openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10120-1)


The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10120-1 advisory. - Use after free in Network Service. (CVE-2022-3038) - Use after free in WebSQL. (CVE-2022-3039, CVE-2022-3041) - Use after free in Layout. (CVE-2022-3040) - Use after free in PhoneHub. (CVE-2022-3042) - Heap buffer overflow in Screen Capture. (CVE-2022-3043) - Inappropriate implementation in Site Isolation. (CVE-2022-3044) - Insufficient validation of untrusted input in V8. (CVE-2022-3045) - Use after free in Browser Tag. (CVE-2022-3046) - Insufficient policy enforcement in Extensions API. (CVE-2022-3047) - Inappropriate implementation in Chrome OS lockscreen. (CVE-2022-3048) - Use after free in SplitScreen. (CVE-2022-3049) - Heap buffer overflow in WebUI. (CVE-2022-3050) - Heap buffer overflow in Exosphere. (CVE-2022-3051) - Heap buffer overflow in Window Manager. (CVE-2022-3052) - Inappropriate implementation in Pointer Lock. (CVE-2022-3053) - Insufficient policy enforcement in DevTools. (CVE-2022-3054) - Use after free in Passwords. (CVE-2022-3055) - Insufficient policy enforcement in Content Security Policy. (CVE-2022-3056) - Inappropriate implementation in iframe Sandbox. (CVE-2022-3057) - Use after free in Sign-In Flow. (CVE-2022-3058) - Use after free in Tab Strip. (CVE-2022-3071) - Insufficient data validation in Mojo. (CVE-2022-3075) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.