CVE-2022-2860 In Chrome prior to 104.0.5112.101, insufficient policy enforcement allowed a remote attacker to bypass cookie prefix restrictions.
This issue was fixed by updating Google Chrome to version 104.0.2.
Redirect injection via extensions in Google Chrome prior to version 104.0.
CVE-2022-3200 Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to exploit heap corruption.
This issue was addressed by ensuring that the Heap::unmap() function calls abort() on all allocated memory. Firefox was not affected because it does not
CVE-2022-3049 An malicious website can cause heap corruption on Chrome OS after after-free in Split-Screen.
This issue was addressed by disabling the rendering feature of HTML in the web view. For more information, see this Chromium issue. Lacros prior to
CVE-2022-3051 Heap buffer overflow in Exosphere in Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to perform specific UI interactions to potentially exploit heap corruption.
This issue has been fixed in current Google Chrome OS versions. Google Bug: CVE-2018-5123. Google has also confirmed that this issue is not
CVE-2022-3038 An attacker can exploit heap corruption in Google Chrome before 105.0.5195.52 to gain remote access.
Note: this issue was fixed in Google Chrome 105.0.5195.62. Users can upgrade to the latest version which fixes this issue. WebExtension users
Episode
00:00:00
00:00:00