CVE-2022-0101 An attacker who convinced a user to perform a specific user gesture could exploit a heap buffer overflow.
This issue was addressed by disabling the feature that let user select bookmarks via mouse gesture. We confirmed that this issue affected version before version
CVE-2022-0098 An attacker who convinced a user to perform specific user gestures can exploit heap corruption after an AF in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71.
This issue was fixed by restricting user gestures to trusted sites. After the initial release of Google Chrome, it was discovered that a race condition
CVE-2022-0097 Inappropriate implementation of DevTools in Chrome prior to 97.0.4692.71 allowed an attacker to escape the sandbox.
On systems with the devtools package installed and enabled, an unprivileged user could gain access to information from other sources in the browser via the
CVE-2022-0096 An attacker in Google Chrome before 97.0.4692.71 could exploit heap corruption after an AOF.
CVE Solution: Update to version 97.0.4689 or newer. An issue was discovered in certain configurations of Google Chrome prior to version 97.0.
CVE-2022-0557 OS Command Injection in Packagist microweber/microweber prior to 1.2.11.
It has been fixed in version 1.2.12. In older versions, attackers could inject an arbitrary command as GET or POST request parameter by
Episode
00:00:00
00:00:00