CVE-2022-2481 After free attack in Views in 103.0.5060.134 allowed a remote attacker to exploit heap corruption.

CVE-2022-2481 After free attack in Views in 103.0.5060.134 allowed a remote attacker to exploit heap corruption.

CVE-2016-5124 When WebExtensions are installed on Google Chrome prior to 103.0.5060.135, they can overwrite the extension's search path value, allowing attackers to inject malicious extensions into the context via a crafted extension. An attacker who convinced a user to install a malicious extension could leverage this to potentially execute code with the privileges of the extension's process via user interaction.

CVE-2016-5125 When WebExtensions are installed on Google Chrome prior to 103.0.5060.135, they can be installed to a location that can be accessed by the user, which can allow attackers to inject malicious extensions into the context via a crafted extension. An attacker who convinced a user to install a malicious extension could leverage this to potentially execute code with the privileges of the extension's process via user interaction.

CVE-2016-5126 When WebExtensions are installed on Google Chrome prior to 103.0.5060.135, they can be installed to a location that can be accessed by the user, which can allow attackers to inject malicious extensions into the context via a crafted extension. An attacker who convinced a user to install a malicious extension could leverage this to potentially execute code with the privileges of the extension's process via user interaction.

CVE-2016-5127 When WebExtensions are installed on Google Chrome prior to 103.0.5060.135, they can be installed to a location that can be accessed by the user

FAQ

Q: What is WebExtensions?
A: WebExtensions are a set of APIs that allow developers to build browser extensions for the web. They were introduced in Google Chrome version 57 in 2016.

^~\What is the Google Chrome nowiki >


Google Chrome is an open-source web browser developed by Google and deployed worldwide. The browser's user interface is based on the Blink layout engine, a fork of WebKit. Chrome includes an ad-blocker, as of 2017, it had been downloaded more than 650 million times. As of April 2019, Chrome had about 63% market share across platforms.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe