O85\n - DNA-98320 [Mac] Unable to delete recent search entries\n - DNA-98614 Show recent searches for non-BABE users\n - DNA-98615 Allow removal of recent searches\n - DNA-98616 Add recent searches to \ufffd\ufffd\ufffdold\ufffd\ufffd\ufffd BABE\n - DNA-98617 Make it possible to disable ad-blocker per-country\n - DNA-98651 Remove Instagram and Facebook Messenger in Russia\n - DNA-98653 Add flag #recent-searches\n - DNA-98696 smoketest\n PageInfoHistoryDataSourceTest.FormatTimestampString failing\n - DNA-98703 Port Chromium issue 1309225 to Opera Stable\n\n - The update to chromium 99.0.4844.84 fixes following issues: CVE-2022-1096\n - Changes in 85.0.4341.18\n\n - CHR-8789 Update chromium on desktop-stable-99-4341 to 99.0.4844.51\n - DNA-98059 [Linux] Crash at\n opera::FreedomSettingsImpl::IsBypassForDotlessDomainsEnabled\n - DNA-98349 [Linux] Crash at bluez::BluezDBusManager::Get()\n - DNA-98126 System crash dialog shown on macOS <= 10.15\n - DNA-98331 [Snap] Meme generator cropping / resizing broken\n - DNA-98394 Audio tab indicator set to \"muted\" on videoconferencing sites\n - DNA-98481 Report errors in opauto_collector\n - The update to chromium 99.0.4844.51 fixes following issues:\n CVE-2022-0789, CVE-2022-0790, CVE-2022-0791, CVE-2022-0792,\n CVE-2022-0793, CVE-2022-0794, CVE-2022-0795, CVE-2022-0796,\n CVE-2022-0797, CVE-2022-0798, CVE-2022-0799, CVE-2022-0800,\n CVE-2022-0801, CVE-2022-0802, CVE-2022-0803, CVE-2022-0804,\n CVE-2022-0805, CVE-2022-0806, CVE-2022-0807, CVE-2022-0808, CVE-2022-0809\n\n - Changes in 85.0.4341.13\n\n - DNA-94119 Upgrade curl to 7.81.0\n - DNA-97849 [Mac monterey] System shortcut interfere with Opera\ufffd\ufffd\ufffds\n `ToggleSearchInOpenTabs` shortcut\n - DNA-98204 Automatic popout happens when video is paused\n - DNA-98231 Shortcuts are blocked by displayed tab tooltip when\n triggered quickly after tooltip appears\n - DNA-98321 Add thinlto-cache warnings to suppression list\n - DNA-98395 Promote O85 to stable\n\n - Complete Opera 85.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-85/\n\n - Update to 84.0.4316.42\n\n - DNA-94119 Upgrade curl to 7.81.0\n - DNA-98092 Crash at views::MenuItemView::GetMenuController()\n - DNA-98204 Automatic popout happens when video is paused\n - DNA-98231 Shortcuts are blocked by displayed tab tooltip when\n triggered quickly after tooltip appears\n\n - Update to 84.0.4316.31\n - CHR-8772 Update chromium on desktop-stable-98-4316 to 98.0.4758.109\n - DNA-97573 [Win][Lin]\ufffd\ufffd\ufffdClose tab\ufffd\ufffd\ufffd button is not displayed on tabs\n playing media when many tabs are open\n - DNA-97729 cancelling the process uploading custom Wallpaper crashes\n the browser\n - DNA-97871 Google meet tab\ufffd\ufffd\ufffds icons don\ufffd\ufffd\ufffdt fit on pinned tab\n - DNA-97872 Tab is being unpinned when video conferencing button is\n clicked\n - DNA-98039 Dark theme top sites have black background\n - DNA-98117 Clicking current tab information should hide tooltip\n\n - Update to 84.0.4316.21\n - CHR-8762 Update chromium on desktop-stable-98-4316 to 98.0.4758.102\n - DNA-97333 \ufffd\ufffd\ufffdAdd a site\ufffd\ufffd\ufffd label on start page tile barely visible\n - DNA-97691 Opera 84 translations\n - DNA-97767 Wrong string in FR\n - DNA-97855 Crash at ScopedProfileKeepAlive::~ScopedProfileKeepAlive()\n - DNA-97982 Enable #snap-upstream-implementation on all streams\n - The update to chromium 98.0.4758.102 fixes following issues:\n CVE-2022-0603, CVE-2022-0604, CVE-2022-0605, CVE-2022-0606,\n CVE-2022-0607, CVE-2022-0608, CVE-2022-0609, CVE-2022-0610\n\n - Update to 84.0.4316.14\n - CHR-8753 Update chromium on desktop-stable-98-4316 to 98.0.4758.82\n - DNA-97177 Battery saver \ufffd\ufffd\ufffd the icon looks bad for DPI!=100%\n - DNA-97614 automatic video pop-out for most popular websites\n broadcasting Winter Olympic Games 2022\n - DNA-97804 Promote O84 to stable\n - The update to chromium 98.0.4758.82 fixes following issues:\n CVE-2022-0452, CVE-2022-0453, CVE-2022-0454, CVE-2022-0455,\n CVE-2022-0456, CVE-2022-0457, CVE-2022-0458, CVE-2022-0459,\n CVE-2022-0460, CVE-2022-0461, CVE-2022-0462, CVE-2022-0463,\n CVE-2022-0464, CVE-2022-0465, CVE-2022-0466, CVE-2022-0467,\n CVE-2022-0468, CVE-2022-0469, CVE-2022-0470\n - Complete Opera 84.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-84/\n\n - Update to 83.0.4254.54\n - DNA-96581 Fast tab tooltip doesn\ufffd\ufffd\ufffdt always show related sites with\n scrollable tab strip\n - DNA-96608 Cannot drag a tab to create a new window\n - DNA-96657 Do not make tab tooltip hoverable if there\ufffd\ufffd\ufffds no list of\n tabs\n - DNA-97291 Crash at\n opera::flow::FlowSessionImpl::RegisterDevice(base::OnceCallback)\n - DNA-97468 Incorrect number of restored tabs when video-popout is\n detached\n - DNA-97476 Add retry to stapling during signing\n - DNA-97609 Failing MetricsReporterTest.TimeSpent* smoketests\n\n - Update to 83.0.4254.27\n - CHR-8737 Update chromium on desktop-stable-97-4254 to 97.0.4692.99\n - DNA-96336 [Mac] Translate new network installer slogan\n - DNA-96678 Add battery level monitoring capability to powerSavePrivate\n - DNA-96939 Crash at\n opera::ExternalVideoService::MarkAsManuallyClosed()\n - DNA-97276 Enable #static-tab-audio-indicator on all streams\n - The update to chromium 97.0.4692.99 fixes following issues:\n CVE-2022-0289, CVE-2022-0290, CVE-2022-0291, CVE-2022-0292,\n CVE-2022-0293, CVE-2022-0294, CVE-2022-0295, CVE-2022-0296,\n CVE-2022-0297, CVE-2022-0298, CVE-2022-0300, CVE-2022-0301,\n CVE-2022-0302, CVE-2022-0304, CVE-2022-0305, CVE-2022-0306,\n CVE-2022-0307, CVE-2022-0308, CVE-2022-0309, CVE-2022-0310, CVE-2022-0311\n\n - Update to 83.0.4254.19\n - DNA-96079 Turn on #automatic-video-popout on developer\n - DNA-97070 Opera 83 translations\n - DNA-97119 [LastCard] Stop showing used burner cards\n - DNA-97131 Enable automatic-video-popout on all streams from O84 on\n - DNA-97257 Crash at views::ImageButton::SetMinimumImageSize(gfx::Size\n const&)\n - DNA-97259 Promote O83 to stable\n - Complete Opera 83.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-83/\n - Update to 83.0.4254.16\n - DNA-96968 Fix alignment of the 'Advanced' button in Settings\n - Update to 83.0.4254.14\n - CHR-8701 Update chromium on desktop-stable-97-4254 to 97.0.4692.45\n - CHR-8713 Update chromium on desktop-stable-97-4254 to 97.0.4692.56\n - CHR-8723 Update chromium on desktop-stable-97-4254 to 97.0.4692.71\n - DNA-96780 Crash at\n ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)\n - DNA-96822 Tab close resize behavior change\n - DNA-96861 Create Loomi Options menu\n - DNA-96904 Support Win11 snap layout popup\n - DNA-96951 Tab close animation broken\n - DNA-96991 Tab X button doesn\ufffd\ufffd\ufffdt work correctly\n - DNA-97027 Incorrect tab size after tab close\n - The update to chromium 97.0.4692.71 fixes following issues:\n CVE-2022-0096, CVE-2022-0097, CVE-2022-0098, CVE-2022-0099,\n CVE-2022-0100, CVE-2022-0101, CVE-2022-0102, CVE-2022-0103,\n CVE-2022-0104, CVE-2022-0105, CVE-2022-0105, CVE-2022-0106,\n CVE-2022-0107, CVE-2022-0108, CVE-2022-0109, CVE-2022-0110,\n CVE-2022-0111, CVE-2022-0111, CVE-2022-0112, CVE-2022-0113,\n CVE-2022-0114, CVE-2022-0115, CVE-2022-0116, CVE-2022-0117,\n CVE-2022-0118, CVE-2022-0120\n\n - Update to version 82.0.4227.58\n - DNA-96780 Crash at\n ui::NativeTheme::RemoveObserver(ui::NativeThemeObserver*)\n - DNA-96890 Settings default browser not working for current user on\n Windows 7\n\n - Update to version 82.0.4227.43\n - CHR-8705 Update chromium on desktop-stable-96-4227 to 96.0.4664.110\n - DNA-93284 Unstable\n obj/opera/desktop/common/installer_rc_generated/installer.res\n - DNA-95908 Interstitial/internal pages shown as NOT SECURE after\n visiting http site\n - DNA-96404 Opera