openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10229-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10229-1 advisory. - Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a...

Microsoft Edge (Chromium) < 108.0.1462.41 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 108.0.1462.41. It is, therefore, affected by multiple vulnerabilities as referenced in the December 5, 2022 advisory. - Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to...

Debian DSA-5293-1 : chromium - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5293 advisory. Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. For the...

CVE-2022-4187

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2022-4187

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2022-4189

Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

CVE-2022-4189

Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

CVE-2022-4187

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2022-4189

Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

CVE-2022-4187

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Medium...

Code injection

Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

CVE-2022-4187

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Medium...

UBUNTU-CVE-2022-4189

Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

UBUNTU-CVE-2022-4187

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Medium...

Google Chrome Security Bypass Vulnerability (CNVD-2023-08260)

Google Chrome is a web browser from Google, Inc. A security bypass vulnerability exists in Google Chrome, which is caused by insufficient policy enforcement in DevTools. An attacker could exploit this vulnerability to bypass security restrictions...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome that stems from insufficient policy enforcement in DevTools. An attacker convinces users to install malicious extensions in order to bypass navigation restrictions via a crafted Chrome extension...

CVE-2022-4187

CVE-2022-4187 affects Google Chrome/DevTools on Windows prior to 108.0.5359.71, where insufficient policy enforcement in DevTools could allow a remote attacker to bypass filesystem restrictions via a crafted HTML page. The vulnerability is listed with a Chromium/Chrome Medium severity and is amon...

CVE-2022-4189

Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

PT-2022-6773 · Google · Google Chrome

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 108.0.5359.71 Description: The issue is related to an inappropriate implementation in DevTools, which allowed an attacker to bypass file access restrictions. This could be achieved by convincing a user to insta...

CVE-2022-4189

CVE-2022-4189 relates to Google Chrome/Chromium: Insufficient policy enforcement in DevTools that could let a user who installs a malicious extension bypass navigation restrictions via a crafted Chrome Extension. The issue is documented with a Medium severity (CVSS v3.1 base score 4.3) and is add...