CVE-2022-1308 - Understanding the "Use After Free" in Google Chrome’s BFCache (Heap Corruption on Crafted HTML Pages)
CVE-2022-1308 is a serious "use after free" vulnerability found in Google Chrome, specifically within the Back-Forward Cache (BFCache) feature, that existed up to
CVE-2022-1313 An attacker could exploit heap corruption in tab group after free to gain remote privilege.
Google released Chrome version 101, which included a patch for this issue. Web applications that process untrusted content or rely on cross-origin elements to trigger
CVE-2022-1312 An attacker who convinced a user to install a malicious extension could potentially perform a sandbox escape.
An attacker could convince a user to install a malicious extension, for example by convincing the user to visit an extension Webpage or to click
CVE-2022-1310 An after free bug in Google Chrome prior to version 100 allowed a remote attacker to exploit heap corruption.
CVE-2015-5237 was discovered in Google Chrome prior to version 40.0.2214.111. This vulnerability is known as "stale pointer vulnerability" because it
CVE-2022-1309 Malicious code could be run in a sandbox escape in Google Chrome prior to 100.0.4896.88.
This issue was addressed by improved sandboxing of data access in Chrome. In addition, app developers are advised to consider updating their application to one
Episode
00:00:00
00:00:00