Chromium: CVE-2022-1497 Inappropriate implementation in Input

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Debian DSA-5120-1 : chromium - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5120 advisory. Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. For the...

Updated chromium-browser-stable packages fix security vulnerability

The chromium-browser-stable package has been updated to the 100.0.4896.127 version, fixing many CVE, along with fixes from the 100.0.4896.75 and 100.0.4896.88 versions. Google is aware that an exploit for CVE-2022-1364 exists in the wild. 1315901 High CVE-2022-1364: Type Confusion in V8. Reported...

Microsoft Edge (Chromium) < 100.0.1185.44 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 100.0.1185.44. It is, therefore, affected by multiple vulnerabilities as referenced in the April 15, 2022 advisory. - Use after free in tab groups in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to...

FreeBSD : Chromium -- mulitple vulnerabilities (b582a85a-ba4a-11ec-8d1e-3065ec8fd3ec)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the b582a85a-ba4a-11ec-8d1e-3065ec8fd3ec advisory. - Use after free in tab groups in Google Chrome prior to 100.0.4896.88 allowed a remote attack...

MGASA-2022-0130 Updated chromium-browser-stable packages fix security vulnerability

Use after free in Portals. CVE-2022-1125 Use after free in QR Code Generator. CVE-2022-1127 Inappropriate implementation in Web Share API. CVE-2022-1128 Inappropriate implementation in Full Screen Mode. CVE-2022-1129 Insufficient validation of untrusted input in WebOTP. CVE-2022-1130 Use after fr...

CVE-2022-0803

Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox URL bar via a crafted HTML page...

Hardcoded credentials

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-0807

Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

CVE-2022-0466

Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page...

CVE-2022-0466

Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page...

CVE-2022-0462

CVE-2022-0462 involves Google Chrome (Chromium-based) where an inappropriate implementation in Scroll could allow a remote attacker to leak cross-origin data via a crafted HTML page, affecting versions prior to 98.0.4758.80. The issue was addressed in Chrome 98.0.4758.80/98.0.4758.81/98.0.4758.82...

CVE-2022-0462

Inappropriate implementation in Scroll in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2022-0455

Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 98.0.4758.80 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-0804

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-0802

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-0610

Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Inappropriate Implementation

chromium is vulnerable to Inappropriate implementation.The vulnerability exist in Extensions in the library, which allows an attacker to convince user to install a malicious extension to leak potentially sensitive information via a crafted HTML page...

Business Logic Flaws

chromium is vulnerable to business logic flaws. The vulnerability exists due to inappropriate implementation in Virtual Keyboard which allows an attacker to perform unwanted actions...

Chromium: CVE-2022-1137 Inappropriate implementation in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...