doesn\ufffd\ufffd\ufffdt show on main screen when second screen is\n abruptly disconnected\n - The update to chromium 96.0.4664.110 fixes following issues:\n CVE-2021-4098, CVE-2021-4099, CVE-2021-4100, CVE-2021-4101, CVE-2021-4102\n\n - Update to version 82.0.4227.33\n - CHR-8689 Update chromium on desktop-stable-96-4227 to 96.0.4664.93\n - DNA-96559 Tooltip popup looks bad in dark theme\n - DNA-96570 [Player] Tidal logging in via PLAY doesn\ufffd\ufffd\ufffdt work\n - DNA-96594 Unnecessary extra space in fullscreen mode on M1 Pro MacBooks\n - DNA-96649 Update Meme button\n - DNA-96676 Add Icon in the Sidebar Setup\n - DNA-96677 Add default URL\n - The update to chromium 96.0.4664.93 fixes following issues:\n CVE-2021-4052, CVE-2021-4053, CVE-2021-4079, CVE-2021-4054,\n CVE-2021-4078, CVE-2021-4055, CVE-2021-4056, CVE-2021-4057,\n CVE-2021-4058, CVE-2021-4059, CVE-2021-4061, CVE-2021-4062,\n CVE-2021-4063, CVE-2021-4064, CVE-2021-4065, CVE-2021-4066,\n CVE-2021-4067, CVE-2021-4068\n\n - Update to version 82.0.4227.23\n - DNA-95632 With new au-logic UUID is set with delay and may be not set\n for pb-builds (when closing fast)\n - DNA-96349 Laggy tooltip animation\n - DNA-96483 [Snap][Linux] Video not working / wrong ffmpeg snap version\n for Opera 82\n - DNA-96493 Create 'small' enticement in credit card autofill\n - DNA-96533 Opera 82 translations\n - DNA-96535 Make the URL configurable\n - DNA-96553 Add switch to whitelist test pages\n - DNA-96557 Links not opened from panel\n - DNA-96558 AdBlock bloks some trackers inside the panel\n - DNA-96568 [Player] Tidal in sidebar Player opens wrong site when\n logging in\n - DNA-96659 Siteprefs not applied after network service crash\n - DNA-96593 Promote O82 to stable\n - Complete Opera 82.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-82/\n - Update to version 82.0.4227.13\n - CHR-8668 Update chromium on desktop-stable-96-4227 to 96.0.4664.45\n - DNA-76987 [Mac] Update desktop EULA with geolocation split\n - DNA-93388 Problem with symlinks on windows when creating file list\n - DNA-95734 Discarded Recently Closed items get revived after restart\n - DNA-96134 \"Your profile has been updated\" does not disappear\n - DNA-96190 Opera freezes when trying to drag expanded bookmark folder\n with nested subfolders\n - DNA-96223 Easy Files not working in Full Screen\n - DNA-96274 Checkout autofill shouldn't show used burner card\n - DNA-96275 Change the notification message for pausing multi-use cards\n - DNA-96295 \"Video pop out\" setting doesn't sync\n - DNA-96316 Highlight text wrong colour on dark mode\n - DNA-96326 Wrong translation Private Mode > Turkish\n - DNA-96351 macOS window controls are missing in full screen\n - DNA-96440 Update video URL\n - DNA-96448 add option to pin extension via rich hints\n - DNA-96453 Register user-chosen option on client-side, read on hint side\n - DNA-96454 Choosing an option from the settings menu should close the\n popup\n - DNA-96484 Enable AB test for a new autoupdater logic (for 50%)\n - DNA-96500 Add \"don't show me again\" prefs to allowed whitelist\n - DNA-96538 Inline audiocomplete for www.mediaexpert.pl incorrectly\n suggested\n - The update to chromium 96.0.4664.45 fixes following issues:\n CVE-2021-38005, CVE-2021-38006, CVE-2021-38007, CVE-2021-38008,\n CVE-2021-38009, CVE-2021-38010, CVE-2021-38011, CVE-2021-38012,\n CVE-2021-38013, CVE-2021-38014, CVE-2021-38015, CVE-2021-38016,\n CVE-2021-38017, CVE-2021-38019, CVE-2021-38020, CVE-2021-38021,\n CVE-2021-38022\n\n\n - Update to version 81.0.4196.54\n - CHR-8644 Update chromium on desktop-stable-95-4196 to 95.0.4638.69\n - DNA-95773 ExtensionWebRequestApiTest crashes on mac\n - DNA-96062 Opera 81 translations\n - DNA-96134 \ufffd\ufffd\ufffdYour profile has been updated\ufffd\ufffd\ufffd does not disappear\n - DNA-96274 Checkout autofill shouldn\ufffd\ufffd\ufffdt show used burner card\n - DNA-96275 Change the notification message for pausing multi-use cards\n - DNA-96440 Update video URL\n - The update to chromium 95.0.4638.69 fixes following issues:\n CVE-2021-37997, CVE-2021-37998, CVE-2021-37999, CVE-2021-37980,\n CVE-2021-38001, CVE-2021-38002, CVE-2021-38003, CVE-2021-38004\n - Update to version 81.0.4196.37\n - DNA-96008 Crash at\n content::WebContentsImpl::OpenURL(content::OpenURLParams const&)\n - DNA-96032 Closing the videoconference pop-up force leaving the meeting\n - DNA-96092 Crash at void\n opera::ModalDialogViews::OnWidgetClosing(opera::ModalDialog::Result)\n - DNA-96142 [Yat] Emoji icon cut off in URL for Yat\n\n - Update to version 81.0.4196.31\n - DNA-95733 Implement the \ufffd\ufffd\ufffdManage\ufffd\ufffd\ufffd menu in card details view\n - DNA-95736 Update UI for paused card\n - DNA-95791 Crash at base::operator<\n - DNA-95794 Sometimes the sidebar UI fails to load\n - DNA-95812 Retrieve cards info when showing autofill\n - DNA-96035 Cannot create virtual card on Sandbox environment\n - DNA-96147 \ufffd\ufffd\ufffdBuy\ufffd\ufffd\ufffd button does not work\n - DNA-96168 Update contributors list\n - DNA-96211 Enable #fast-tab-tooltip on all streams\n - DNA-96231 Promote O81 to stable\n - Complete Opera 80.1 changelog at:\n https://blogs.opera.com/desktop/changelog-for-81/\n - Update to version 81.0.4196.27\n - CHR-8623 Update chromium on desktop-stable-95-4196 to 95.0.4638.54\n - DNA-92384 Better segmenting of hint users\n - DNA-95523 Allow sorting in multi-card view\n - DNA-95659 Flow of Lastcard on first login\n - DNA-95735 Implement the button that reveals full card details\n - DNA-95747 Better way to handle expired funding card\n - DNA-95949 [Mac Retina] Clicking active tab should scroll to the top\n - DNA-95993 Update icon used for Yat in address bar dropdown\n - DNA-96021 Cleared download item view is never deleted\n - DNA-96036 Occupation field in 'Account \ufffd\ufffd\ufffd Edit' is shown twice\n - DNA-96127 Upgrade plan button does nothing\n - DNA-96138 \"Add Card\" button does not change to \"Upgrade Plan\" after\n adding card\n - The update to chromium 95.0.4638.54 fixes following issues:\n CVE-2021-37981, CVE-2021-37982, CVE-2021-37983, CVE-2021-37984,\n CVE-2021-37985, CVE-2021-37986, CVE-2021-37987, CVE-2021-37988,\n CVE-2021-37989, CVE-2021-37990, CVE-2021-37991, CVE-2021-37992,\n CVE-2021-37993, CVE-2021-37994, CVE-2021-37995, CVE-2021-37996\n\n - Update to version 80.0.4170.72\n - DNA-95522 Change card view to show all types of cards\n - DNA-95523 Allow sorting in multi-card view\n - DNA-95524 Allow searching for cards by name\n - DNA-95658 Allow user to add a card\n - DNA-95659 Flow of Lastcard on first login\n - DNA-95660 Implement editing card details\n - DNA-95699 Add card details view\n - DNA-95733 Implement the \ufffd\ufffd\ufffdManage\ufffd\ufffd\ufffd menu in card details view\n - DNA-95735 Implement the button that reveals full card details\n - DNA-95736 Update UI for paused card\n - DNA-95747 Better way to handle expired funding card\n - DNA-95794 Sometimes the sidebar UI fails to load\n - DNA-95812 Retrieve cards info when showing autofill\n - DNA-96036 Occupation field in \ufffd\ufffd\ufffdAccount \ufffd\ufffd\ufffd Edit\ufffd\ufffd\ufffd is shown twice\n - DNA-96127 Upgrade plan button does nothing\n - DNA-96138 \ufffd\ufffd\ufffdAdd Card\ufffd\ufffd\ufffd button does not change to \ufffd\ufffd\ufffdUpgrade Plan\ufffd\ufffd\ufffd\n after adding card\n\n - Update to version 80.0.4170.63\n - CHR-8612 Update chromium on desktop-stable-94-4170 to 94.0.4606.81\n - DNA-95434 Crash at opera::ThemesService::UpdateCurrentTheme()\n - The update to chromium 94.0.4606.81 fixes following issues:\n CVE-2021-37977, CVE-2021-37978, CVE-2021-37979, CVE-2021-37980\n\n - Update to version 80.0.4170.40\n - CHR-8598 Update chromium on desktop-stable-94-4170 to 94.0.4606.71\n - DNA-95221 Emoji button stuck in address bar\n - DNA-95325 Make y.at navigations to be reported with page_views events\n - DNA-95327 Add \ufffd\ufffd\ufffdEmojis\ufffd\ufffd\ufffd context menu option in address bar field\n - DNA-95339 Add YAT emoji url suggestion to search\ufffd\ufffd dialog\n - DNA-95416 Remove emoji button from address bar\n - DNA-95439 Enable #yat-emoji-addresses on developer stream\n - DNA-95441 [Mac big sur] Emoji are not shown in address bar url\n - DNA-95514 Crash at resource_coordinator::TabLifecycleUnitSource\n ::TabLifecycleUnit::OnLifecycleUnitStateChanged(mojom::\n LifecycleUnitState, mojom::LifecycleUnitStateChangeReason)\n - DNA-95746 Enable #reader-mode everywhere\n - DNA-95865 Numbers are recognized as emojis\n - DNA-95866 Change Yat text in selection popup\n - DNA-95867 Show that buttons are clickable in selection popup\n - The update to chromium 94.0.4606.71 fixes following issues:\n CVE-2021-37974, CVE-2021-37975, CVE-2021-37976\n\n - Update to version 80.0.4170.16\n - CHR-8590 Update chromium on desktop-stable-94-4170 to 94.0.4606.61\n - DNA-95347 Make InstallerStep::Run async\n - DNA-95420 First suggestion in address field is often not highlighted\n - DNA-95613 Browser closing itself after closing SD/first tab and last\n opened tab\n - DNA-95725 Promote O80 to stable\n - DNA-95781 Import fixes for CVE-2021-37975, CVE-2021-37976 and\n CVE-2021-37974 to desktop-stable-94-4170\n - Complete Opera 80.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-80/\n - Drop Provides/Obsoletes for opera-gtk and opera-kde4\n opera-gtk and opera-kde4 were last used in openSUSE 13.1\n - Drop post/postun for desktop_database_post and icon_theme_cache_post\n because were last used before\n openSUSE 15.0\n\n - Update to version 79.0.4143.72\n - DNA-94933 Add emoji panel to address bar\n - DNA-95210 Add emoji YAT address bar suggestions\n - DNA-95221 Emoji button stuck in address bar\n - DNA-95325 Make y.at navigations to be reported with page_views events\n - DNA-95327 Add \ufffd\ufffd\ufffdEmojis\ufffd\ufffd\ufffd context menu option in address bar field\n - DNA-95339 Add YAT emoji url suggestion to search\ufffd\ufffd dialog\n - DNA-95364 Add browser feature flag\n - DNA-95416 Remove emoji button from address bar\n - DNA-95439 Enable #yat-emoji-addresses on developer stream\n - DNA-95441 [Mac big sur] Emoji are not shown in address bar url\n - DNA-95445 Crash when removing unsynced pinboard bookmark with sync\n enabled\n - DNA-95512 Allow to show title and timer for simple banners\n - DNA-95516 Wrong label in settings for themes\n - DNA-95679 Temporarily disable AB test for a new autoupdater logic\n\n - Update to version 79.0.4143.50\n - CHR-8571 Update chromium on desktop-stable-93-4143 to 93.0.4577.82\n - DNA-94104 ContinueShoppingOnEbayBrowserTest.ShouldDisplayOffers\n TilesStartingWithMostActiveOnes fails\n - DNA-94894 [Rich Hint] Agent API permissions\n - DNA-94989 Wrong color and appearance of subpages in the settings\n - DNA-95241 \ufffd\ufffd\ufffdSwitch to tab\ufffd\ufffd\ufffd button is visible only on hover\n - DNA-95286 Add unit tests to pinboard sync related logic in browser\n - DNA-95372 [Mac retina screen] Snapshot doesnt capture cropped area\n - DNA-95526 Some webstore extensions are not verified properly\n - The update to chromium 93.0.4577.82 fixes following issues:\n CVE-2021-30625, CVE-2021-30626, CVE-2021-30627, CVE-2021-30628,\n CVE-2021-30629, CVE-2021-30630, CVE-2021-30631, CVE-2021-30632,\n CVE-2021-30633\n\n - Update to version 79.0.4143.22\n - CHR-8550 Update chromium on desktop-stable-93-4143 to 93.0.4577.58\n - CHR-8557 Update chromium on desktop-stable-93-4143 to 93.0.4577.63\n - DNA-94641 [Linux] Proprietary media codecs not working in snap builds\n - DNA-95076 [Linux] Page crash with media content\n - DNA-95084 [Mac] Cannot quit through menu with snapshot editor open\n - DNA-95138 Add setting to synchronize Pinboards\n - DNA-95157 Crash at -[OperaCrApplication sendEvent:]\n - DNA-95204 Opera 79 translations\n - DNA-95240 The pinboard thumbnail cannot be generated anymore\n - DNA-95278 Existing Pinboards might be missing\n - DNA-95292 Enable #bookmarks-trash-cleaner on all streams\n - DNA-95293 Enable #easy-files-downloads-folder on all streams\n - DNA-95383 Promote O79 to stable\n - Complete Opera 79.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-79/\n - The update to chromium 93.0.4577.58 fixes following issues:\n CVE-2021-30606, CVE-2021-30607, CVE-2021-30608, CVE-2021-30609,\n CVE-2021-30610, CVE-2021-30611, CVE-2021-30612, CVE-2021-30613,\n CVE-2021-30614, CVE-2021-30615, CVE-2021-30616, CVE-2021-30617,\n CVE-2021-30618, CVE-2021-30619, CVE-2021-30620, CVE-2021-30621,\n CVE-2021-30622, CVE-2021-30623, CVE-2021-30624\n\n - Update to version 78.0.4093.184\n - CHR-8533 Update chromium on desktop-stable-92-4093 to 92.0.4515.159\n - DNA-93472 Reattaching to other browsers\n - DNA-93741 Multiple hint slots\n - DNA-93742 Allow displaying unobtrusive external hints\n - DNA-93744 Add slots in toolbar action view\n - DNA-94230 Improve text contrast for Speed Dials\n - DNA-94724 [Mac] Add macOS dark theme wallpaper with easy setup\n - DNA-94786 Crash at base::SupportsUserData:: SetUserData(void const*,\n std::__1::unique_ptr)\n - DNA-94807 Allow scripts access opera version and product info\n - DNA-94862 Continue on shopping Amazon doesn\ufffd\ufffd\ufffdt work correct\n - DNA-94870 Add an addonsPrivate function to install with permissions\n dialog first\n - DNA-95064 Revert DNA-93714 on stable\n - The update to chromium 92.0.4515.159 fixes following issues:\n CVE-2021-30598, CVE-2021-30599, CVE-2021-30600, CVE-2021-30601,\n CVE-2021-30602, CVE-2021-30603, CVE-2021-30604\n\n\n - Update to version 78.0.4093.147\n - CHR-8251 Update chromium on desktop-stable-92-4093 to 92.0.4515.131\n - DNA-93036 Opera not starting after closing window. Processes still\n working.\n - DNA-94516 Add \ufffd\ufffd\ufffdDetach tab\ufffd\ufffd\ufffd entry to tab menu\n - DNA-94584 [Mac] Sidebar setup not closed after press \ufffd\ufffd\ufffdAdd\n extensions\ufffd\ufffd\ufffd button\n - DNA-94761 Crash when trying to record \ufffd\ufffd\ufffdChrome developer\ufffd\ufffd\ufffd trace\n - DNA-94790 Crash at opera::VideoConferenceTabDetachController::\n OnBrowserAboutToStartClosing(Browser*)\n - The update to chromium 92.0.4515.131 fixes following issues:\n CVE-2021-30590, CVE-2021-30591, CVE-2021-30592, CVE-2021-30593,\n CVE-2021-30594, CVE-2021-30596, CVE-2021-30597\n\n - Update to version 78.0.4093.112\n - DNA-94466 Implement sorting Pinboards in overview\n - DNA-94582 Add access to APIs for showing pinboard icon in sidebar\n - DNA-94603 Suspicious pinboards events\n - DNA-94625 Disable opr.pinboardPrivate.getThumbnail() for local files\n - DNA-94640 Promote O78 to stable\n - DNA-94661 Missing translations for some languages\n - Complete Opera 78.