Action not permitted
Modal body text goes here.
CVE-2022-1096
Vulnerability from cvelistv5
▼ | URL | Tags | |
---|---|---|---|
chrome-cve-admin@google.com | https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html | Release Notes, Vendor Advisory | |
chrome-cve-admin@google.com | https://crbug.com/1309225 | Permissions Required, Vendor Advisory | |
chrome-cve-admin@google.com | https://security.gentoo.org/glsa/202208-25 | Third Party Advisory |
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2022-03-28
Due date: 2022-04-18
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://nvd.nist.gov/vuln/detail/CVE-2022-1096
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T23:55:22.817Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://crbug.com/1309225" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html" }, { "name": "GLSA-202208-25", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202208-25" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Chrome", "vendor": "Google", "versions": [ { "lessThan": "99.0.4844.84", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ], "problemTypes": [ { "descriptions": [ { "description": "Type Confusion", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-14T21:12:16", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://crbug.com/1309225" }, { "tags": [ "x_refsource_MISC" ], "url": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html" }, { "name": "GLSA-202208-25", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202208-25" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "chrome-cve-admin@google.com", "ID": "CVE-2022-1096", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Chrome", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "99.0.4844.84" } ] } } ] }, "vendor_name": "Google" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Type Confusion" } ] } ] }, "references": { "reference_data": [ { "name": "https://crbug.com/1309225", "refsource": "MISC", "url": "https://crbug.com/1309225" }, { "name": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html", "refsource": "MISC", "url": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html" }, { "name": "GLSA-202208-25", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-25" } ] } } } }, "cveMetadata": { "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2022-1096", "datePublished": "2022-07-22T23:35:35", "dateReserved": "2022-03-25T00:00:00", "dateUpdated": "2024-08-02T23:55:22.817Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "cisa_known_exploited": { "cveID": "CVE-2022-1096", "cwes": "[\"CWE-843\"]", "dateAdded": "2022-03-28", "dueDate": "2022-04-18", "knownRansomwareCampaignUse": "Unknown", "notes": "https://nvd.nist.gov/vuln/detail/CVE-2022-1096", "product": "Chromium V8", "requiredAction": "Apply updates per vendor instructions.", "shortDescription": "Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.", "vendorProject": "Google", "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability" }, "nvd": "{\"cve\":{\"id\":\"CVE-2022-1096\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2022-07-23T00:15:08.333\",\"lastModified\":\"2022-10-27T22:50:00.437\",\"vulnStatus\":\"Analyzed\",\"cisaExploitAdd\":\"2022-03-28\",\"cisaActionDue\":\"2022-04-18\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Google Chromium V8 Type Confusion Vulnerability\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\"},{\"lang\":\"es\",\"value\":\"Una confusi\u00f3n de tipo en V8 en Google Chrome versiones anteriores a 99.0.4844.84, permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n de la pila por medio de una p\u00e1gina HTML dise\u00f1ada\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-843\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"99.0.4844.84\",\"matchCriteriaId\":\"26358BA3-D84F-4EE3-B035-61D72923FA0C\"}]}]}],\"references\":[{\"url\":\"https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1309225\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202208-25\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
icsa-22-209-01
Vulnerability from csaf_cisa
Notes
{ "document": { "acknowledgments": [ { "organization": "Rockwell Automation", "summary": "reporting this vulnerability to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "general", "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", "title": "CISA Disclaimer" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of this vulnerability could cause a denial-of-service condition.", "title": "Risk evaluation" }, { "category": "other", "text": "Multiple", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "United States", "title": "Company headquarters location" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "This vulnerability is not exploitable remotely.", "title": "Recommended Practices" } ], "publisher": { "category": "coordinator", "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-22-209-01 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-209-01.json" }, { "category": "self", "summary": "ICS Advisory ICSA-22-209-01 Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-209-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-209-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" } ], "title": "Rockwell Products Impacted by Chromium Type Confusion", "tracking": { "current_release_date": "2022-07-28T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-22-209-01", "initial_release_date": "2022-07-28T00:00:00.000000Z", "revision_history": [ { "date": "2022-07-28T00:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Publication Date" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "11 | 12 | 13 | 20", "product": { "name": "Connected Components Workbench software: Versions 11 12 13 and 20", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "Connected Components Workbench software" }, { "branches": [ { "category": "product_version", "name": "1.001", "product": { "name": "Enhanced HIM (eHIM) for PowerFlex 6000T: Version 1.001", "product_id": "CSAFPID-0002" } } ], "category": "product_name", "name": "Enhanced HIM (eHIM) for PowerFlex 6000T" }, { "branches": [ { "category": "product_version", "name": "6.20 | 6.21 | 6.30", "product": { "name": "FactoryTalk Linx Enterprise software: Versions 6.20 6.21 and 6.30", "product_id": "CSAFPID-0003" } } ], "category": "product_name", "name": "FactoryTalk Linx Enterprise software" }, { "branches": [ { "category": "product_version", "name": "13", "product": { "name": "FactoryTalk View Site Edition: Version 13", "product_id": "CSAFPID-0004" } } ], "category": "product_name", "name": "FactoryTalk View Site Edition" } ], "category": "vendor", "name": "Rockwell Automation" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-1096", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)" }, "notes": [ { "category": "summary", "text": "Rockwell Automation has been made aware of a third-party vulnerability present in multiple vendor components currently in use. Due to how Rockwell Automation uses the Chromium web browser, exploitation of this vulnerability may cause the affected products to become temporarily unavailable. As a result, the CVSS Score was adjusted to reflect how this vulnerability affects these Rockwell products.CVE-2022-1096 has been assigned to this vulnerability. A CVSS v3 base score of 4.0 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "references": [ { "category": "external", "summary": "web.nvd.nist.gov", "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1096" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "remediations": [ { "category": "vendor_fix", "details": "Users currently utilizing the FactoryTalk View Site Edition should avoid using the web browser control if it is not required for the intended use of the product.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "vendor_fix", "details": "Users currently utilizing the FactoryTalk View Site Edition web browser can manually download and apply the updated version of WebView2 by performing these recommended actions:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ], "url": "https://compatibility.rockwellautomation.com/Pages/Home.aspx" }, { "category": "mitigation", "details": "Replace the Microsoft WebView2 file in the C:\\Program Files (x86)\\Rockwell Software\\RS View Enterprise\\Microsoft.WebView2.FixedVersionRuntime directory by copying and pasting the new version of the software into the folder.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "mitigation", "details": "Users should be sure to not remove the contents of the folder before pasting the new file.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "mitigation", "details": "Users currently utilizing Enhanced HIM (eHIM) for Power Flex 6000T drives should perform the following recommended actions to address the vulnerability:", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "mitigation", "details": "Update the Microsoft Edge browser to Version 99.0.1150 or later.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "mitigation", "details": "Apply the update for eHIM when made available.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "mitigation", "details": "If applying the mitigations noted above is not feasible, then see Rockwell Automation\u0027s Knowledgebase article, Security Best Practices (login required), for additional recommendations for maintaining adequate environment security posture.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ], "url": "https://rockwellautomation.custhelp.com/" } ], "scores": [ { "cvss_v3": { "baseScore": 4.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ] } ] }
var-202203-1921
Vulnerability from variot
Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rockwell Automation The following vulnerabilities exist in multiple products provided by . * Mistake of type (CWE-843) - CVE-2022-1096If the vulnerability is exploited, it may be affected as follows. It was * by a local third party Chromium Web Browser vulnerabilities are used to cause denial of service ( DoS ) - CVE-2022-1096. ========================================================================= Ubuntu Security Notice USN-5350-1 March 28, 2022
chromium-browser vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Chromium could be made to execute arbitrary code if it received a specially crafted input.
Software Description: - chromium-browser: Chromium web browser, open-source version of Chrome
Details:
It was discovered that Chromium incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS: chromium-browser 99.0.4844.84-0ubuntu0.18.04.1
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5350-1 CVE-2022-1096
Package Information: https://launchpad.net/ubuntu/+source/chromium-browser/99.0.4844.84-0ubuntu0.18.04.1 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-25
https://security.gentoo.org/
Severity: High Title: Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities Date: August 14, 2022 Bugs: #828519, #834477, #835397, #836011, #836381, #836777, #838049, #838433, #841371, #843728, #847370, #851003, #853643, #773040, #787950, #800181, #810781, #815397, #829161, #835761, #836830, #847613, #853229, #837497, #838682, #843035, #848864, #851009, #854372 ID: 202208-25
Synopsis
Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution.
