CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0103
https://notcve.org/view.php?id=CVE-2022-0103
Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en SwiftShader en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1272266 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0102
https://notcve.org/view.php?id=CVE-2022-0102
Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en V8 en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1260129 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 1CVE-2022-0101
https://notcve.org/view.php?id=CVE-2022-0101
Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture. Un desbordamiento del búfer de la pila en Bookmarks en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto que convenciera a un usuario de llevar a cabo un gesto específico, explotar la corrupción de la pila por medio de un gesto específico del usuario • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1249426 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-0100
https://notcve.org/view.php?id=CVE-2022-0100
Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en Media streams API de Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1238209 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0099
https://notcve.org/view.php?id=CVE-2022-0099
Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture. Un uso de memoria previamente liberada en Sign-in en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto que convenciera a un usuario de llevar a cabo gestos específicos de usuario explotar potencialmente una corrupción de la pila por medio de un gesto específico de usuario • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1245629 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE • CWE-416: Use After Free •