CVE-2022-2861 The Extensions API in Google Chrome prior to 104.0.5112.101 allowed attackers to inject scripts into WebUI.
An attacker could use this to inject content into WebUI, such as a phishing form, or execute arbitrary code. Google Chrome prior to 105.0.
CVE-2022-3050 Heap buffer overflow in WebUI in Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to exploit heap corruption.
CVE-2018-5602 has been assigned to this issue. Google confirmed this vulnerability was limited to privileged users who had full control of the browser,
CVE-2022-3045 V8's validation of untrusted input was insufficient in Google Chrome prior to 105.0.5195.52. This could lead to heap corruption.
CVE-2018-6063: A remote code execution vulnerability in Blink/Webkit components was fixed in V8 in Google Chrome OS prior to 69.0.3497.
CVE-2022-3043 Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to exploit heap corruption if they convinced a user to engage in specific UI interactions.
It was reported that this issue did not occur in the staging environment due to changes implemented since the last release. A user had to
CVE-2022-3041 An attacker can exploit heap corruption in WebSQL in Google Chrome 105.0.5195.52 to gain remote access.
This issue has been fixed. The CVSS score is 7.4. Details For reference, these are the criteria that a vulnerability must meet to be
Episode
00:00:00
00:00:00