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-78/\n\n - Update to version 77.0.4054.277\n - CHR-8502 Update chromium on desktop-stable-91-4054 to 91.0.4472.164\n - DNA-94291 Video conference popout doesnt remember its size after\n resizing\n - DNA-94399 Incorrect icon for wp.pl in address bar dropdown\n - DNA-94462 Low quality of default wallpaper on windows\n - The update to chromium 91.0.4472.164 fixes following issues:\n CVE-2021-30541, CVE-2021-30560, CVE-2021-30561, CVE-2021-30562,\n CVE-2021-30563, CVE-2021-30564\n\n - Update to version 77.0.4054.254\n - DNA-92344 Windows 10 Implementation\n - DNA-92486 Replace \ufffd\ufffd\ufffd icon with \ufffd\ufffd\ufffdsettings\ufffd\ufffd\ufffd icon\n - DNA-92487 Close individual item\n - DNA-92496 Create separate entry in settings for BABE\n - DNA-93275 Implement cycles size according to design\n - DNA-93280 The system theme has only half a checkmark\n - DNA-93728 Whatsapp notification is not refreshed\n - DNA-94047 Remove pinboard WebUI integration\n - DNA-94118 Write test for ThumbnailTabHelper changes in DNA-94100\n - DNA-94120 Fix Welcome popup layout\n - DNA-94140 Crash at base::TaskRunner ::PostTask(base::Location const&,\n base::OnceCallback)\n - DNA-94205 Consider setting pinboard display URL in\n address_field_helper.cc\n - DNA-94211 Easy Files don\ufffd\ufffd\ufffdt show thumbnails\n - DNA-94309 Pinboards URLs don\ufffd\ufffd\ufffdt get lighter color treatment\n - DNA-94318 Wrong \ufffd\ufffd\ufffdTransparency\ufffd\ufffd\ufffd word translation in Swedish\n - DNA-94321 AB test: google suggestions on top \ufffd\ufffd\ufffd bigger test\n - DNA-94341 Make pinboard popup testable on web page\n - DNA-94381 Disabling Pinboards doesn\ufffd\ufffd\ufffdt remove item from menu / sidebar\n - DNA-94392 Add u2f-devices interface to snap packages\n - DNA-94461 Enable #system-theme on all streams\n\n - Update to version 77.0.4054.203\n - CHR-8475 Update chromium on desktop-stable-91-4054 to 91.0.4472.124\n - DNA-93523 Crash at extensions::TabHelper::WebContentsDestroyed()\n - DNA-93917 Upload snap to edge while preparing repository package\n - DNA-94157 Crash at gfx::ICCProfile::operator=(gfx::ICCProfile const&)\n - DNA-94159 Crash at\n opera::auth::AuthAccountServiceImpl::GetAuthAccount()\n - DNA-94161 [Add tabs]Unexpected symbols instead of Workspace name\n - DNA-94241 Implement better process killing for timeout\n - DNA-94248 Allow retry on tests that timed-out\n - DNA-94251 heap-use-after-free in VideoConference\n - DNA-94315 Crash at class std::__1::basic_string ui::ResourceBundle::\n LoadLocaleResources(const class std::__1::basic_string& const, bool)\n - DNA-94357 Fix issue in scripts\n\n - Update to version 77.0.4054.172\n - DNA-93078 Do not display \ufffd\ufffd\ufffdshare tab\ufffd\ufffd\ufffd sliding toolbar on detached\n tab\n - DNA-93358 The red underline extends beyond the Google meets conference\n tab outline\n - DNA-93404 Crash in test when destroying BABE\ufffd\ufffd\ufffds webcontents\n - DNA-93637 ctrl+9 shortcut is inconsistent with other browsers\n - DNA-93661 Add opauto test to cover new shortcut from DNA-93637\n - DNA-93867 Use version from package instead of repository\n - DNA-93993 Pinboard translations from Master\n - DNA-94099 Increase new-autoupdater-logic AB test to cover 50% of new\n installations\n - DNA-94100 Thumbnail doesn\ufffd\ufffd\ufffdt update\n - DNA-94178 Automatic popout should not happen after manually closing a\n popout\n\n - Update to version 77.0.4054.146\n - CHR-8458 Update chromium on desktop-stable-91-4054 to 91.0.4472.114\n - DNA-92171 Create active linkdiscovery service\n - DNA-92388 Fix and unskip\n WorkspacesEmoji.testChooseEmojiAsWorkspaceIcon when possible\n - DNA-93101 Tabs are being snoozed when tab snoozing is disabled\n - DNA-93386 Update pinboard view when item changes\n - DNA-93448 Make browser ready for Developer release\n - DNA-93491 Fix failing tests after enabling #pinboard flag\n - DNA-93498 Add additional music services\n - DNA-93503 Blank popup on clicking toolbar icon with popup open\n - DNA-93561 Do not allow zoom different from 100% in Pinboard popup\n - DNA-93637 ctrl+9 shortcut is inconsistent with other browsers\n - DNA-93644 Create route for `import open tabs` to `pinboard`\n - DNA-93664 Adapt popup to design\n - DNA-93702 Turn on flags on developer\n - DNA-93737 [Pinboard] Remove Mock API\n - DNA-93745 Unable to open the popup after opening it several times\n - DNA-93776 Popup closes and reopens when clicking the toolbar button\n - DNA-93786 DCHECK after opening popup\n - DNA-93802 Crash at views::Widget::GetNativeView() const\n - DNA-93810 Add pinboard icon to sidebar\n - DNA-93825 Add pinboard to Opera menu\n - DNA-93833 [Player] Implement seeking for new services\n - DNA-93845 Do not log output of snapcraft on console\n - DNA-93864 Create feature flag for start page sync banner\n - DNA-93865 Implement start page banner\n - DNA-93867 Use version from package instead of repository\n - DNA-93878 [Player] Crash when current player service becomes\n unavailable when user location changes\n - DNA-93953 \ufffd\ufffd\ufffdSend image to Pinboard\ufffd\ufffd\ufffd has the wrong position in the\n context menu\n - DNA-93987 Disable zooming popup contents like in other popups\n - DNA-93989 Change internal URL to opera://pinboards\n - DNA-93990 Update strings to reflect new standards\n - DNA-93992 Add Pinboards to Opera settings\n - DNA-93993 Pinboard translations from Master\n - DNA-94011 Enable feature flags for Reborn 5 on stable\n - DNA-94019 Add a direct link to settings\n - DNA-94088 Internal pages provoke not saving other pages to the Pinboard\n - DNA-94111 [O77] Sidebar setup does not open\n - DNA-94139 Crash at\n opera::(anonymous namespace)::PinboardPopupWebView::RemovedFromWidget()\n - The update to chromium 91.0.4472.114 fixes following issues:\n CVE-2021-30554, CVE-2021-30555, CVE-2021-30556, CVE-2021-30557\n\n - Update to version 77.0.4054.90\n - CHR-8446 Update chromium on desktop-stable-91-4054 to 91.0.4472.101\n - The update to chromium 91.0.4472.101 fixes following issues:\n CVE-2021-30544, CVE-2021-30545, CVE-2021-30546, CVE-2021-30547,\n CVE-2021-30548, CVE-2021-30549, CVE-2021-30550, CVE-2021-30551,\n CVE-2021-30552, CVE-2021-30553\n - Update to version 77.0.4054.80\n - DNA-93656 Active cards in checkout Auto-fill\n - DNA-93805 Create snap packages in buildsign\n - DNA-93823 archive_opera_snap failures on Linux\n - DNA-93844 Fix AttributeError in package_type.py\n\n\n - Update to version 77.0.4054.64\n - DNA-93159 Implement image(preview) of each created pinboard\n - DNA-93273 \ufffd\ufffd\ufffdSend image to Pinboard\ufffd\ufffd\ufffd doesn\ufffd\ufffd\ufffdt work correct on\n staging server\n - DNA-93277 Add/update opauto tests for the System Theme WP1\n implementation p.1\n - DNA-93286 [BigSur] YT not being reloaded when opened from link\n - DNA-93296 Opera 77 translations\n - DNA-93372 Build new edition for Axel Springer\n - DNA-93376 Write unittests for PinboardImageCollector\n - DNA-93401 [LastCard] Do not change user state if not needed\n - DNA-93409 Animation with hat and glasses is missing in Private mode\n - DNA-93443 API opr.pinboardPrivate.getThumbnail() returns\n old thumbnail image\n - DNA-93509 Add Opera switch for pinboard staging backend and use it for\n tests\n - DNA-93519 [Sidebar] WhatsApp \ufffd\ufffd\ufffdLog out\ufffd\ufffd\ufffd doesn\ufffd\ufffd\ufffdt work\n - DNA-93634 Fix errors in Slovak translations\n - DNA-93724 Some webstore extensions are not verified properly\n - Complete Opera 77.0 changelog at:\n https://blogs.opera.com/desktop/changelog-for-77/\n\n - Update to version 76.0.4017.177\n - DNA-92597 Sound controller doesn\ufffd\ufffd\ufffdt work after pressing \ufffd\ufffd\ufffdNext\ufffd\ufffd\ufffd\n button\n - DNA-93405 Import vmp_signer instead of starting new python process\n - DNA-93406 [Mac] Import plist_util instead of calling script in\n _generateAppEntitlements\n - DNA-93442 Make GX Control panel attachable by webdriver\n - DNA-93554 [AdBlock] Find a fix for blocking \ufffd\ufffd\ufffdnew\ufffd\ufffd\ufffd YouTube ads\n - DNA-93587 Pre-refactor solution\n\n - Update to version 76.0.4017.154\n - CHR-8420 Update chromium on desktop-stable-90-4017 to 90.0.4430.212\n - DNA-92411 Bookmarks breadcrumbs wrong color when pressed in dark mode\n - DNA-92587 Sync settings: \ufffd\ufffd\ufffdUse old password\ufffd\ufffd\ufffd button doesn\ufffd\ufffd\ufffdt work\n - DNA-92672 Make it possible for agent to inject scripts into startpage\n - DNA-92712 Add SD reload API\n - DNA-93190 The bookmark can\ufffd\ufffd\ufffdt be opened in Workspace 5-6\n - DNA-93247 Reopen last closed tab shortcut opens random tab on new\n window\n - DNA-93294 Binary diff for