CVE-2022-1138 Inappropriate implementation of Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to obscure the contents of the Omnibox by compromising the renderer process.
Google has assigned the highest priority to fixing this issue, and released a beta version of Chrome 70, which protects against this attack by default.
CVE-2022-1145 An attacker who convinced a user to install a malicious extension could exploit heap corruption after specific user interaction.
Google upgraded the extension registration flow in this version to mitigate this issue by requiring extensions to be signed with a known certificate. Google recommend
CVE-2022-1096 An attacker could exploit heap corruption in V8 on Google Chrome before 99.0.4844.84 to conduct a remote attack.
This issue was addressed by improved validation. A remote attacker could host a malicious website that could exploit this issue via a crafted HTML page.
CVE-2022-0980 An attacker who convinced a user to install a malicious extension could exploit heap corruption on the New Tab Page.
This issue has been fixed. After upgrading to Google Chrome 80, users must update all extensions to ensure they receive patch updates.
CVE-2018-6148
CVE-2022-0979 An attacker who convinced a user to do a specific action could exploit heap corruption in Google Chrome on Android prior to version 99.0.4844.74.
Google announced the launch of the April 2018 update for Chrome on Android. It is recommended to update to the latest version. Google announced the
Episode
00:00:00
00:00:00