Background
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
Google Chrome is one fast, simple, and secure browser for all your devices.
Microsoft Edge is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-qt/qtwebengine < 5.15.5_p20220618>= 5.15.5_p20220618 2 www-client/chromium < 103.0.5060.53 >= 103.0.5060.53 3 www-client/google-chrome < 103.0.5060.53 >= 103.0.5060.53 4 www-client/microsoft-edge < 101.0.1210.47 >= 101.0.1210.47
Description
Multiple vulnerabilities have been discovered in Chromium and its derivatives. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/chromium-103.0.5060.53"
All Chromium binary users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/chromium-bin-103.0.5060.53"
All Google Chrome users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/google-chrome-103.0.5060.53"
All Microsoft Edge users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/chromium-103.0.5060.53"
All QtWebEngine users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">\xdev-qt/qtwebengine-5.15.5_p20220618"
References
[ 1 ] CVE-2021-4052 https://nvd.nist.gov/vuln/detail/CVE-2021-4052 [ 2 ] CVE-2021-4053 https://nvd.nist.gov/vuln/detail/CVE-2021-4053 [ 3 ] CVE-2021-4054 https://nvd.nist.gov/vuln/detail/CVE-2021-4054 [ 4 ] CVE-2021-4055 https://nvd.nist.gov/vuln/detail/CVE-2021-4055 [ 5 ] CVE-2021-4056 https://nvd.nist.gov/vuln/detail/CVE-2021-4056 [ 6 ] CVE-2021-4057 https://nvd.nist.gov/vuln/detail/CVE-2021-4057 [ 7 ] CVE-2021-4058 https://nvd.nist.gov/vuln/detail/CVE-2021-4058 [ 8 ] CVE-2021-4059 https://nvd.nist.gov/vuln/detail/CVE-2021-4059 [ 9 ] CVE-2021-4061 https://nvd.nist.gov/vuln/detail/CVE-2021-4061 [ 10 ] CVE-2021-4062 https://nvd.nist.gov/vuln/detail/CVE-2021-4062 [ 11 ] CVE-2021-4063 https://nvd.nist.gov/vuln/detail/CVE-2021-4063 [ 12 ] CVE-2021-4064 https://nvd.nist.gov/vuln/detail/CVE-2021-4064 [ 13 ] CVE-2021-4065 https://nvd.nist.gov/vuln/detail/CVE-2021-4065 [ 14 ] CVE-2021-4066 https://nvd.nist.gov/vuln/detail/CVE-2021-4066 [ 15 ] CVE-2021-4067 https://nvd.nist.gov/vuln/detail/CVE-2021-4067 [ 16 ] CVE-2021-4068 https://nvd.nist.gov/vuln/detail/CVE-2021-4068 [ 17 ] CVE-2021-4078 https://nvd.nist.gov/vuln/detail/CVE-2021-4078 [ 18 ] CVE-2021-4079 https://nvd.nist.gov/vuln/detail/CVE-2021-4079 [ 19 ] CVE-2021-30551 https://nvd.nist.gov/vuln/detail/CVE-2021-30551 [ 20 ] CVE-2022-0789 https://nvd.nist.gov/vuln/detail/CVE-2022-0789 [ 21 ] CVE-2022-0790 https://nvd.nist.gov/vuln/detail/CVE-2022-0790 [ 22 ] CVE-2022-0791 https://nvd.nist.gov/vuln/detail/CVE-2022-0791 [ 23 ] CVE-2022-0792 https://nvd.nist.gov/vuln/detail/CVE-2022-0792 [ 24 ] CVE-2022-0793 https://nvd.nist.gov/vuln/detail/CVE-2022-0793 [ 25 ] CVE-2022-0794 https://nvd.nist.gov/vuln/detail/CVE-2022-0794 [ 26 ] CVE-2022-0795 https://nvd.nist.gov/vuln/detail/CVE-2022-0795 [ 27 ] CVE-2022-0796 https://nvd.nist.gov/vuln/detail/CVE-2022-0796 [ 28 ] CVE-2022-0797 https://nvd.nist.gov/vuln/detail/CVE-2022-0797 [ 29 ] CVE-2022-0798 https://nvd.nist.gov/vuln/detail/CVE-2022-0798 [ 30 ] CVE-2022-0799 https://nvd.nist.gov/vuln/detail/CVE-2022-0799 [ 31 ] CVE-2022-0800 https://nvd.nist.gov/vuln/detail/CVE-2022-0800 [ 32 ] CVE-2022-0801 https://nvd.nist.gov/vuln/detail/CVE-2022-0801 [ 33 ] CVE-2022-0802 https://nvd.nist.gov/vuln/detail/CVE-2022-0802 [ 34 ] CVE-2022-0803 https://nvd.nist.gov/vuln/detail/CVE-2022-0803 [ 35 ] CVE-2022-0804 https://nvd.nist.gov/vuln/detail/CVE-2022-0804 [ 36 ] CVE-2022-0805 https://nvd.nist.gov/vuln/detail/CVE-2022-0805 [ 37 ] CVE-2022-0806 https://nvd.nist.gov/vuln/detail/CVE-2022-0806 [ 38 ] CVE-2022-0807 https://nvd.nist.gov/vuln/detail/CVE-2022-0807 [ 39 ] CVE-2022-0808 https://nvd.nist.gov/vuln/detail/CVE-2022-0808 [ 40 ] CVE-2022-0809 https://nvd.nist.gov/vuln/detail/CVE-2022-0809 [ 41 ] CVE-2022-0971 https://nvd.nist.gov/vuln/detail/CVE-2022-0971 [ 42 ] CVE-2022-0972 https://nvd.nist.gov/vuln/detail/CVE-2022-0972 [ 43 ] CVE-2022-0973 https://nvd.nist.gov/vuln/detail/CVE-2022-0973 [ 44 ] CVE-2022-0974 https://nvd.nist.gov/vuln/detail/CVE-2022-0974 [ 45 ] CVE-2022-0975 https://nvd.nist.gov/vuln/detail/CVE-2022-0975 [ 46 ] CVE-2022-0976 https://nvd.nist.gov/vuln/detail/CVE-2022-0976 [ 47 ] CVE-2022-0977 https://nvd.nist.gov/vuln/detail/CVE-2022-0977 [ 48 ] CVE-2022-0978 https://nvd.nist.gov/vuln/detail/CVE-2022-0978 [ 49 ] CVE-2022-0979 https://nvd.nist.gov/vuln/detail/CVE-2022-0979 [ 50 ] CVE-2022-0980 https://nvd.nist.gov/vuln/detail/CVE-2022-0980 [ 51 ] CVE-2022-1096 https://nvd.nist.gov/vuln/detail/CVE-2022-1096 [ 52 ] CVE-2022-1125 https://nvd.nist.gov/vuln/detail/CVE-2022-1125 [ 53 ] CVE-2022-1127 https://nvd.nist.gov/vuln/detail/CVE-2022-1127 [ 54 ] CVE-2022-1128 https://nvd.nist.gov/vuln/detail/CVE-2022-1128 [ 55 ] CVE-2022-1129 https://nvd.nist.gov/vuln/detail/CVE-2022-1129 [ 56 ] CVE-2022-1130 https://nvd.nist.gov/vuln/detail/CVE-2022-1130 [ 57 ] CVE-2022-1131 https://nvd.nist.gov/vuln/detail/CVE-2022-1131 [ 58 ] CVE-2022-1132 https://nvd.nist.gov/vuln/detail/CVE-2022-1132 [ 59 ] CVE-2022-1133 https://nvd.nist.gov/vuln/detail/CVE-2022-1133 [ 60 ] CVE-2022-1134 https://nvd.nist.gov/vuln/detail/CVE-2022-1134 [ 61 ] CVE-2022-1135 https://nvd.nist.gov/vuln/detail/CVE-2022-1135 [ 62 ] CVE-2022-1136 https://nvd.nist.gov/vuln/detail/CVE-2022-1136 [ 63 ] CVE-2022-1137 https://nvd.nist.gov/vuln/detail/CVE-2022-1137 [ 64 ] CVE-2022-1138 https://nvd.nist.gov/vuln/detail/CVE-2022-1138 [ 65 ] CVE-2022-1139 https://nvd.nist.gov/vuln/detail/CVE-2022-1139 [ 66 ] CVE-2022-1141 https://nvd.nist.gov/vuln/detail/CVE-2022-1141 [ 67 ] CVE-2022-1142 https://nvd.nist.gov/vuln/detail/CVE-2022-1142 [ 68 ] CVE-2022-1143 https://nvd.nist.gov/vuln/detail/CVE-2022-1143 [ 69 ] CVE-2022-1144 https://nvd.nist.gov/vuln/detail/CVE-2022-1144 [ 70 ] CVE-2022-1145 https://nvd.nist.gov/vuln/detail/CVE-2022-1145 [ 71 ] CVE-2022-1146 https://nvd.nist.gov/vuln/detail/CVE-2022-1146 [ 72 ] CVE-2022-1232 https://nvd.nist.gov/vuln/detail/CVE-2022-1232 [ 73 ] CVE-2022-1305 https://nvd.nist.gov/vuln/detail/CVE-2022-1305 [ 74 ] CVE-2022-1306 https://nvd.nist.gov/vuln/detail/CVE-2022-1306 [ 75 ] CVE-2022-1307 https://nvd.nist.gov/vuln/detail/CVE-2022-1307 [ 76 ] CVE-2022-1308 https://nvd.nist.gov/vuln/detail/CVE-2022-1308 [ 77 ] CVE-2022-1309 https://nvd.nist.gov/vuln/detail/CVE-2022-1309 [ 78 ] CVE-2022-1310 https://nvd.nist.gov/vuln/detail/CVE-2022-1310 [ 79 ] CVE-2022-1311 https://nvd.nist.gov/vuln/detail/CVE-2022-1311 [ 80 ] CVE-2022-1312 https://nvd.nist.gov/vuln/detail/CVE-2022-1312 [ 81 ] CVE-2022-1313 https://nvd.nist.gov/vuln/detail/CVE-2022-1313 [ 82 ] CVE-2022-1314 https://nvd.nist.gov/vuln/detail/CVE-2022-1314 [ 83 ] CVE-2022-1364 https://nvd.nist.gov/vuln/detail/CVE-2022-1364 [ 84 ] CVE-2022-1477 https://nvd.nist.gov/vuln/detail/CVE-2022-1477 [ 85 ] CVE-2022-1478 https://nvd.nist.gov/vuln/detail/CVE-2022-1478 [ 86 ] CVE-2022-1479 https://nvd.nist.gov/vuln/detail/CVE-2022-1479 [ 87 ] CVE-2022-1480 https://nvd.nist.gov/vuln/detail/CVE-2022-1480 [ 88 ] CVE-2022-1481 https://nvd.nist.gov/vuln/detail/CVE-2022-1481 [ 89 ] CVE-2022-1482 https://nvd.nist.gov/vuln/detail/CVE-2022-1482 [ 90 ] CVE-2022-1483 https://nvd.nist.gov/vuln/detail/CVE-2022-1483 [ 91 ] CVE-2022-1484 