Google Chrome < 120.0.6099.199 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 120.0.6099.199. It is, therefore, affected by multiple vulnerabilities as referenced in the 202401stable-channel-update-for-desktop advisory. - Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a...

Rocky Linux 8 : firefox (RLSA-2022:0818)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0818 advisory. - xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certa...

Google Chrome 115.0.5790.102 Memory Corruption

/ Google Chrome WebGPU Memory Corruption Author: Jean Pereira Released: 2023/06/25 Vendor: https://www.google.com Software: https://www.google.com/chrome/ Tested with version: 115.0.5790.102 latest version / navigator.gpu.requestAdapter.thena = a.requestDevice.thend = const b = d.createBuffer...

OESA-2023-1310 webkit2gtk3 security update

WebKitGTK is a full-featured port of the WebKit rendering engine,suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. This package contains WebKit2 based WebKitGTK+ for GTK+ 3. Security Fixes: A use after free vulnerability w...

OESA-2023-1309 webkit2gtk3 security update

WebKitGTK is a full-featured port of the WebKit rendering engine,suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. This package contains WebKit2 based WebKitGTK+ for GTK+ 3. Security Fixes: A use after free vulnerability w...

CVE-2023-32409

A flaw was found in the WebGPU, part of the Webkit project. This flaw allows a remote attacker to break out of the Web Content sandbox...

Google Chrome Security Update (stable-channel-update-for-desktop_21-2021-09) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

SUSE CVE-2021-37957

Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SUSE CVE-2022-1483

Heap buffer overflow in WebGPU in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

SUSE CVE-2022-2007

Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SUSE CVE-2022-26486

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...

DEBIAN-CVE-2022-26486

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...

CVE-2022-26486

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...

CVE-2022-26486

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...

Design/Logic Flaw

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...

CVE-2022-26486

CVE-2022-26486 describes a use-after-free in the WebGPU IPC framework leading to a sandbox escape. Affected products and versions (per connected docs): Firefox &lt; 97.0.2; Firefox ESR &lt; 91.6.1; Firefox for Android &lt; 97.3.0; Thunderbird &lt; 91.6.2; Focus

CVE-2022-26486

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...

CVE-2022-26486

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...

CVE-2022-26486

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...

CVE-2022-26486

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...