opera_browser.dll is not created on 32-bit\n builds\n - DNA-93313 Add opauto test to cover DNA-93190\n - DNA-93368 Fix an error in Polish translation\n - DNA-93408 [Windows] widevine_cdm_component_installer does not compile\n on desktop-stable-90-4017\n - The update to chromium 90.0.4430.212 fixes following issues:\n CVE-2021-30506, CVE-2021-30507, CVE-2021-30508, CVE-2021-30509,\n CVE-2021-30510, CVE-2021-30511, CVE-2021-30512, CVE-2021-30513,\n CVE-2021-30514, CVE-2021-30515, CVE-2021-30516, CVE-2021-30517,\n CVE-2021-30518, CVE-2021-30519, CVE-2021-30520\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:NonFree:\n\n zypper in -t patch openSUSE-2022-110=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-04-08T00:00:00", "type": "suse", "title": "Security update for opera (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-30506", "CVE-2021-30507", "CVE-2021-30508", "CVE-2021-30509", "CVE-2021-30510", "CVE-2021-30511", "CVE-2021-30512", "CVE-2021-30513", "CVE-2021-30514", "CVE-2021-30515", "CVE-2021-30516", "CVE-2021-30517", "CVE-2021-30518", "CVE-2021-30519", "CVE-2021-30520", "CVE-2021-30541", "CVE-2021-30544", "CVE-2021-30545", "CVE-2021-30546", "CVE-2021-30547", "CVE-2021-30548", "CVE-2021-30549", "CVE-2021-30550", "CVE-2021-30551", "CVE-2021-30552", "CVE-2021-30553", "CVE-2021-30554", "CVE-2021-30555", "CVE-2021-30556", "CVE-2021-30557", "CVE-2021-30560", "CVE-2021-30561", "CVE-2021-30562", "CVE-2021-30563", "CVE-2021-30564", "CVE-2021-30590", "CVE-2021-30591", "CVE-2021-30592", "CVE-2021-30593", "CVE-2021-30594", "CVE-2021-30596", "CVE-2021-30597", "CVE-2021-30598", "CVE-2021-30599", "CVE-2021-30600", "CVE-2021-30601", "CVE-2021-30602", "CVE-2021-30603", "CVE-2021-30604", "CVE-2021-30606", "CVE-2021-30607", "CVE-2021-30608", "CVE-2021-30609", "CVE-2021-30610", "CVE-2021-30611", "CVE-2021-30612", "CVE-2021-30613", "CVE-2021-30614", "CVE-2021-30615", "CVE-2021-30616", "CVE-2021-30617", "CVE-2021-30618", "CVE-2021-30619", "CVE-2021-30620", "CVE-2021-30621", "CVE-2021-30622", "CVE-2021-30623", "CVE-2021-30624", "CVE-2021-30625", "CVE-2021-30626", "CVE-2021-30627", "CVE-2021-30628", "CVE-2021-30629", "CVE-2021-30630", "CVE-2021-30631", "CVE-2021-30632", "CVE-2021-30633", "CVE-2021-37974", "CVE-2021-37975", "CVE-2021-37976", "CVE-2021-37977", "CVE-2021-37978", "CVE-2021-37979", "CVE-2021-37980", "CVE-2021-37981", "CVE-2021-37982", "CVE-2021-37983", "CVE-2021-37984", "CVE-2021-37985", "CVE-2021-37986", "CVE-2021-37987", "CVE-2021-37988", "CVE-2021-37989", "CVE-2021-37990", "CVE-2021-37991", "CVE-2021-37992", "CVE-2021-37993", "CVE-2021-37994", "CVE-2021-37995", "CVE-2021-37996", "CVE-2021-37997", "CVE-2021-37998", "CVE-2021-37999", "CVE-2021-38001", "CVE-2021-38002", "CVE-2021-38003", "CVE-2021-38004", "CVE-2021-38005", "CVE-2021-38006", "CVE-2021-38007", "CVE-2021-38008", "CVE-2021-38009", "CVE-2021-38010", "CVE-2021-38011", "CVE-2021-38012", "CVE-2021-38013", "CVE-2021-38014", "CVE-2021-38015", "CVE-2021-38016", "CVE-2021-38017", "CVE-2021-38019", "CVE-2021-38020", "CVE-2021-38021", "CVE-2021-38022", "CVE-2021-4052", "CVE-2021-4053", "CVE-2021-4054", "CVE-2021-4055", "CVE-2021-4056", "CVE-2021-4057", "CVE-2021-4058", "CVE-2021-4059", "CVE-2021-4061", "CVE-2021-4062", "CVE-2021-4063", "CVE-2021-4064", "CVE-2021-4065", "CVE-2021-4066", "CVE-2021-4067", "CVE-2021-4068", "CVE-2021-4078", "CVE-2021-4079", "CVE-2021-4098", "CVE-2021-4099", "CVE-2021-4100", "CVE-2021-4101", "CVE-2021-4102", "CVE-2022-0096", "CVE-2022-0097", "CVE-2022-0098", "CVE-2022-0099", "CVE-2022-0100", "CVE-2022-0101", "CVE-2022-0102", "CVE-2022-0103", "CVE-2022-0104", "CVE-2022-0105", "CVE-2022-0106", "CVE-2022-0107", "CVE-2022-0108", "CVE-2022-0109", "CVE-2022-0110", "CVE-2022-0111", "CVE-2022-0112", "CVE-2022-0113", "CVE-2022-0114", "CVE-2022-0115", "CVE-2022-0116", "CVE-2022-0117", "CVE-2022-0118", "CVE-2022-0120", "CVE-2022-0289", "CVE-2022-0290", "CVE-2022-0291", "CVE-2022-0292", "CVE-2022-0293", "CVE-2022-0294", "CVE-2022-0295", "CVE-2022-0296", "CVE-2022-0297", "CVE-2022-0298", "CVE-2022-0300", "CVE-2022-0301", "CVE-2022-0302", "CVE-2022-0304", "CVE-2022-0305", "CVE-2022-0306", "CVE-2022-0307", "CVE-2022-0308", "CVE-2022-0309", "CVE-2022-0310", "CVE-2022-0311", "CVE-2022-0452", "CVE-2022-0453", "CVE-2022-0454", "CVE-2022-0455", "CVE-2022-0456", "CVE-2022-0457", "CVE-2022-0458", "CVE-2022-0459", "CVE-2022-0460", "CVE-2022-0461", "CVE-2022-0462", "CVE-2022-0463", "CVE-2022-0464", "CVE-2022-0465", "CVE-2022-0466", "CVE-2022-0467", "CVE-2022-0468", "CVE-2022-0469", "CVE-2022-0470", "CVE-2022-0603", "CVE-2022-0604", "CVE-2022-0605", "CVE-2022-0606", "CVE-2022-0607", "CVE-2022-0608", "CVE-2022-0609", "CVE-2022-0610", "CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809", "CVE-2022-1096"], "modified": "2022-04-08T00:00:00", "id": "OPENSUSE-SU-2022:0110-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZOJPFVCOKYO6YUMKBJPTCF74IGAYK5K4/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2022-04-11T11:01:05", "description": "\n\nChrome Releases reports:\n\nThis release contains 28 security fixes, including:\n\n[1289383] High CVE-2022-0789: Heap buffer overflow in ANGLE.\n\t Reported by SeongHwan Park (SeHwa) on 2022-01-21\n[1274077] High CVE-2022-0790: Use after free in Cast UI.\n\t Reported by Anonymous on 2021-11-26\n[1278322] High CVE-2022-0791: Use after free in Omnibox.\n\t Reported by Zhihua Yao of KunLun Lab on 2021-12-09\n[1285885] High CVE-2022-0792: Out of bounds read in ANGLE.\n\t Reported by Jaehun Jeong (@n3sk) of Theori on 2022-01-11\n[1291728] High CVE-2022-0793: Use after free in Views. Reported\n\t by Thomas Orlita on 2022-01-28\n[1294097] High CVE-2022-0794: Use after free in WebShare.\n\t Reported by Khalil Zhani on 2022-02-04\n[1282782] High CVE-2022-0795: Type Confusion in Blink Layout.\n\t Reported by 0x74960 on 2021-12-27\n[1295786] High CVE-2022-0796: Use after free in Media. Reported\n\t by Cassidy Kim of Amber Security Lab, OPPO Mobile\n\t Telecommunications Corp. Ltd. on 2022-02-10\n[1281908] High CVE-2022-0797: Out of bounds memory access in\n\t Mojo. Reported by Sergei Glazunov of Google Project Zero on\n\t 2021-12-21\n[1283402] Medium CVE-2022-0798: Use after free in MediaStream.\n\t Reported by Samet Bekmezci @sametbekmezci on 2021-12-30\n[1279188] Medium CVE-2022-0799: Insufficient policy enforcement\n\t in Installer. Reported by Abdelhamid Naceri (halov) on\n\t 2021-12-12\n[1242962] Medium CVE-2022-0800: Heap buffer overflow in Cast UI.\n\t Reported by Khalil Zhani on 2021-08-24\n[1231037] Medium CVE-2022-0801: Inappropriate implementation in\n\t HTML parser. Reported by Michal Bentkowski of Securitum on\n\t 2021-07-20\n[1270052] Medium CVE-2022-0802: Inappropriate implementation in\n\t Full screen mode. Reported by Irvan Kurniawan (sourc7) on\n\t 2021-11-14\n[1280233] Medium CVE-2022-0803: Inappropriate implementation in\n\t Permissions. Reported by Abdulla Aldoseri on 2021-12-15\n[1264561] Medium CVE-2022-0804: Inappropriate implementation in\n\t Full screen mode. Reported by Irvan Kurniawan (sourc7) on\n\t 2021-10-29\n[1290700] Medium CVE-2022-0805: Use after free in Browser\n\t Switcher. Reported by raven at KunLun Lab on 2022-01-25\n[1283434] Medium CVE-2022-0806: Data leak in Canvas. Reported by\n\t Paril on 2021-12-31\n[1287364] Medium CVE-2022-0807: Inappropriate implementation in\n\t Autofill. Reported by Alesandro Ortiz on 2022-01-14\n[1292271] Medium CVE-2022-0808: Use after free in Chrome OS\n\t Shell. Reported by @ginggilBesel on 2022-01-29\n[1293428] Medium CVE-2022-0809: Out of bounds memory access in\n\t WebXR. Reported by @uwu7586 on 2022-02-03\n\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-01T00:00:00", "type": "freebsd", "title": "chromium -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-03-01T00:00:00", "id": "E0914087-9A09-11EC-9E61-3065EC8FD3EC", "href": "https://vuxml.freebsd.org/freebsd/e0914087-9a09-11ec-9e61-3065ec8fd3ec.