CVE-2022-1861 - Understanding the Use-After-Free Vulnerability in Google Chrome OS Sharing (With Example Exploit)
In mid-2022, a significant security flaw (CVE-2022-1861) was discovered and disclosed in Google Chrome running on Chrome OS systems, up to version
CVE-2022-1876 Heap buffer overflow in DevTools could be exploited via a malicious extension.
Chrome DevTools was updated to version 6.0.600.0 and now includes a new feature called Chrome Debugger that enables debugging of extension code.
CVE-2022-1868 An attacker could bypass navigation restrictions in Google Chrome if they convinced a user to install a malicious extension.
If you have installed a malicious extension or have a compromised device, an attacker could potentially trick you into visiting a specifically crafted website, causing
CVE-2022-1854 An attacker can exploit heap corruption in Google Chrome to hijack browser sessions.
CVE-2015-1240 was discovered in Google V8, a highly-optimized JavaScript engine. By crafting synthetic input and injecting code into the memory, an attacker
CVE-2022-1869 Confusion in V8 allowed a remote attacker to exploit heap corruption.
This issue did not affect most users, as the browser tried to prevent this by performing strict type enforcement. However, since the type system was
Episode
00:00:00
00:00:00