7 matches found
CVE-2026-14014
CVE-2026-14014 corresponds to an insufficiently robust Paint implementation in Google Chrome that allows UI spoofing via a crafted HTML page. Affected product: Google Chrome (Paint component); root cause: inappropriate implementation in Paint prior to version 150.0.7871.47. Impact is UI spoofing ...
CVE-2026-13988
Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-11142
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11142
CVE-2026-11142 affects Google Chrome (Chromium-based) via insufficient policy enforcement in Paint, allowing a remote attacker to bypass the same-origin policy through a crafted HTML page. The issue originates in Chromium/Paint handling and is associated with a fix in Chrome’s 149.0.7827.53 timef...
CVE-2026-11139
Inappropriate implementation in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-4025
Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. Chrome security severity: Low...
UBUNTU-CVE-2022-4025
Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. Chrome security severity: Low...