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2022-03-12T03:40:18", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-11T14:48:13", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: chromium-99.0.4844.51-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-22570", "CVE-2022-0096", "CVE-2022-0097", "CVE-2022-0098", "CVE-2022-0099", "CVE-2022-0100", "CVE-2022-0101", "CVE-2022-0102", "CVE-2022-0103", "CVE-2022-0104", "CVE-2022-0105", "CVE-2022-0106", "CVE-2022-0107", "CVE-2022-0108", "CVE-2022-0109", "CVE-2022-0110", "CVE-2022-0111", "CVE-2022-0112", "CVE-2022-0113", "CVE-2022-0114", "CVE-2022-0115", "CVE-2022-0116", "CVE-2022-0117", "CVE-2022-0118", "CVE-2022-0120", "CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-03-11T14:48:13", "id": "FEDORA:7AA7C307F074", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-15T01:00:04", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-14T22:27:09", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: chromium-99.0.4844.51-1.fc34", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-22570", "CVE-2022-0096", "CVE-2022-0097", "CVE-2022-0098", "CVE-2022-0099", "CVE-2022-0100", "CVE-2022-0101", "CVE-2022-0102", "CVE-2022-0103", "CVE-2022-0104", "CVE-2022-0105", "CVE-2022-0106", "CVE-2022-0107", "CVE-2022-0108", "CVE-2022-0109", "CVE-2022-0110", "CVE-2022-0111", "CVE-2022-0112", "CVE-2022-0113", "CVE-2022-0114", "CVE-2022-0115", "CVE-2022-0116", "CVE-2022-0117", "CVE-2022-0118", "CVE-2022-0120", "CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-03-14T22:27:09", "id": "FEDORA:BD29330987FD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T02:19:21", "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-03-26T15:43:20", "type": "fedora", "title": "[SECURITY] Fedora 36 Update: chromium-99.0.4844.51-1.fc36", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-22570", "CVE-2022-0096", "CVE-2022-0097", "CVE-2022-0098", "CVE-2022-0099", "CVE-2022-0100", "CVE-2022-0101", "CVE-2022-0102", "CVE-2022-0103", "CVE-2022-0104", "CVE-2022-0105", "CVE-2022-0106", "CVE-2022-0107", "CVE-2022-0108", "CVE-2022-0109", "CVE-2022-0110", "CVE-2022-0111", "CVE-2022-0112", "CVE-2022-0113", "CVE-2022-0114", "CVE-2022-0115", "CVE-2022-0116", "CVE-2022-0117", "CVE-2022-0118", "CVE-2022-0120", "CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809"], "modified": "2022-03-26T15:43:20", "id": "FEDORA:9952031143B1", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "rapid7blog": [{"lastseen": "2022-03-14T19:28:34", "description": "![Patch Tuesday - March 2022](https://blog.rapid7.com/content/images/2022/03/patches-2.jpg)\n\nMicrosoft's [March 2022 updates](<https://msrc.microsoft.com/update-guide/releaseNote/2022-Mar>) include fixes for 92 CVEs (including 21 from the Chromium project, which is used by their Edge web browser). None of them have been seen exploited in the wild, but three have been previously disclosed. [CVE-2022-24512](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-24512>), affecting .NET and Visual Studio, and [CVE-2022-21990](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-21990>), affecting Remote Desktop Client, both allow RCE (Remote Code Execution). [CVE-2022-24459](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-24459>) is an LPE (local privilege escalation) vulnerability in the Windows Fax and Scan service. All three publicly disclosed vulnerabilities are rated Important \u2013 organizations should remediate at their regular patch cadence.\n\nThree CVEs this month are rated Critical. [CVE-2022-22006](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-22006>) and [CVE-2022-24501](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-24501>) both affect video codecs. In most cases, these will update automatically via the Microsoft Store. However, any organizations with automatic updates disabled should be sure to push out updates. The vulnerability most likely to raise eyebrows this month is [CVE-2022-23277](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-23277>), a Critical RCE affecting Exchange Server. Thankfully, this is a post-authentication vulnerability, meaning attackers need credentials to exploit it. Although passwords can be obtained via phishing and other means, this one shouldn\u2019t be as rampantly exploited as the [deluge](<https://www.rapid7.com/blog/post/2021/03/03/mass-exploitation-of-exchange-server-zero-day-cves-what-you-need-to-know/>) of Exchange vulnerabilities we saw throughout 2021. Exchange administrators should still patch as soon as reasonably possible.\n\nSharePoint administrators get a break this month, though on the client side, a handful of Office vulnerabilities were fixed. [Three](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24509>) [separate](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24461>) [RCEs](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24510>) in Visio, [Tampering](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24511>) and [Security Feature Bypass](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24462>) vulnerabilities in Word, and [Information Disclosure](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24522>) in the Skype Extension for Chrome all got patched.\n\n[CVE-2022-24508](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-24508>) is an RCE affecting Windows SMBv3, which has potential for widespread exploitation, assuming an attacker can put together a suitable exploit. Luckily, like this month's Exchange vulnerabilities, this too requires authentication.\n\nOrganizations using Microsoft\u2019s Azure Site Recovery service should be aware that 11 CVEs were fixed with today\u2019s updates, split between RCEs and LPEs. They are all specific to the scenario where an on-premise VMware deployment is set up to use Azure for disaster recovery.\n\n## Summary charts\n\n![Patch Tuesday - March 2022](https://blog.rapid7.com/content/images/2022/03/2022-03-vuln_count_severity.png)![Patch Tuesday - March 2022](https://blog.rapid7.com/content/images/2022/03/2022-03-vuln_count_impact.png)![Patch Tuesday - March 2022](https://blog.rapid7.com/content/images/2022/03/2022-03-cvssv3_hist.png)![Patch Tuesday - March 2022](https://blog.rapid7.com/content/images/2022/03/2022-03-vuln_count_component.png)\n\n## Summary tables\n\n### Apps vulnerabilities\n\nCVE | Title | Exploited | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-23282](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23282>) | Paint 3D Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-24465](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24465>) | Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability | No | No | 3.3 | Yes \n \n### Azure vulnerabilities\n\nCVE | Title | Exploited | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-24467](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24467>) | Azure Site Recovery Remote Code Execution Vulnerability | No | No | 7.2 | Yes \n[CVE-2022-24468](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24468>) | Azure Site Recovery Remote Code Execution Vulnerability | No | No | 7.2 | Yes \n[CVE-2022-24517](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24517>) | Azure Site Recovery Remote Code Execution Vulnerability | No | No | 7.2 | Yes \n[CVE-2022-24470](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24470>) | Azure Site Recovery Remote Code Execution Vulnerability | No | No | 7.2 | Yes \n[CVE-2022-24471](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24471>) | Azure Site Recovery Remote Code Execution Vulnerability | No | No | 7.2 | Yes \n[CVE-2022-24520](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24520>) | Azure Site Recovery Remote Code Execution Vulnerability | No | No | 7.2 | Yes \n[CVE-2022-24469](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24469>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 8.1 | Yes \n[CVE-2022-24506](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24506>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-24515](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24515>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-24518](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24518>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-24519](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24519>) | Azure Site Recovery Elevation of Privilege Vulnerability | No | No | 6.5 | Yes \n \n### Browser vulnerabilities\n\nCVE | Title | Exploited | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-0809](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0809>) | Chromium: CVE-2022-0809 Out of bounds memory access in WebXR | No | No | N/A | Yes \n[CVE-2022-0808](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0808>) | Chromium: CVE-2022-0808 Use after free in Chrome OS Shell | No | No | N/A | Yes \n[CVE-2022-0807](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0807>) | Chromium: CVE-2022-0807 Inappropriate implementation in Autofill | No | No | N/A | Yes \n[CVE-2022-0806](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0806>) | Chromium: CVE-2022-0806 Data leak in Canvas | No | No | N/A | Yes \n[CVE-2022-0805](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0805>) | Chromium: CVE-2022-0805 Use after free in Browser Switcher | No | No | N/A | Yes \n[CVE-2022-0804](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0804>) | Chromium: CVE-2022-0804 Inappropriate implementation in Full screen mode | No | No | N/A | Yes \n[CVE-2022-0803](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0803>) | Chromium: CVE-2022-0803 Inappropriate implementation in Permissions | No | No | N/A | Yes \n[CVE-2022-0802](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0802>) | Chromium: CVE-2022-0802 Inappropriate implementation in Full screen mode | No | No | N/A | Yes \n[CVE-2022-0801](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0801>) | Chromium: CVE-2022-0801 Inappropriate implementation in HTML parser | No | No | N/A | Yes \n[CVE-2022-0800](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0800>) | Chromium: CVE-2022-0800 Heap buffer overflow in Cast UI | No | No | N/A | Yes \n[CVE-2022-0799](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0799>) | Chromium: CVE-2022-0799 Insufficient policy enforcement in Installer | No | No | N/A | Yes \n[CVE-2022-0798](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0798>) | Chromium: CVE-2022-0798 Use after free in MediaStream | No | No | N/A | Yes \n[CVE-2022-0797](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0797>) | Chromium: CVE-2022-0797 Out of bounds memory access in Mojo | No | No | N/A | Yes \n[CVE-2022-0796](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0796>) | Chromium: CVE-2022-0796 Use after free in Media | No | No | N/A | Yes \n[CVE-2022-0795](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0795>) | Chromium: CVE-2022-0795 Type Confusion in Blink Layout | No | No | N/A | Yes \n[CVE-2022-0794](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0794>) | Chromium: CVE-2022-0794 Use after free in WebShare | No | No | N/A | Yes \n[CVE-2022-0793](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0793>) | Chromium: CVE-2022-0793 Use after free in Views | No | No | N/A | Yes \n[CVE-2022-0792](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0792>) | Chromium: CVE-2022-0792 Out of bounds read in ANGLE | No | No | N/A | Yes \n[CVE-2022-0791](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0791>) | Chromium: CVE-2022-0791 Use after free in Omnibox | No | No | N/A | Yes \n[CVE-2022-0790](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0790>) | Chromium: CVE-2022-0790 Use after free in Cast UI | No | No | N/A | Yes \n[CVE-2022-0789](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-0789>) | Chromium: CVE-2022-0789 Heap buffer overflow in ANGLE | No | No | N/A | Yes \n \n### Developer Tools vulnerabilities\n\nCVE | Title | Exploited | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-24526](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24526>) | Visual Studio Code Spoofing Vulnerability | No | No | 6.1 | Yes \n[CVE-2020-8927](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-8927>) | Brotli Library Buffer Overflow Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-24512](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24512>) | .NET and Visual Studio Remote Code Execution Vulnerability | No | Yes | 6.3 | Yes \n[CVE-2022-24464](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24464>) | .NET and Visual Studio Denial of Service Vulnerability | No | No | 7.5 | No \n \n### Exchange Server vulnerabilities\n\nCVE | Title | Exploited | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-24463](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24463>) | Microsoft Exchange Server Spoofing Vulnerability | No | No | 6.5 | Yes \n[CVE-2022-23277](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23277>) | Microsoft Exchange Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n \n### Microsoft Office vulnerabilities\n\nCVE | Title | Exploited | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-24522](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24522>) | Skype Extension for Chrome Information Disclosure Vulnerability | No | No | 7.5 | Yes \n[CVE-2022-24462](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24462>) | Microsoft Word Security Feature Bypass Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-24511](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24511>) | Microsoft Office Word Tampering Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-24509](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24509>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-24461](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24461>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-24510](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24510>) | Microsoft Office Visio Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n \n### System Center vulnerabilities\n\nCVE | Title | Exploited | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-23265](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23265>) | Microsoft Defender for IoT Remote Code Execution Vulnerability | No | No | 7.2 | Yes \n[CVE-2022-23266](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23266>) | Microsoft Defender for IoT Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-23278](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23278>) | Microsoft Defender for Endpoint Spoofing Vulnerability | No | No | 5.9 | Yes \n \n### Windows vulnerabilities\n\nCVE | Title | Exploited | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-21967](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21967>) | Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-24525](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24525>) | Windows Update Stack Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-24508](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24508>) | Windows SMBv3 Client/Server Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-23284](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23284>) | Windows Print Spooler Elevation of Privilege Vulnerability | No | No | 7.2 | No \n[CVE-2022-21975](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21975>) | Windows Hyper-V Denial of Service Vulnerability | No | No | 4.7 | Yes \n[CVE-2022-23294](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23294>) | Windows Event