[FREEBSD:F38D25AC-2B7A-11ED-A1EF-3065EC8FD3EC] chromium -- insufficient data validation in Mojo

Severity Critical

Affected Packages 1

CVEs 1

Chrome Releases reports:

  This release contains 1 security fix:

    [1358134] High CVE-2022-3075: Insufficient data validation in Mojo. Reported by Anonymous on 2022-08-30

  Google is aware that an exploit of CVE-2022-3075 exists in the wild.

Package	Affected Version
pkg:freebsd/chromium	< 105.0.5195.102

ID

FREEBSD:F38D25AC-2B7A-11ED-A1EF-3065EC8FD3EC

Severity

critical

Severity from

CVE-2022-3075

URL

http://vuxml.freebsd.org/freebsd/f38d25ac-2b7a-11ed-a1ef-3065ec8fd3ec.html

Published

2022-09-02T00:00:00
(2 years ago)

Modified

2022-09-03T00:00:00
(2 years ago)

Rights

FreeBSD VuXML Security Team

Other Advisories

Source	# ID	Name	URL
FreeBSD VuXML			https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:freebsd/chromium		chromium	< 105.0.5195.102

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date