CVE-2022-0098 An attacker who convinced a user to perform specific user gestures can exploit heap corruption after an AF in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71.
This issue was fixed by restricting user gestures to trusted sites. After the initial release of Google Chrome, it was discovered that a race condition
CVE-2022-0097 Inappropriate implementation of DevTools in Chrome prior to 97.0.4692.71 allowed an attacker to escape the sandbox.
On systems with the devtools package installed and enabled, an unprivileged user could gain access to information from other sources in the browser via the
CVE-2022-0096 An attacker in Google Chrome before 97.0.4692.71 could exploit heap corruption after an AOF.
CVE Solution: Update to version 97.0.4689 or newer. An issue was discovered in certain configurations of Google Chrome prior to version 97.0.
CVE-2022-0557 OS Command Injection in Packagist microweber/microweber prior to 1.2.11.
It has been fixed in version 1.2.12. In older versions, attackers could inject an arbitrary command as GET or POST request parameter by
CVE-2022-23773 Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags as tags.
An example of this happening is if there is a feature called “vX.Y.Z” and there was a branch called “vX.Y”. An actor
Episode
00:00:00
00:00:00