Tracing Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-23291](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23291>) | Windows DWM Core Library Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2022-23288](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23288>) | Windows DWM Core Library Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-23286](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23286>) | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-24455](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24455>) | Windows CD-ROM Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2022-24507](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24507>) | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2022-23287](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23287>) | Windows ALPC Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-24505](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24505>) | Windows ALPC Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-24501](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24501>) | VP9 Video Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-24451](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24451>) | VP9 Video Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-24460](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24460>) | Tablet Windows User Interface Application Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-23295](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23295>) | Raw Image Extension Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-23300](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23300>) | Raw Image Extension Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-22010](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22010>) | Media Foundation Information Disclosure Vulnerability | No | No | 4.4 | Yes \n[CVE-2022-21977](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21977>) | Media Foundation Information Disclosure Vulnerability | No | No | 3.3 | Yes \n[CVE-2022-22006](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22006>) | HEVC Video Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-23301](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23301>) | HEVC Video Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-22007](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22007>) | HEVC Video Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-24452](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24452>) | HEVC Video Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-24453](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24453>) | HEVC Video Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-24456](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24456>) | HEVC Video Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-24457](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24457>) | HEIF Image Extensions Remote Code Execution Vulnerability | No | No | 7.8 | Yes \n \n### Windows ESU vulnerabilities\n\nCVE | Title | Exploited | Publicly disclosed? | CVSSv3 base score | Has FAQ? \n---|---|---|---|---|--- \n[CVE-2022-24454](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24454>) | Windows Security Support Provider Interface Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2022-23299](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23299>) | Windows PDEV Elevation of Privilege Vulnerability | No | No | 7.8 | Yes \n[CVE-2022-23298](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23298>) | Windows NT OS Kernel Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-23297](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23297>) | Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-21973](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21973>) | Windows Media Center Update Denial of Service Vulnerability | No | No | 5.5 | No \n[CVE-2022-23296](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23296>) | Windows Installer Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2022-23290](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23290>) | Windows Inking COM Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2022-24502](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24502>) | Windows HTML Platforms Security Feature Bypass Vulnerability | No | No | 4.3 | Yes \n[CVE-2022-24459](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24459>) | Windows Fax and Scan Service Elevation of Privilege Vulnerability | No | Yes | 7.8 | No \n[CVE-2022-23293](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23293>) | Windows Fast FAT File System Driver Elevation of Privilege Vulnerability | No | No | 7.8 | No \n[CVE-2022-23281](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23281>) | Windows Common Log File System Driver Information Disclosure Vulnerability | No | No | 5.5 | Yes \n[CVE-2022-23283](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23283>) | Windows ALPC Elevation of Privilege Vulnerability | No | No | 7 | Yes \n[CVE-2022-24503](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24503>) | Remote Desktop Protocol Client Information Disclosure Vulnerability | No | No | 5.4 | Yes \n[CVE-2022-21990](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21990>) | Remote Desktop Client Remote Code Execution Vulnerability | No | Yes | 8.8 | Yes \n[CVE-2022-23285](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23285>) | Remote Desktop Client Remote Code Execution Vulnerability | No | No | 8.8 | Yes \n[CVE-2022-23253](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23253>) | Point-to-Point Tunneling Protocol Denial of Service Vulnerability | No | No | 6.5 | No \n \n#### NEVER MISS A BLOG\n\nGet the latest stories, expertise, and news about security today.\n\nSubscribe", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-03-08T21:08:35", "type": "rapid7blog", "title": "Patch Tuesday - March 2022", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8927", "CVE-2022-0789", "CVE-2022-0790", "CVE-2022-0791", "CVE-2022-0792", "CVE-2022-0793", "CVE-2022-0794", "CVE-2022-0795", "CVE-2022-0796", "CVE-2022-0797", "CVE-2022-0798", "CVE-2022-0799", "CVE-2022-0800", "CVE-2022-0801", "CVE-2022-0802", "CVE-2022-0803", "CVE-2022-0804", "CVE-2022-0805", "CVE-2022-0806", "CVE-2022-0807", "CVE-2022-0808", "CVE-2022-0809", "CVE-2022-21967", "CVE-2022-21973", "CVE-2022-21975", "CVE-2022-21977", "CVE-2022-21990", "CVE-2022-22006", "CVE-2022-22007", "CVE-2022-22010", "CVE-2022-23253", "CVE-2022-23265", "CVE-2022-23266", "CVE-2022-23277", "CVE-2022-23278", "CVE-2022-23281", "CVE-2022-23282", "CVE-2022-23283", "CVE-2022-23284", "CVE-2022-23285", "CVE-2022-23286", "CVE-2022-23287", "CVE-2022-23288", "CVE-2022-23290", "CVE-2022-23291", "CVE-2022-23293", "CVE-2022-23294", "CVE-2022-23295", "CVE-2022-23296", "CVE-2022-23297", "CVE-2022-23298", "CVE-2022-23299", "CVE-2022-23300", "CVE-2022-23301", "CVE-2022-24451", "CVE-2022-24452", "CVE-2022-24453", "CVE-2022-24454", "CVE-2022-24455", "CVE-2022-24456", "CVE-2022-24457", "CVE-2022-24459", "CVE-2022-24460", "CVE-2022-24461", "CVE-2022-24462", "CVE-2022-24463", "CVE-2022-24464", "CVE-2022-24465", "CVE-2022-24467", "CVE-2022-24468", "CVE-2022-24469", "CVE-2022-24470", "CVE-2022-24471", "CVE-2022-24501", "CVE-2022-24502", "CVE-2022-24503", "CVE-2022-24505", "CVE-2022-24506", "CVE-2022-24507", "CVE-2022-24508", "CVE-2022-24509", "CVE-2022-24510", "CVE-2022-24511", "CVE-2022-24512", "CVE-2022-24515", "CVE-2022-24517", "CVE-2022-24518", "CVE-2022-24519", "CVE-2022-24520", "CVE-2022-24522", "CVE-2022-24525", "CVE-2022-24526"], "modified": "2022-03-08T21:08:35", "id": "RAPID7BLOG:C62665D003B287EB5E4FC604B7578606", "href": "https://blog.rapid7.com/2022/03/08/patch-tuesday-march-2022/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}]}