https://nvd.nist.gov/vuln/detail/CVE-2022-1484 [ 92 ] CVE-2022-1485 https://nvd.nist.gov/vuln/detail/CVE-2022-1485 [ 93 ] CVE-2022-1486 https://nvd.nist.gov/vuln/detail/CVE-2022-1486 [ 94 ] CVE-2022-1487 https://nvd.nist.gov/vuln/detail/CVE-2022-1487 [ 95 ] CVE-2022-1488 https://nvd.nist.gov/vuln/detail/CVE-2022-1488 [ 96 ] CVE-2022-1489 https://nvd.nist.gov/vuln/detail/CVE-2022-1489 [ 97 ] CVE-2022-1490 https://nvd.nist.gov/vuln/detail/CVE-2022-1490 [ 98 ] CVE-2022-1491 https://nvd.nist.gov/vuln/detail/CVE-2022-1491 [ 99 ] CVE-2022-1492 https://nvd.nist.gov/vuln/detail/CVE-2022-1492 [ 100 ] CVE-2022-1493 https://nvd.nist.gov/vuln/detail/CVE-2022-1493 [ 101 ] CVE-2022-1494 https://nvd.nist.gov/vuln/detail/CVE-2022-1494 [ 102 ] CVE-2022-1495 https://nvd.nist.gov/vuln/detail/CVE-2022-1495 [ 103 ] CVE-2022-1496 https://nvd.nist.gov/vuln/detail/CVE-2022-1496 [ 104 ] CVE-2022-1497 https://nvd.nist.gov/vuln/detail/CVE-2022-1497 [ 105 ] CVE-2022-1498 https://nvd.nist.gov/vuln/detail/CVE-2022-1498 [ 106 ] CVE-2022-1499 https://nvd.nist.gov/vuln/detail/CVE-2022-1499 [ 107 ] CVE-2022-1500 https://nvd.nist.gov/vuln/detail/CVE-2022-1500 [ 108 ] CVE-2022-1501 https://nvd.nist.gov/vuln/detail/CVE-2022-1501 [ 109 ] CVE-2022-1633 https://nvd.nist.gov/vuln/detail/CVE-2022-1633 [ 110 ] CVE-2022-1634 https://nvd.nist.gov/vuln/detail/CVE-2022-1634 [ 111 ] CVE-2022-1635 https://nvd.nist.gov/vuln/detail/CVE-2022-1635 [ 112 ] CVE-2022-1636 https://nvd.nist.gov/vuln/detail/CVE-2022-1636 [ 113 ] CVE-2022-1637 https://nvd.nist.gov/vuln/detail/CVE-2022-1637 [ 114 ] CVE-2022-1639 https://nvd.nist.gov/vuln/detail/CVE-2022-1639 [ 115 ] CVE-2022-1640 https://nvd.nist.gov/vuln/detail/CVE-2022-1640 [ 116 ] CVE-2022-1641 https://nvd.nist.gov/vuln/detail/CVE-2022-1641 [ 117 ] CVE-2022-1853 https://nvd.nist.gov/vuln/detail/CVE-2022-1853 [ 118 ] CVE-2022-1854 https://nvd.nist.gov/vuln/detail/CVE-2022-1854 [ 119 ] CVE-2022-1855 https://nvd.nist.gov/vuln/detail/CVE-2022-1855 [ 120 ] CVE-2022-1856 https://nvd.nist.gov/vuln/detail/CVE-2022-1856 [ 121 ] CVE-2022-1857 https://nvd.nist.gov/vuln/detail/CVE-2022-1857 [ 122 ] CVE-2022-1858 https://nvd.nist.gov/vuln/detail/CVE-2022-1858 [ 123 ] CVE-2022-1859 https://nvd.nist.gov/vuln/detail/CVE-2022-1859 [ 124 ] CVE-2022-1860 https://nvd.nist.gov/vuln/detail/CVE-2022-1860 [ 125 ] CVE-2022-1861 https://nvd.nist.gov/vuln/detail/CVE-2022-1861 [ 126 ] CVE-2022-1862 https://nvd.nist.gov/vuln/detail/CVE-2022-1862 [ 127 ] CVE-2022-1863 https://nvd.nist.gov/vuln/detail/CVE-2022-1863 [ 128 ] CVE-2022-1864 https://nvd.nist.gov/vuln/detail/CVE-2022-1864 [ 129 ] CVE-2022-1865 https://nvd.nist.gov/vuln/detail/CVE-2022-1865 [ 130 ] CVE-2022-1866 https://nvd.nist.gov/vuln/detail/CVE-2022-1866 [ 131 ] CVE-2022-1867 https://nvd.nist.gov/vuln/detail/CVE-2022-1867 [ 132 ] CVE-2022-1868 https://nvd.nist.gov/vuln/detail/CVE-2022-1868 [ 133 ] CVE-2022-1869 https://nvd.nist.gov/vuln/detail/CVE-2022-1869 [ 134 ] CVE-2022-1870 https://nvd.nist.gov/vuln/detail/CVE-2022-1870 [ 135 ] CVE-2022-1871 https://nvd.nist.gov/vuln/detail/CVE-2022-1871 [ 136 ] CVE-2022-1872 https://nvd.nist.gov/vuln/detail/CVE-2022-1872 [ 137 ] CVE-2022-1873 https://nvd.nist.gov/vuln/detail/CVE-2022-1873 [ 138 ] CVE-2022-1874 https://nvd.nist.gov/vuln/detail/CVE-2022-1874 [ 139 ] CVE-2022-1875 https://nvd.nist.gov/vuln/detail/CVE-2022-1875 [ 140 ] CVE-2022-1876 https://nvd.nist.gov/vuln/detail/CVE-2022-1876 [ 141 ] CVE-2022-2007 https://nvd.nist.gov/vuln/detail/CVE-2022-2007 [ 142 ] CVE-2022-2010 https://nvd.nist.gov/vuln/detail/CVE-2022-2010 [ 143 ] CVE-2022-2011 https://nvd.nist.gov/vuln/detail/CVE-2022-2011 [ 144 ] CVE-2022-2156 https://nvd.nist.gov/vuln/detail/CVE-2022-2156 [ 145 ] CVE-2022-2157 https://nvd.nist.gov/vuln/detail/CVE-2022-2157 [ 146 ] CVE-2022-2158 https://nvd.nist.gov/vuln/detail/CVE-2022-2158 [ 147 ] CVE-2022-2160 https://nvd.nist.gov/vuln/detail/CVE-2022-2160 [ 148 ] CVE-2022-2161 https://nvd.nist.gov/vuln/detail/CVE-2022-2161 [ 149 ] CVE-2022-2162 https://nvd.nist.gov/vuln/detail/CVE-2022-2162 [ 150 ] CVE-2022-2163 https://nvd.nist.gov/vuln/detail/CVE-2022-2163 [ 151 ] CVE-2022-2164 https://nvd.nist.gov/vuln/detail/CVE-2022-2164 [ 152 ] CVE-2022-2165 https://nvd.nist.gov/vuln/detail/CVE-2022-2165 [ 153 ] CVE-2022-22021 https://nvd.nist.gov/vuln/detail/CVE-2022-22021 [ 154 ] CVE-2022-24475 https://nvd.nist.gov/vuln/detail/CVE-2022-24475 [ 155 ] CVE-2022-24523 https://nvd.nist.gov/vuln/detail/CVE-2022-24523 [ 156 ] CVE-2022-26891 https://nvd.nist.gov/vuln/detail/CVE-2022-26891 [ 157 ] CVE-2022-26894 https://nvd.nist.gov/vuln/detail/CVE-2022-26894 [ 158 ] CVE-2022-26895 https://nvd.nist.gov/vuln/detail/CVE-2022-26895 [ 159 ] CVE-2022-26900 https://nvd.nist.gov/vuln/detail/CVE-2022-26900 [ 160 ] CVE-2022-26905 https://nvd.nist.gov/vuln/detail/CVE-2022-26905 [ 161 ] CVE-2022-26908 https://nvd.nist.gov/vuln/detail/CVE-2022-26908 [ 162 ] CVE-2022-26909 https://nvd.nist.gov/vuln/detail/CVE-2022-26909 [ 163 ] CVE-2022-26912 https://nvd.nist.gov/vuln/detail/CVE-2022-26912 [ 164 ] CVE-2022-29144 https://nvd.nist.gov/vuln/detail/CVE-2022-29144 [ 165 ] CVE-2022-29146 https://nvd.nist.gov/vuln/detail/CVE-2022-29146 [ 166 ] CVE-2022-29147 https://nvd.nist.gov/vuln/detail/CVE-2022-29147 [ 167 ] CVE-2022-30127 https://nvd.nist.gov/vuln/detail/CVE-2022-30127 [ 168 ] CVE-2022-30128 https://nvd.nist.gov/vuln/detail/CVE-2022-30128 [ 169 ] CVE-2022-30192 https://nvd.nist.gov/vuln/detail/CVE-2022-30192 [ 170 ] CVE-2022-33638 https://nvd.nist.gov/vuln/detail/CVE-2022-33638 [ 171 ] CVE-2022-33639 https://nvd.nist.gov/vuln/detail/CVE-2022-33639
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202208-25
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 .
For the stable distribution (bullseye), this problem has been fixed in version 99.0.4844.84-1~deb11u1.
We recommend that you upgrade your chromium packages.
For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmJBXaAACgkQEMKTtsN8 TjbazQ/+IzYVZN+0pj9UBLmTcMNsaUt7Hh0G1D0NsJ8yKbQ6Kan11TcOBvzkQLER E5YbdLOfVaY/OZQRRyjtjzc/WwySaC0AKKg76rYd4bo4186szqPrTApKYz+Fb+Tw 9BCzzYxVQp4nPxcxdMo2PDrCXJg4Ux/ia9dUZFbSZOF8TccxU/1nAB89nS0jCECW OhjqKHM4vcpyPF+ztnGT8Lce+wy3TwTQ/CJM3GaKLK3RF8dT9y0Ae6PP902eOw+x CKbG9EsqB47K5v7Jrbm7LfaxxF1hs7l3kiaupk5YNxgIlHV0i/dpHT39zhSFEFdZ 4F2+lpzJpvKjz9kx2iyJcNYScxMTbWKQQrEYrcNFp3wE3vPl4ndASKrOniTta6ub H2j0Jp/O0pcQTLrsVTlSPvzVgSqTBjobgsIw4JWBSeDLpaDWNQR/dhxfoCQCUvA4 SDEby7l+buKPbipoCvupeyk+cQIM+yjXKc0OZDpHGekK8NsViD5rGIVyhKmFvWcC PajYlmZu68s49eg14hrpXudTcrLL+fFkKgxI5f0Eat0BLFsW7mFl6cvEzX+ErPKT 38XlAdtsO7FGq3DerKJhAyWzZbTPBpcXtPvguIytoxl3QXxcNBvcRgeZOjqMeIhW QqFsYamZq7zcDKYon9Zljtkz1/ai1viBejcvqJK5DqePtvz4AJA= =ZIch -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202203-1921", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "chrome", "scope": "lt", "trust": 1.0, "vendor": "google", "version": "99.0.4844.84" }, { "model": "factorytalk view", "scope": "eq", "trust": 0.8, "vendor": "rockwell automation", "version": "site edition 13" }, { "model": "connected components workbench", "scope": null, "trust": 0.8, "vendor": "rockwell automation", "version": null }, { "model": "enhanced him", "scope": null, "trust": 0.8, "vendor": "rockwell automation", "version": null }, { "model": "factorytalk linx", "scope": null, "trust": 0.8, "vendor": "rockwell automation", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-002159" }, { "db": "NVD", "id": "CVE-2022-1096" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "99.0.4844.84", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2022-1096" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Reported by anonymous on 2022-03-23", "sources": [ { "db": "CNNVD", "id": "CNNVD-202203-2278" } ], "trust": 0.6 }, "cve": "CVE-2022-1096", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2022-1096", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2022-1096", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202203-2278", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-002159" }, { "db": "CNNVD", "id": "CNNVD-202203-2278" }, { "db": "NVD", "id": "CVE-2022-1096" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rockwell Automation The following vulnerabilities exist in multiple products provided by . * Mistake of type (CWE-843) - CVE-2022-1096If the vulnerability is exploited, it may be affected as follows. It was * by a local third party Chromium Web Browser vulnerabilities are used to cause denial of service ( DoS ) - CVE-2022-1096. =========================================================================\nUbuntu Security Notice USN-5350-1\nMarch 28, 2022\n\nchromium-browser vulnerability\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 18.04 LTS\n\nSummary:\n\nChromium could be made to execute arbitrary code if it received a specially\ncrafted input. \n\nSoftware Description:\n- chromium-browser: Chromium web browser, open-source version of Chrome\n\nDetails:\n\nIt was discovered that Chromium incorrectly handled certain inputs. \nAn attacker could possibly use this issue to execute arbitrary code. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 18.04 LTS:\n chromium-browser 99.0.4844.84-0ubuntu0.18.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n https://ubuntu.com/security/notices/USN-5350-1\n CVE-2022-1096\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/chromium-browser/99.0.4844.84-0ubuntu0.18.04.1\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202208-25\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities\n Date: August 14, 2022\n Bugs: #828519, #834477, #835397, #836011, #836381, #836777, #838049, #838433, #841371, #843728, #847370, #851003, #853643, #773040, #787950, #800181, #810781, #815397, #829161, #835761, #836830, #847613, #853229, #837497, #838682, #843035, #848864, #851009, #854372\n ID: 202208-25\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been found in Chromium and its\nderivatives, the worst of which could result in remote code execution. \n\nBackground\n=========\nChromium is an open-source browser project that aims to build a safer,\nfaster, and more stable way for all users to experience the web. \n\nGoogle Chrome is one fast, simple, and secure browser for all your\ndevices. \n\nMicrosoft Edge is a browser that combines a minimal design with\nsophisticated technology to make the web faster, safer, and easier. \n\nAffected packages\n================\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-qt/qtwebengine \u003c 5.15.5_p20220618\u003e= 5.15.5_p20220618\n 2 www-client/chromium \u003c 103.0.5060.53 \u003e= 103.0.5060.53\n 3 www-client/google-chrome \u003c 103.0.5060.53 \u003e= 103.0.5060.53\n 4 www-client/microsoft-edge \u003c 101.0.1210.47 \u003e= 101.0.1210.47\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in Chromium and its\nderivatives. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/chromium-103.0.5060.53\"\n\nAll Chromium binary users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/chromium-bin-103.0.5060.53\"\n\nAll Google Chrome users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/google-chrome-103.0.5060.53\"\n\nAll Microsoft Edge users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-client/chromium-103.0.5060.53\"\n\nAll QtWebEngine users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e\\xdev-qt/qtwebengine-5.15.5_p20220618\"\n\nReferences\n=========\n[ 1 ] CVE-2021-4052\n https://nvd.nist.gov/vuln/detail/CVE-2021-4052\n[ 2 ] CVE-2021-4053\n https://nvd.nist.gov/vuln/detail/CVE-2021-4053\n[ 3 ] CVE-2021-4054\n https://nvd.nist.gov/vuln/detail/CVE-2021-4054\n[ 4 ] CVE-2021-4055\n https://nvd.nist.gov/vuln/detail/CVE-2021-4055\n[ 5 ] CVE-2021-4056\n https://nvd.nist.gov/vuln/detail/CVE-2021-4056\n[ 6 ] CVE-2021-4057\n https://nvd.nist.gov/vuln/detail/CVE-2021-4057\n[ 7 ] CVE-2021-4058\n https://nvd.nist.gov/vuln/detail/CVE-2021-4058\n[ 8 ] CVE-2021-4059\n https://nvd.nist.gov/vuln/detail/CVE-2021-4059\n[ 9 ] CVE-2021-4061\n https://nvd.nist.gov/vuln/detail/CVE-2021-4061\n[ 10 ] CVE-2021-4062\n https://nvd.nist.gov/vuln/detail/CVE-2021-4062\n[ 11 ] CVE-2021-4063\n https://nvd.nist.gov/vuln/detail/CVE-2021-4063\n[ 12 ] CVE-2021-4064\n https://nvd.nist.gov/vuln/detail/CVE-2021-4064\n[ 13 ] CVE-2021-4065\n https://nvd.nist.gov/vuln/detail/CVE-2021-4065\n[ 14 ] CVE-2021-4066\n https://nvd.nist.gov/vuln/detail/CVE-2021-4066\n[ 15 ] CVE-2021-4067\n https://nvd.nist.gov/vuln/detail/CVE-2021-4067\n[ 16 ] CVE-2021-4068\n https://nvd.nist.gov/vuln/detail/CVE-2021-4068\n[ 17 ] CVE-2021-4078\n https://nvd.nist.gov/vuln/detail/CVE-2021-4078\n[ 18 ] CVE-2021-4079\n https://nvd.nist.gov/vuln/detail/CVE-2021-4079\n[ 19 ] CVE-2021-30551\n https://nvd.nist.gov/vuln/detail/CVE-2021-30551\n[ 20 ] CVE-2022-0789\n https://nvd.nist.gov/vuln/detail/CVE-2022-0789\n[ 21 ] CVE-2022-0790\n https://nvd.nist.gov/vuln/detail/CVE-2022-0790\n[ 22 ] CVE-2022-0791\n https://nvd.nist.gov/vuln/detail/CVE-2022-0791\n[ 23 ] CVE-2022-0792\n https://nvd.nist.gov/vuln/detail/CVE-2022-0792\n[ 24 ] CVE-2022-0793\n https://nvd.nist.gov/vuln/detail/CVE-2022-0793\n[ 25 ] CVE-2022-0794\n https://nvd.nist.gov/vuln/detail/CVE-2022-0794\n[ 26 ] CVE-2022-0795\n https://nvd.nist.gov/vuln/detail/CVE-2022-0795\n[ 27 ] CVE-2022-0796\n https://nvd.nist.gov/vuln/detail/CVE-2022-0796\n[ 28 ] CVE-2022-0797\n https://nvd.nist.gov/vuln/detail/CVE-2022-0797\n[ 29 ] CVE-2022-0798\n https://nvd.nist.gov/vuln/detail/CVE-2022-0798\n[ 30 ] CVE-2022-0799\n https://nvd.nist.gov/vuln/detail/CVE-2022-0799\n[ 31 ] CVE-2022-0800\n https://nvd.nist.gov/vuln/detail/CVE-2022-0800\n[ 32 ] CVE-2022-0801\n https://nvd.nist.gov/vuln/detail/CVE-2022-0801\n[ 33 ] CVE-2022-0802\n https://nvd.nist.gov/vuln/detail/CVE-2022-0802\n[ 34 ] CVE-2022-0803\n https://nvd.nist.gov/vuln/detail/CVE-2022-0803\n[ 35 ] CVE-2022-0804\n https://nvd.nist.gov/vuln/detail/CVE-2022-0804\n[ 36 ] CVE-2022-0805\n https://nvd.nist.gov/vuln/detail/CVE-2022-0805\n[ 37 ] CVE-2022-0806\n https://nvd.nist.gov/vuln/detail/CVE-2022-0806\n[ 38 ] CVE-2022-0807\n https://nvd.nist.gov/vuln/detail/CVE-2022-0807\n[ 39 ] CVE-2022-0808\n https://nvd.nist.gov/vuln/detail/CVE-2022-0808\n[ 40 ] CVE-2022-0809\n https://nvd.nist.gov/vuln/detail/CVE-2022-0809\n[ 41 ] CVE-2022-0971\n https://nvd.nist.gov/vuln/detail/CVE-2022-0971\n[ 42 ] CVE-2022-0972\n https://nvd.nist.gov/vuln/detail/CVE-2022-0972\n[ 43 ] CVE-2022-0973\n https://nvd.nist.gov/vuln/detail/CVE-2022-0973\n[ 44 ] CVE-2022-0974\n https://nvd.nist.gov/vuln/detail/CVE-2022-0974\n[ 45 ] CVE-2022-0975\n https://nvd.nist.gov/vuln/detail/CVE-2022-0975\n[ 46 ] CVE-2022-0976\n https://nvd.nist.gov/vuln/detail/CVE-2022-0976\n[ 47 ] CVE-2022-0977\n https://nvd.nist.gov/vuln/detail/CVE-2022-0977\n[ 48 ] CVE-2022-0978\n https://nvd.nist.gov/vuln/detail/CVE-2022-0978\n[ 49 ] CVE-2022-0979\n https://nvd.nist.gov/vuln/detail/CVE-2022-0979\n[ 50 ] CVE-2022-0980\n https://nvd.nist.gov/vuln/detail/CVE-2022-0980\n[ 51 ] CVE-2022-1096\n https://nvd.nist.gov/vuln/detail/CVE-2022-1096\n[ 52 ] CVE-2022-1125\n https://nvd.nist.gov/vuln/detail/CVE-2022-1125\n[ 53 ] CVE-2022-1127\n https://nvd.nist.gov/vuln/detail/CVE-2022-1127\n[ 54 ] CVE-2022-1128\n https://nvd.nist.gov/vuln/detail/CVE-2022-1128\n[ 55 ] CVE-2022-1129\n https://nvd.nist.gov/vuln/detail/CVE-2022-1129\n[ 56 ] CVE-2022-1130\n https://nvd.nist.gov/vuln/detail/CVE-2022-1130\n[ 57 ] CVE-2022-1131\n https://nvd.nist.gov/vuln/detail/CVE-2022-1131\n[ 58 ] CVE-2022-1132\n https://nvd.nist.gov/vuln/detail/CVE-2022-1132\n[ 59 ] CVE-2022-1133\n https://nvd.nist.gov/vuln/detail/CVE-2022-1133\n[ 60 ] CVE-2022-1134\n https://nvd.nist.gov/vuln/detail/CVE-2022-1134\n[ 61 ] CVE-2022-1135\n https://nvd.nist.gov/vuln/detail/CVE-2022-1135\n[ 62 ] CVE-2022-1136\n https://nvd.nist.gov/vuln/detail/CVE-2022-1136\n[ 63 ] CVE-2022-1137\n https://nvd.nist.gov/vuln/detail/CVE-2022-1137\n[ 64 ] CVE-2022-1138\n https://nvd.nist.gov/vuln/detail/CVE-2022-1138\n[ 65 ] CVE-2022-1139\n https://nvd.nist.gov/vuln/detail/CVE-2022-1139\n[ 66 ] CVE-2022-1141\n https://nvd.nist.gov/vuln/detail/CVE-2022-1141\n[ 67 ] CVE-2022-1142\n https://nvd.nist.gov/vuln/detail/CVE-2022-1142\n[ 68 ] CVE-2022-1143\n https://nvd.nist.gov/vuln/detail/CVE-2022-1143\n[ 69 ] CVE-2022-1144\n https://nvd.nist.gov/vuln/detail/CVE-2022-1144\n[ 70 ] CVE-2022-1145\n https://nvd.nist.gov/vuln/detail/CVE-2022-1145\n[ 71 ] CVE-2022-1146\n https://nvd.nist.gov/vuln/detail/CVE-2022-1146\n[ 72 ] CVE-2022-1232\n https://nvd.nist.gov/vuln/detail/CVE-2022-1232\n[ 73 ] CVE-2022-1305\n https://nvd.nist.gov/vuln/detail/CVE-2022-1305\n[ 74 ] CVE-2022-1306\n https://nvd.nist.gov/vuln/detail/CVE-2022-1306\n[ 75 ] CVE-2022-1307\n https://nvd.nist.gov/vuln/detail/CVE-2022-1307\n[ 76 ] CVE-2022-1308\n https://nvd.nist.gov/vuln/detail/CVE-2022-1308\n[ 77 ] CVE-2022-1309\n https://nvd.nist.gov/vuln/detail/CVE-2022-1309\n[ 78 ] CVE-2022-1310\n https://nvd.nist.gov/vuln/detail/CVE-2022-1310\n[ 79 ] CVE-2022-1311\n https://nvd.nist.gov/vuln/detail/CVE-2022-1311\n[ 80 ] CVE-2022-1312\n https://nvd.nist.gov/vuln/detail/CVE-2022-1312\n[ 81 ] CVE-2022-1313\n https://nvd.nist.gov/vuln/detail/CVE-2022-1313\n[ 82 ] CVE-2022-1314\n https://nvd.nist.gov/vuln/detail/CVE-2022-1314\n[ 83 ] CVE-2022-1364\n https://nvd.nist.gov/vuln/detail/CVE-2022-1364\n[ 84 ] CVE-2022-1477\n https://nvd.nist.gov/vuln/detail/CVE-2022-1477\n[ 85 ] CVE-2022-1478\n https://nvd.nist.gov/vuln/detail/CVE-2022-1478\n[ 86 ] CVE-2022-1479\n https://nvd.nist.gov/vuln/detail/CVE-2022-1479\n[ 87 ] CVE-2022-1480\n https://nvd.nist.gov/vuln/detail/CVE-2022-1480\n[ 88 ] CVE-2022-1481\n https://nvd.nist.gov/vuln/detail/CVE-2022-1481\n[ 89 ] CVE-2022-1482\n https://nvd.nist.gov/vuln/detail/CVE-2022-1482\n[ 90 ] CVE-2022-1483\n https://nvd.nist.gov/vuln/detail/CVE-2022-1483\n[ 91 ] CVE-2022-1484\n https://nvd.nist.gov/vuln/detail/CVE-2022-1484\n[ 92 ] CVE-2022-1485\n https://nvd.nist.gov/vuln/detail/CVE-2022-1485\n[ 93 ] CVE-2022-1486\n https://nvd.nist.gov/vuln/detail/CVE-2022-1486\n[ 94 ] CVE-2022-1487\n https://nvd.nist.gov/vuln/detail/CVE-2022-1487\n[ 95 ] CVE-2022-1488\n https://nvd.nist.gov/vuln/detail/CVE-2022-1488\n[ 96 ] CVE-2022-1489\n https://nvd.nist.gov/vuln/detail/CVE-2022-1489\n[ 97 ] CVE-2022-1490\n https://nvd.nist.gov/vuln/detail/CVE-2022-1490\n[ 98 ] CVE-2022-1491\n https://nvd.nist.gov/vuln/detail/CVE-2022-1491\n[ 99 ] CVE-2022-1492\n https://nvd.nist.gov/vuln/detail/CVE-2022-1492\n[ 100 ] CVE-2022-1493\n https://nvd.nist.gov/vuln/detail/CVE-2022-1493\n[ 101 ] CVE-2022-1494\n https://nvd.nist.gov/vuln/detail/CVE-2022-1494\n[ 102 ] CVE-2022-1495\n https://nvd.nist.gov/vuln/detail/CVE-2022-1495\n[ 103 ] CVE-2022-1496\n https://nvd.nist.gov/vuln/detail/CVE-2022-1496\n[ 104 ] CVE-2022-1497\n https://nvd.nist.gov/vuln/detail/CVE-2022-1497\n[ 105 ] CVE-2022-1498\n https://nvd.nist.gov/vuln/detail/CVE-2022-1498\n[ 106 ] CVE-2022-1499\n https://nvd.nist.gov/vuln/detail/CVE-2022-1499\n[ 107 ] CVE-2022-1500\n https://nvd.nist.gov/vuln/detail/CVE-2022-1500\n[ 108 ] CVE-2022-1501\n https://nvd.nist.gov/vuln/detail/CVE-2022-1501\n[ 109 ] CVE-2022-1633\n https://nvd.nist.gov/vuln/detail/CVE-2022-1633\n[ 110 ] CVE-2022-1634\n https://nvd.nist.gov/vuln/detail/CVE-2022-1634\n[ 111 ] CVE-2022-1635\n https://nvd.nist.gov/vuln/detail/CVE-2022-1635\n[ 112 ] CVE-2022-1636\n https://nvd.nist.gov/vuln/detail/CVE-2022-1636\n[ 113 ] CVE-2022-1637\n https://nvd.nist.gov/vuln/detail/CVE-2022-1637\n[ 114 ] CVE-2022-1639\n https://nvd.nist.gov/vuln/detail/CVE-2022-1639\n[ 115 ] CVE-2022-1640\n https://nvd.nist.gov/vuln/detail/CVE-2022-1640\n[ 116 ] CVE-2022-1641\n https://nvd.nist.gov/vuln/detail/CVE-2022-1641\n[ 117 ] CVE-2022-1853\n https://nvd.nist.gov/vuln/detail/CVE-2022-1853\n[ 118 ] CVE-2022-1854\n https://nvd.nist.gov/vuln/detail/CVE-2022-1854\n[ 119 ] CVE-2022-1855\n https://nvd.nist.gov/vuln/detail/CVE-2022-1855\n[ 120 ] CVE-2022-1856\n https://nvd.nist.gov/vuln/detail/CVE-2022-1856\n[ 121 ] CVE-2022-1857\n https://nvd.nist.gov/vuln/detail/CVE-2022-1857\n[ 122 ] CVE-2022-1858\n https://nvd.nist.gov/vuln/detail/CVE-2022-1858\n[ 123 ] CVE-2022-1859\n https://nvd.nist.gov/vuln/detail/CVE-2022-1859\n[ 124 ] CVE-2022-1860\n https://nvd.nist.gov/vuln/detail/CVE-2022-1860\n[ 125 ] CVE-2022-1861\n https://nvd.nist.gov/vuln/detail/CVE-2022-1861\n[ 126 ] CVE-2022-1862\n https://nvd.nist.gov/vuln/detail/CVE-2022-1862\n[ 127 ] CVE-2022-1863\n https://nvd.nist.gov/vuln/detail/CVE-2022-1863\n[ 128 ] CVE-2022-1864\n https://nvd.nist.gov/vuln/detail/CVE-2022-1864\n[ 129 ] CVE-2022-1865\n https://nvd.nist.gov/vuln/detail/CVE-2022-1865\n[ 130 ] CVE-2022-1866\n https://nvd.nist.gov/vuln/detail/CVE-2022-1866\n[ 131 ] CVE-2022-1867\n https://nvd.nist.gov/vuln/detail/CVE-2022-1867\n[ 132 ] CVE-2022-1868\n https://nvd.nist.gov/vuln/detail/CVE-2022-1868\n[ 133 ] CVE-2022-1869\n https://nvd.nist.gov/vuln/detail/CVE-2022-1869\n[ 134 ] CVE-2022-1870\n https://nvd.nist.gov/vuln/detail/CVE-2022-1870\n[ 135 ] CVE-2022-1871\n https://nvd.nist.gov/vuln/detail/CVE-2022-1871\n[ 136 ] CVE-2022-1872\n https://nvd.nist.gov/vuln/detail/CVE-2022-1872\n[ 137 ] CVE-2022-1873\n https://nvd.nist.gov/vuln/detail/CVE-2022-1873\n[ 138 ] CVE-2022-1874\n https://nvd.nist.gov/vuln/detail/CVE-2022-1874\n[ 139 ] CVE-2022-1875\n https://nvd.nist.gov/vuln/detail/CVE-2022-1875\n[ 140 ] CVE-2022-1876\n https://nvd.nist.gov/vuln/detail/CVE-2022-1876\n[ 141 ] CVE-2022-2007\n https://nvd.nist.gov/vuln/detail/CVE-2022-2007\n[ 142 ] CVE-2022-2010\n https://nvd.nist.gov/vuln/detail/CVE-2022-2010\n[ 143 ] CVE-2022-2011\n https://nvd.nist.gov/vuln/detail/CVE-2022-2011\n[ 144 ] CVE-2022-2156\n https://nvd.nist.gov/vuln/detail/CVE-2022-2156\n[ 