CVE-2022-3050 Heap buffer overflow in WebUI in Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to exploit heap corruption.
CVE-2018-5602 has been assigned to this issue. Google confirmed this vulnerability was limited to privileged users who had full control of the browser, rather than
CVE-2022-3045 V8's validation of untrusted input was insufficient in Google Chrome prior to 105.0.5195.52. This could lead to heap corruption.
CVE-2018-6063: A remote code execution vulnerability in Blink/Webkit components was fixed in V8 in Google Chrome OS prior to 69.0.3497.81. The
CVE-2022-3043 Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to exploit heap corruption if they convinced a user to engage in specific UI interactions.
It was reported that this issue did not occur in the staging environment due to changes implemented since the last release. A user had to
CVE-2022-3041 An attacker can exploit heap corruption in WebSQL in Google Chrome 105.0.5195.52 to gain remote access.
This issue has been fixed. The CVSS score is 7.4. Details For reference, these are the criteria that a vulnerability must meet to be
CVE-2022-2860 In Chrome prior to 104.0.5112.101, insufficient policy enforcement allowed a remote attacker to bypass cookie prefix restrictions.
This issue was fixed by updating Google Chrome to version 104.0.2.
Redirect injection via extensions in Google Chrome prior to version 104.0.
Episode
00:00:00
00:00:00