admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Chrome CVEs September 2022.

Browse Source
This commit is contained in:
Adrian Taylor 2022-09-26 07:50:34 -07:00
parent d590bf6b48
commit e4407aa237
No known key found for this signature in database
GPG Key ID: 7C68C8AF6B042644
41 changed files with 1968 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
2022/2xxx/CVE-2022-2852.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-2852", "ID": "CVE-2022-2852",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "104.0.5112.101",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1349322"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/2xxx/CVE-2022-2853.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-2853", "ID": "CVE-2022-2853",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "104.0.5112.101",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1350097"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/2xxx/CVE-2022-2854.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-2854", "ID": "CVE-2022-2854",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "104.0.5112.101",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1337538"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/2xxx/CVE-2022-2855.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-2855", "ID": "CVE-2022-2855",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "104.0.5112.101",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1345042"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/2xxx/CVE-2022-2856.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-2856", "ID": "CVE-2022-2856",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "104.0.5112.101",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient validation of untrusted input"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1345630"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page."
} }
] ]
} }

51
2022/2xxx/CVE-2022-2857.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-2857", "ID": "CVE-2022-2857",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "104.0.5112.101",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1338135"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/2xxx/CVE-2022-2858.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-2858", "ID": "CVE-2022-2858",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "104.0.5112.101",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1341918"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction."
} }
] ]
} }

51
2022/2xxx/CVE-2022-2859.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-2859", "ID": "CVE-2022-2859",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "104.0.5112.101",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1338412"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions."
} }
] ]
} }

51
2022/2xxx/CVE-2022-2860.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-2860", "ID": "CVE-2022-2860",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "104.0.5112.101",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1345193"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions via a crafted HTML page."
} }
] ]
} }

51
2022/2xxx/CVE-2022-2861.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-2861", "ID": "CVE-2022-2861",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "104.0.5112.101",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1346236"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts into WebUI via a crafted HTML page."
} }
] ]
} }

51
2022/2xxx/CVE-2022-2998.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-2998", "ID": "CVE-2022-2998",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "104.0.5112.101",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1329794"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3038.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3038", "ID": "CVE-2022-3038",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1340253"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3039.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3039", "ID": "CVE-2022-3039",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1343348"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3040.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3040", "ID": "CVE-2022-3040",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1341539"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3041.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3041", "ID": "CVE-2022-3041",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1345947"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3042.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3042", "ID": "CVE-2022-3042",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1338553"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3043.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3043", "ID": "CVE-2022-3043",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1336979"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3044.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3044", "ID": "CVE-2022-3044",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1051198"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Inappropriate implementation in Site Isolation in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3045.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3045", "ID": "CVE-2022-3045",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient validation of untrusted input"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1339648"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3046.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3046", "ID": "CVE-2022-3046",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1346245"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3047.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3047", "ID": "CVE-2022-3047",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1342586"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3048.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3048", "ID": "CVE-2022-3048",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1303308"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3049.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3049", "ID": "CVE-2022-3049",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1316892"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3050.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3050", "ID": "CVE-2022-3050",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1337132"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3051.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3051", "ID": "CVE-2022-3051",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1345245"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3052.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3052", "ID": "CVE-2022-3052",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1346154"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3053.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3053", "ID": "CVE-2022-3053",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1267867"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a remote attacker to restrict user navigation via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3054.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3054", "ID": "CVE-2022-3054",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1290236"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficient policy enforcement in DevTools in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3055.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3055", "ID": "CVE-2022-3055",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1351969"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3056.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3056", "ID": "CVE-2022-3056",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient policy enforcement"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1329460"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to bypass content security policy via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3057.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3057", "ID": "CVE-2022-3057",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Inappropriate implementation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1336904"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Inappropriate implementation in iframe Sandbox in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3058.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3058", "ID": "CVE-2022-3058",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1337676"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3071.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3071", "ID": "CVE-2022-3071",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.52",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1333995"
},
{
"url": "https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3075.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3075", "ID": "CVE-2022-3075",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.102",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient data validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1358134"
},
{
"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3195.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3195", "ID": "CVE-2022-3195",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of bounds write"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1358381"
},
{
"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3196.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3196", "ID": "CVE-2022-3196",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1358090"
},
{
"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3197.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3197", "ID": "CVE-2022-3197",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1358075"
},
{
"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3198.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3198", "ID": "CVE-2022-3198",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1355682"
},
{
"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3199.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3199", "ID": "CVE-2022-3199",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1355237"
},
{
"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3200.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3200", "ID": "CVE-2022-3200",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1355103"
},
{
"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} }
] ]
} }

51
2022/3xxx/CVE-2022-3201.json
View File

@ -4,14 +4,59 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-3201", "ID": "CVE-2022-3201",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "chrome-cve-admin@google.com"
"STATE": "RESERVED" },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "105.0.5195.125",
"version_affected": "<"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insufficient validation of untrusted input"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://crbug.com/1343104"
},
{
"url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page."
} }
] ]
} }