145 ] CVE-2022-2157\n https://nvd.nist.gov/vuln/detail/CVE-2022-2157\n[ 146 ] CVE-2022-2158\n https://nvd.nist.gov/vuln/detail/CVE-2022-2158\n[ 147 ] CVE-2022-2160\n https://nvd.nist.gov/vuln/detail/CVE-2022-2160\n[ 148 ] CVE-2022-2161\n https://nvd.nist.gov/vuln/detail/CVE-2022-2161\n[ 149 ] CVE-2022-2162\n https://nvd.nist.gov/vuln/detail/CVE-2022-2162\n[ 150 ] CVE-2022-2163\n https://nvd.nist.gov/vuln/detail/CVE-2022-2163\n[ 151 ] CVE-2022-2164\n https://nvd.nist.gov/vuln/detail/CVE-2022-2164\n[ 152 ] CVE-2022-2165\n https://nvd.nist.gov/vuln/detail/CVE-2022-2165\n[ 153 ] CVE-2022-22021\n https://nvd.nist.gov/vuln/detail/CVE-2022-22021\n[ 154 ] CVE-2022-24475\n https://nvd.nist.gov/vuln/detail/CVE-2022-24475\n[ 155 ] CVE-2022-24523\n https://nvd.nist.gov/vuln/detail/CVE-2022-24523\n[ 156 ] CVE-2022-26891\n https://nvd.nist.gov/vuln/detail/CVE-2022-26891\n[ 157 ] CVE-2022-26894\n https://nvd.nist.gov/vuln/detail/CVE-2022-26894\n[ 158 ] CVE-2022-26895\n https://nvd.nist.gov/vuln/detail/CVE-2022-26895\n[ 159 ] CVE-2022-26900\n https://nvd.nist.gov/vuln/detail/CVE-2022-26900\n[ 160 ] CVE-2022-26905\n https://nvd.nist.gov/vuln/detail/CVE-2022-26905\n[ 161 ] CVE-2022-26908\n https://nvd.nist.gov/vuln/detail/CVE-2022-26908\n[ 162 ] CVE-2022-26909\n https://nvd.nist.gov/vuln/detail/CVE-2022-26909\n[ 163 ] CVE-2022-26912\n https://nvd.nist.gov/vuln/detail/CVE-2022-26912\n[ 164 ] CVE-2022-29144\n https://nvd.nist.gov/vuln/detail/CVE-2022-29144\n[ 165 ] CVE-2022-29146\n https://nvd.nist.gov/vuln/detail/CVE-2022-29146\n[ 166 ] CVE-2022-29147\n https://nvd.nist.gov/vuln/detail/CVE-2022-29147\n[ 167 ] CVE-2022-30127\n https://nvd.nist.gov/vuln/detail/CVE-2022-30127\n[ 168 ] CVE-2022-30128\n https://nvd.nist.gov/vuln/detail/CVE-2022-30128\n[ 169 ] CVE-2022-30192\n https://nvd.nist.gov/vuln/detail/CVE-2022-30192\n[ 170 ] CVE-2022-33638\n https://nvd.nist.gov/vuln/detail/CVE-2022-33638\n[ 171 ] CVE-2022-33639\n https://nvd.nist.gov/vuln/detail/CVE-2022-33639\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202208-25\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2022 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. \n\nFor the stable distribution (bullseye), this problem has been fixed in\nversion 99.0.4844.84-1~deb11u1. \n\nWe recommend that you upgrade your chromium packages. \n\nFor the detailed security status of chromium please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/chromium\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmJBXaAACgkQEMKTtsN8\nTjbazQ/+IzYVZN+0pj9UBLmTcMNsaUt7Hh0G1D0NsJ8yKbQ6Kan11TcOBvzkQLER\nE5YbdLOfVaY/OZQRRyjtjzc/WwySaC0AKKg76rYd4bo4186szqPrTApKYz+Fb+Tw\n9BCzzYxVQp4nPxcxdMo2PDrCXJg4Ux/ia9dUZFbSZOF8TccxU/1nAB89nS0jCECW\nOhjqKHM4vcpyPF+ztnGT8Lce+wy3TwTQ/CJM3GaKLK3RF8dT9y0Ae6PP902eOw+x\nCKbG9EsqB47K5v7Jrbm7LfaxxF1hs7l3kiaupk5YNxgIlHV0i/dpHT39zhSFEFdZ\n4F2+lpzJpvKjz9kx2iyJcNYScxMTbWKQQrEYrcNFp3wE3vPl4ndASKrOniTta6ub\nH2j0Jp/O0pcQTLrsVTlSPvzVgSqTBjobgsIw4JWBSeDLpaDWNQR/dhxfoCQCUvA4\nSDEby7l+buKPbipoCvupeyk+cQIM+yjXKc0OZDpHGekK8NsViD5rGIVyhKmFvWcC\nPajYlmZu68s49eg14hrpXudTcrLL+fFkKgxI5f0Eat0BLFsW7mFl6cvEzX+ErPKT\n38XlAdtsO7FGq3DerKJhAyWzZbTPBpcXtPvguIytoxl3QXxcNBvcRgeZOjqMeIhW\nQqFsYamZq7zcDKYon9Zljtkz1/ai1viBejcvqJK5DqePtvz4AJA=\n=ZIch\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2022-1096" }, { "db": "JVNDB", "id": "JVNDB-2022-002159" }, { "db": "VULMON", "id": "CVE-2022-1096" }, { "db": "PACKETSTORM", "id": "166544" }, { "db": "PACKETSTORM", "id": "168075" }, { "db": "PACKETSTORM", "id": "169350" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2022-1096", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-22-209-01", "trust": 1.4 }, { "db": "JVN", "id": "JVNVU93834764", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2022-002159", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "166544", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2022.3702", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.1337", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.1294", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022032827", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022032601", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022032912", "trust": 0.6 }, { "db": "CXSECURITY", "id": "WLB-2022060052", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202203-2278", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2022-1096", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "168075", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "169350", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-1096" }, { "db": "JVNDB", "id": "JVNDB-2022-002159" }, { "db": "PACKETSTORM", "id": "166544" }, { "db": "PACKETSTORM", "id": "168075" }, { "db": "PACKETSTORM", "id": "169350" }, { "db": "CNNVD", "id": "CNNVD-202203-2278" }, { "db": "NVD", "id": "CVE-2022-1096" } ] }, "id": "VAR-202203-1921", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.41454848499999997 }, "last_update_date": "2024-06-14T19:41:55.786000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Product\u00a0Compatibility\u00a0\u0026\u00a0Download\u00a0Center\u00a0from\u00a0Rockwell\u00a0Automation Rockwell\u00a0Automation", "trust": 0.8, "url": "https://compatibility.rockwellautomation.com/pages/home.aspx" }, { "title": "Google Chrome Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=186884" }, { "title": "Debian Security Advisories: DSA-5110-1 chromium -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=e9e9ba88a881ad0a39b9244f299b6a5e" }, { "title": "Google Chrome: Stable Channel Update for Desktop", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=chrome_releases\u0026qid=9e48fc90e4efa33ae51fdb4506bde295" }, { "title": "cve-2022-1096", "trust": 0.1, "url": "https://github.com/git-cve-updater/cve-2022-1096 " }, { "title": "Chrome-and-Edge-Version-Dumper", "trust": 0.1, "url": "https://github.com/maverick-cmd/chrome-and-edge-version-dumper " }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/google-chrome-bug-actively-exploited-zero-day/179161/" }, { "title": "BleepingComputer", "trust": 0.1, "url": "https://www.bleepingcomputer.com/news/security/emergency-google-chrome-update-fixes-zero-day-used-in-attacks/" }, { "title": "The Register", "trust": 0.1, "url": "https://www.theregister.co.uk/2022/03/28/google_chromium_exploit/" }, { "title": "The Register", "trust": 0.1, "url": "https://www.theregister.co.uk/2022/04/15/google-third-fix-chrome-vulnerability/" }, { "title": "BleepingComputer", "trust": 0.1, "url": "https://www.bleepingcomputer.com/news/security/cisa-warns-orgs-to-patch-actively-exploited-chrome-redis-bugs/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-1096" }, { "db": "JVNDB", "id": "JVNDB-2022-002159" }, { "db": "CNNVD", "id": "CNNVD-202203-2278" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-843", "trust": 1.0 }, { "problemtype": "Mistake of type (CWE-843) [ others ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-002159" }, { "db": "NVD", "id": "CVE-2022-1096" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.2, "url": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html" }, { "trust": 1.7, "url": "https://security.gentoo.org/glsa/202208-25" }, { "trust": 1.6, "url": "https://crbug.com/1309225" }, { "trust": 1.