CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0102
https://notcve.org/view.php?id=CVE-2022-0102
Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en V8 en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1260129 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 1CVE-2022-0101
https://notcve.org/view.php?id=CVE-2022-0101
Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture. Un desbordamiento del búfer de la pila en Bookmarks en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto que convenciera a un usuario de llevar a cabo un gesto específico, explotar la corrupción de la pila por medio de un gesto específico del usuario • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1249426 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-0100
https://notcve.org/view.php?id=CVE-2022-0100
Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en Media streams API de Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1238209 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0099
https://notcve.org/view.php?id=CVE-2022-0099
Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture. Un uso de memoria previamente liberada en Sign-in en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto que convenciera a un usuario de llevar a cabo gestos específicos de usuario explotar potencialmente una corrupción de la pila por medio de un gesto específico de usuario • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1245629 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-0098
https://notcve.org/view.php?id=CVE-2022-0098
Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures. Un uso de memoria previamente liberada en Screen Capture en Google Chrome en Chrome OS versiones anteriores a 97.0.4692.71, permitía a un atacante que convencía a un usuario de llevar a cabo gestos de usuario específicos explotar potencialmente una corrupción de pila por medio de gestos de usuario específicos • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1273609 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE • CWE-416: Use After Free •