admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-11-10 00:00:48 +00:00
parent ef658ef484
commit ca7e11bbc8
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
23 changed files with 80 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2022/39xxx/CVE-2022-39368.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "Eclipse Californium is a Java implementation of RFC7252 - Constrained Application Protocol for IoT Cloud services. In versions prior to 3.7.0, and 2.7.4, Californium is vulnerable to a Denial of Service. Failing handshakes don't cleanup counters for throttling, causing the threshold to be reached without being released again. This results in permanently dropping records. The issue was reported for certificate based handshakes, but may also affect PSK based handshakes. It generally affects client and server as well. This issue is patched in version 3.7.0 and 2.7.4. There are no known workarounds.\n\nmain: commit 726bac57659410da463dcf404b3e79a7312ac0b9 \n2.7.x: commit 5648a0c27c2c2667c98419254557a14bac2b1f3f\n"
"value": "Eclipse Californium is a Java implementation of RFC7252 - Constrained Application Protocol for IoT Cloud services. In versions prior to 3.7.0, and 2.7.4, Californium is vulnerable to a Denial of Service. Failing handshakes don't cleanup counters for throttling, causing the threshold to be reached without being released again. This results in permanently dropping records. The issue was reported for certificate based handshakes, but may also affect PSK based handshakes. It generally affects client and server as well. This issue is patched in version 3.7.0 and 2.7.4. There are no known workarounds. main: commit 726bac57659410da463dcf404b3e79a7312ac0b9 2.7.x: commit 5648a0c27c2c2667c98419254557a14bac2b1f3f"
}
]
},

14
2022/3xxx/CVE-2022-3195.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page."
"value": "Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
"version_affected": "="
}
]
}
@ -63,15 +63,15 @@
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
},
{
"url": "https://security.gentoo.org/glsa/202209-23",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202209-23"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
}
]
}

14
2022/3xxx/CVE-2022-3196.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file."
"value": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
"version_affected": "="
}
]
}
@ -63,15 +63,15 @@
"refsource": "MISC",
"name": "https://crbug.com/1358090"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
},
{
"url": "https://security.gentoo.org/glsa/202209-23",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202209-23"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
}
]
}

14
2022/3xxx/CVE-2022-3197.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file."
"value": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
"version_affected": "="
}
]
}
@ -63,15 +63,15 @@
"refsource": "MISC",
"name": "https://crbug.com/1358075"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
},
{
"url": "https://security.gentoo.org/glsa/202209-23",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202209-23"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
}
]
}

14
2022/3xxx/CVE-2022-3198.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file."
"value": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
"version_affected": "="
}
]
}
@ -63,15 +63,15 @@
"refsource": "MISC",
"name": "https://crbug.com/1355682"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
},
{
"url": "https://security.gentoo.org/glsa/202209-23",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202209-23"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
}
]
}

14
2022/3xxx/CVE-2022-3199.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
"value": "Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
"version_affected": "="
}
]
}
@ -63,15 +63,15 @@
"refsource": "MISC",
"name": "https://crbug.com/1355237"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
},
{
"url": "https://security.gentoo.org/glsa/202209-23",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202209-23"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
}
]
}

14
2022/3xxx/CVE-2022-3200.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
"value": "Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
"version_affected": "="
}
]
}
@ -63,15 +63,15 @@
"refsource": "MISC",
"name": "https://crbug.com/1355103"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
},
{
"url": "https://security.gentoo.org/glsa/202209-23",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202209-23"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
}
]
}

14
2022/3xxx/CVE-2022-3201.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page."
"value": "Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
"version_affected": "="
}
]
}
@ -63,11 +63,6 @@
"refsource": "MISC",
"name": "https://crbug.com/1343104"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
},
{
"url": "https://security.gentoo.org/glsa/202209-23",
"refsource": "MISC",
@ -82,6 +77,11 @@
"url": "https://security.gentoo.org/glsa/202210-16",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202210-16"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
}
]
}

4
2022/3xxx/CVE-2022-3305.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"
"value": "Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3306.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"
"value": "Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3307.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"
"value": "Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3308.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Insufficient policy enforcement in developer tools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chrome security severity: Medium)"
"value": "Insufficient policy enforcement in developer tools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3309.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use after free in assistant in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via specific UI gestures. (Chrome security severity: Medium)"
"value": "Use after free in assistant in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: Medium)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3310.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. (Chrome security severity: Medium)"
"value": "Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. (Chromium security severity: Medium)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3311.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use after free in import in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chrome security severity: Medium)"
"value": "Use after free in import in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3312.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. (Chrome security severity: Medium)"
"value": "Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. (Chromium security severity: Medium)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3313.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Incorrect security UI in full screen in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chrome security severity: Medium)"
"value": "Incorrect security UI in full screen in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3314.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use after free in logging in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chrome security severity: Medium)"
"value": "Use after free in logging in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3315.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Type confusion in Blink in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: Low)"
"value": "Type confusion in Blink in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3316.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass security feature via a crafted HTML page. (Chrome security severity: Low)"
"value": "Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass security feature via a crafted HTML page. (Chromium security severity: Low)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3317.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 106.0.5249.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chrome security severity: Low)"
"value": "Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 106.0.5249.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3318.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption via UI interaction. (Chrome security severity: Low)"
"value": "Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption via UI interaction. (Chromium security severity: Low)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "106.0.5249.62",
"version_affected": "<"
"version_affected": "="
}
]
}

4
2022/3xxx/CVE-2022-3888.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)"
"value": "Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
@ -40,7 +40,7 @@
"version_data": [
{
"version_value": "107.0.5304.106",
"version_affected": "<"
"version_affected": "="
}
]
}