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1096" }, { "trust": 0.8, "url": "http://jvn.jp/vu/jvnvu93834764/index.html" }, { "trust": 0.8, "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "trust": 0.8, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-209-01" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/167516/chrome-cve-2022-1096-incomplete-fix.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.3702" }, { "trust": 0.6, "url": "https://cxsecurity.com/issue/wlb-2022060052" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022032827" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.1294" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2022-1096/" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/166544/ubuntu-security-notice-usn-5350-1.html" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-209-01" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022032601" }, { "trust": 0.6, "url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2022-1096" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022032912" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/chrome-memory-corruption-via-v8-37881" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.1337" }, { "trust": 0.1, "url": "https://threatpost.com/google-chrome-bug-actively-exploited-zero-day/179161/" }, { "trust": 0.1, "url": "https://github.com/git-cve-updater/cve-2022-1096" }, { "trust": 0.1, "url": "https://www.debian.org/security/2022/dsa-5110" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/chromium-browser/99.0.4844.84-0ubuntu0.18.04.1" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-5350-1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1136" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1138" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1501" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1129" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1489" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1490" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1861" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0797" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1480" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4058" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0975" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1633" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0971" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1500" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0972" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-29144" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-29147" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0978" }, { "trust": 0.1, "url": "https://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1876" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1128" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0977" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2156" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1858" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0808" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4067" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1863" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1641" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1866" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1871" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1146" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1487" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1637" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0801" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26895" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1873" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0807" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4059" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4062" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0791" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26891" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2157" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0976" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4055" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0798" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0803" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4057" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1144" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1483" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26912" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0979" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26900" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1495" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1484" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-30128" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1497" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1143" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4068" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4063" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0792" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0980" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0794" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1493" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1486" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1867" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2165" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1310" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0789" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1485" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-33638" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1498" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4066" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1865" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0806" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1491" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1853" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1313" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1857" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1870" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1127" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1875" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1125" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0809" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-33639" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26894" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26909" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1130" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2010" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1635" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1135" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1868" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1856" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1232" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-29146" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-24475" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4052" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1488" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1478" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1312" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4053" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1477" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1636" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1639" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2160" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2164" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4078" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1479" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1308" }, { "trust": 