CVE-2022-1135 An after free bug in Shopping Cart in Google Chrome before version 100.0.4896.60 could be abused to exploit heap corruption.
CVE-2018-6041 has been assigned to this issue. A Common Vulnerability Scoring System (CVSS) rating of 8.8 has been assigned to this vulnerability.
On October
CVE-2022-1132 Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions.
In all Google Chrome releases prior to version 69, this issue was addressed by checking the device's physical location using the new Physical
CVE-2022-1146 Inappropriate resource timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data.
CVE-2018-6051 The Resource Timing API had an insufficiently restrictive accessible document limit. This API may be used by web sites to determine how much time
CVE-2022-1139 An attacker in earlier Chrome versions could leak cross-origin data by using the Background Fetch API.
Cross-origin data leakage is a common issue in web applications where data from one origin is exposed to a script on another origin. Such data
CVE-2022-1138 Inappropriate implementation of Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to obscure the contents of the Omnibox by compromising the renderer process.
Google has assigned the highest priority to fixing this issue, and released a beta version of Chrome 70, which protects against this attack by default.
Episode
00:00:00
00:00:00