8 matches found
Fedora: Security Advisory for chromium (FEDORA-2022-3f28aa88cf)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-2617
Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions...
CVE-2022-2617
CVE-2022-2617 affects Google Chrome/Chromium via a Use-after-Free in the Extensions API prior to 104.0.5112.79, enabling a user-assisted heap corruption path when a malicious extension is installed. Public updates exist: Debian fixes Chromium to 104.0.5112.79-1~deb11u1; Fedora/GLSA advisories sho...
CVE-2022-2617
Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions...
Updated chromium-browser-stable packages fix security vulnerability
1325699 High CVE-2022-2603: Use after free in Omnibox. Reported by Anonymous on 2022-05-16 1335316 High CVE-2022-2604: Use after free in Safe Browsing. Reported by Nan Wang@eternalsakura13 and Guang Gong of 360 Alpha Lab on 2022-06-10 1338470 High CVE-2022-2605: Out of bounds read in Dawn. Report...
MGASA-2022-0277 Updated chromium-browser-stable packages fix security vulnerability
1325699 High CVE-2022-2603: Use after free in Omnibox. Reported by Anonymous on 2022-05-16 1335316 High CVE-2022-2604: Use after free in Safe Browsing. Reported by Nan Wang@eternalsakura13 and Guang Gong of 360 Alpha Lab on 2022-06-10 1338470 High CVE-2022-2605: Out of bounds read in Dawn. Report...
Chromium: CVE-2022-2617 Use after free in Extensions API
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Cross-site Scripting in Jenkins CRX Content Package Deployer Plugin
Jenkins CRX Content Package Deployer Plugin 1.9 and earlier does not escape the name and description of CRX Content Package Choice parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...