CVE-2022-1132 Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions.
In all Google Chrome releases prior to version 69, this issue was addressed by checking the device's physical location using the new Physical
CVE-2022-1139 An attacker in earlier Chrome versions could leak cross-origin data by using the Background Fetch API.
Cross-origin data leakage is a common issue in web applications where data from one origin is exposed to a script on another origin. Such data
CVE-2022-0980 An attacker who convinced a user to install a malicious extension could exploit heap corruption on the New Tab Page.
This issue has been fixed. After upgrading to Google Chrome 80, users must update all extensions to ensure they receive patch updates.
CVE-2018-6148 In Google
CVE-2022-0976 Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to exploit heap corruption.
This issue was addressed by updating to Google Chrome version 99.0.4844.75.
This issue has been fixed in Chromium version v66.0.3359.
CVE-2022-0972 An attacker who convinces a user to install a malicious extension can exploit heap corruption in Chrome.
This issue was addressed by restricting the permissions of extensions installed through the Chrome Web Store. Red Hat Enterprise Linux 7 provides mitigations against a
Episode
00:00:00
00:00:00