CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-0098
https://notcve.org/view.php?id=CVE-2022-0098
Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures. Un uso de memoria previamente liberada en Screen Capture en Google Chrome en Chrome OS versiones anteriores a 97.0.4692.71, permitía a un atacante que convencía a un usuario de llevar a cabo gestos de usuario específicos explotar potencialmente una corrupción de pila por medio de gestos de usuario específicos • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1273609 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0097
https://notcve.org/view.php?id=CVE-2022-0097
Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page. Una implementación inapropiada en DevTools en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante que convencía a un usuario de instalar una extensión maliciosa permitir potencialmente que la extensión escapara del sandbox por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1117173 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-0096
https://notcve.org/view.php?id=CVE-2022-0096
Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Storage en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1275020 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE • CWE-416: Use After Free •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0CVE-2021-4102 – Google Chromium V8 Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-4102
Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en V8 en Google Chrome versiones anteriores a 96.0.4664.110, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera. • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html https://crbug.com/1278387 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-4101
https://notcve.org/view.php?id=CVE-2021-4101
Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en Swiftshader en Google Chrome versiones anteriores a 96.0.4664.110, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html https://crbug.com/1262080 • CWE-787: Out-of-bounds Write •