CVE-2022-1129 Inappropriate implementation in Google Chrome on Android before 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox.
This issue was addressed by disabling Full Screen in Google Chrome on Android prior to version 100.0.4896.60. Google Chrome prior to version
CVE-2022-1137 Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker to leak sensitive information if they convinced a user to install a malicious extension.
An attacker could use extensions to send data to a remote server or to execute arbitrary code with the privileges of the user running the
CVE-2022-1136 In Google Chrome before version 100, an attacker could exploit after free heap corruption by convincing a user to install a malicious extension.
Google received a small number of reports confirmed that these issues are resolved in this release. In the future, we will release browser updates via
CVE-2022-1135 An after free bug in Shopping Cart in Google Chrome before version 100.0.4896.60 could be abused to exploit heap corruption.
CVE-2018-6041 has been assigned to this issue. A Common Vulnerability Scoring System (CVSS) rating of 8.8 has been assigned to this vulnerability.
On October
CVE-2022-1132 Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions.
In all Google Chrome releases prior to version 69, this issue was addressed by checking the device's physical location using the new Physical
Episode
00:00:00
00:00:00