[FREEBSD:18529CB0-3E9C-11ED-9BC7-3065EC8FD3EC] chromium -- multiple vulnerabilities
Severity
High
Affected Packages
1
CVEs
16
Chrome Releases reports:
This release contains 20 security fixes, including:
[1358907] High CVE-2022-3304: Use after free in CSS. Reported by Anonymous on 2022-09-01
[1343104] High CVE-2022-3201: Insufficient validation of untrusted input in Developer Tools. Reported by NDevTK on 2022-07-09
[1319229] High CVE-2022-3305: Use after free in Survey. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-24
[1320139] High CVE-2022-3306: Use after free in Survey. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-27
[1323488] High CVE-2022-3307: Use after free in Media. Reported by Anonymous Telecommunications Corp. Ltd. on 2022-05-08
[1342722] Medium CVE-2022-3308: Insufficient policy enforcement in Developer Tools. Reported by Andrea Cappa (zi0Black) @ Shielder on 2022-07-08
[1348415] Medium CVE-2022-3309: Use after free in Assistant. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab on 2022-07-29
[1240065] Medium CVE-2022-3310: Insufficient policy enforcement in Custom Tabs. Reported by Ashwin Agrawal from Optus, Sydney on 2021-08-16
[1302813] Medium CVE-2022-3311: Use after free in Import. Reported by Samet Bekmezci @sametbekmezci on 2022-03-04
[1303306] Medium CVE-2022-3312: Insufficient validation of untrusted input in VPN. Reported by Andr.Ess on 2022-03-06
[1317904] Medium CVE-2022-3313: Incorrect security UI in Full Screen. Reported by Irvan Kurniawan (sourc7) on 2022-04-20
[1328708] Medium CVE-2022-3314: Use after free in Logging. Reported by Anonymous on 2022-05-24
[1322812] Medium CVE-2022-3315: Type confusion in Blink. Reported by Anonymous on 2022-05-05
[1333623] Low CVE-2022-3316: Insufficient validation of untrusted input in Safe Browsing. Reported by Sven Dysthe (@svn_dy) on 2022-06-07
[1300539] Low CVE-2022-3317: Insufficient validation of untrusted input in Intents. Reported by Hafiizh on 2022-02-24
[1318791] Low CVE-2022-3318: Use after free in ChromeOS Notifications. Reported by GraVity0 on 2022-04-22
Package | Affected Version |
---|---|
pkg:freebsd/chromium | < 106.0.5249.61 |
- ID
- FREEBSD:18529CB0-3E9C-11ED-9BC7-3065EC8FD3EC
- Severity
- high
- Severity from
- CVE-2022-3304
- URL
- http://vuxml.freebsd.org/freebsd/18529cb0-3e9c-11ed-9bc7-3065ec8fd3ec.html
- Published
-
2022-09-27T00:00:00
(2 years ago) - Modified
-
2022-09-27T00:00:00
(2 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
- ALPINE:CVE-2022-3201
- ALPINE:CVE-2022-3304
- DSA-5230-1
- DSA-5244-1
- FEDORA-2022-3ca063941b
- FEDORA-2022-3f28aa88cf
- FEDORA-2022-b49c9bc07a
- FREEBSD:B59847E0-346D-11ED-8FE9-3065EC8FD3EC
- GLSA-202209-23
- GLSA-202210-16
- GLSA-202311-11
- MS:CVE-2022-3304
- MS:CVE-2022-3307
- MS:CVE-2022-3308
- MS:CVE-2022-3310
- MS:CVE-2022-3311
- MS:CVE-2022-3313
- MS:CVE-2022-3315
- MS:CVE-2022-3316
- MS:CVE-2022-3317
- openSUSE-SU-2023:0115-1
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/chromium | chromium | < 106.0.5249.61 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |