Astra Linux - уязвимость в chromium

The use of the after-free operation in the Webstore API in Google Chrome before version 98.0.4758.102 allowed attackers to exploit heap corruption by using a crafted HTML page. This was possible if an attacker convinced a user to install a malicious extension and compelled the user to perform...

Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud aka Sha1-Hulud supply chain outbreak in November 2025 was likely responsible for the hack of its Google Chrome extension, ultimately resulting in the theft of approximately $8.5 million in assets. "Our Developer GitHub...

EUVD-2022-15709

Malicious code in bioql PyPI...

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

DEBIAN-CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

Design/Logic Flaw

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-0605

CVE-2022-0605 is a Chrome/Chromium vulnerability: a use-after-free in the Webstore API prior to 98.0.4758.102 could allow heap corruption when a user is convinced to install a malicious extension and to engage in specific interactions. The issue was addressed in the Chrome 98.0.4758.102 release. ...

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

openSUSE 15 Security Update : chromium (openSUSE-SU-2022:0042-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0042-1 advisory. - Use after free in File Manager. CVE-2022-0603 - Heap buffer overflow in Tab Groups. CVE-2022-0604 - Use after free in Webstore API...

Use After Free

Google Chrome is vulnerable to use after free. The vulnerability exists in Webstore API which allows an attacker to cause a memory corruption...

Chromium: CVE-2022-0605 Use after free in Webstore API

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Google Chrome Webstore API Code Execution Vulnerability

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in the Google Chrome Webstore API, which can be exploited by remote attackers to execute arbitrary code on a system or cause a denial of service condition...

Chrome Zero-Day Under Active Attack: Patch ASAP

Google on Monday issued 11 security fixes for its Chrome browser, including a high-severity zero-day bug that’s actively being jumped on by attackers in the wild. In a brief update, Google described the weakness, tracked as CVE-2022-0609, as a use-after-free vulnerability in Chrome’s Animation...

New Chrome 0-Day Bug Under Active Attack – Update Your Browser ASAP!

Google on Monday rolled out fixes for eight security issues in the Chrome web browser, including a high-severity vulnerability that's being actively exploited in real-world attacks, marking the first zero-day patched by the internet giant in 2022. The shortcoming, tracked CVE-2022-0609, is...

FreeBSD : chromium -- multiple vulnerabilities (e12432af-8e73-11ec-8bc4-3065ec8fd3ec)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e12432af-8e73-11ec-8bc4-3065ec8fd3ec advisory. - Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed ...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 11 security fixes, including: 1290008 High CVE-2022-0603: Use after free in File Manager. Reported by Chaoyuan Peng @ret2happy on 2022-01-22 1273397 High CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace on 2021-11-24 1286940 High...