0.1, "url": "https://security.gentoo.org/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1869" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2011" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-30127" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4061" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0790" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1862" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1145" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1854" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2007" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1859" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1132" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-30551" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0802" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1482" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1634" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1142" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1499" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4079" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0973" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1864" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0974" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1131" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1309" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22021" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1481" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1492" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0795" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4056" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-30192" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-24523" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1306" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1134" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1139" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1305" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1311" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1307" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0799" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26905" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2162" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0796" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1496" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1133" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1855" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2161" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1141" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1860" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1494" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4054" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0804" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1872" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1874" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0805" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4065" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1314" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0793" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1640" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26908" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4064" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0800" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2158" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1137" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2163" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1364" }, { "trust": 0.1, "url": "https://www.debian.org/security/faq" }, { "trust": 0.1, "url": "https://security-tracker.debian.org/tracker/chromium" }, { "trust": 0.1, "url": "https://www.debian.org/security/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2022-1096" }, { "db": "JVNDB", "id": "JVNDB-2022-002159" }, { "db": "PACKETSTORM", "id": "166544" }, { "db": "PACKETSTORM", "id": "168075" }, { "db": "PACKETSTORM", "id": "169350" }, { "db": "CNNVD", "id": "CNNVD-202203-2278" }, { "db": "NVD", "id": "CVE-2022-1096" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2022-1096" }, { "db": "JVNDB", "id": "JVNDB-2022-002159" }, { "db": "PACKETSTORM", "id": "166544" }, { "db": "PACKETSTORM", "id": "168075" }, { "db": "PACKETSTORM", "id": "169350" }, { "db": "CNNVD", "id": "CNNVD-202203-2278" }, { "db": "NVD", "id": "CVE-2022-1096" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-08-02T00:00:00", "db": "JVNDB", "id": "JVNDB-2022-002159" }, { "date": "2022-03-30T14:48:41", "db": "PACKETSTORM", "id": "166544" }, { "date": "2022-08-15T16:03:09", "db": "PACKETSTORM", "id": "168075" }, { "date": "2022-03-28T19:12:00", "db": "PACKETSTORM", "id": "169350" }, { "date": "2022-03-25T00:00:00", "db": "CNNVD", "id": "CNNVD-202203-2278" }, { "date": "2022-07-23T00:15:08.333000", "db": "NVD", "id": "CVE-2022-1096" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-06-13T06:18:00", "db": "JVNDB", "id": "JVNDB-2022-002159" }, { "date": "2022-08-16T00:00:00", "db": "CNNVD", "id": "CNNVD-202203-2278" }, { "date": "2022-10-27T22:50:00.437000", "db": "NVD", "id": "CVE-2022-1096" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "168075" }, { "db": "CNNVD", "id": "CNNVD-202203-2278" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0Rockwell\u00a0Automation\u00a0 Type mix-up vulnerabilities in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2022-002159" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202203-2278" } ], "trust": 0.6 } }
gsd-2022-1096
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2022-1096", "description": "Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "id": "GSD-2022-1096", "references": [ "https://www.debian.org/security/2022/dsa-5110", "https://advisories.mageia.org/CVE-2022-1096.html", "https://www.suse.com/security/cve/CVE-2022-1096.html", "https://ubuntu.com/security/CVE-2022-1096", "https://security.archlinux.org/CVE-2022-1096" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2022-1096" ], "details": "Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "id": "GSD-2022-1096", "modified": "2023-12-13T01:19:28.102065Z", "schema_version": "1.4.0" } }, "namespaces": { "cisa.gov": { "cveID": "CVE-2022-1096", "dateAdded": "2022-03-28", "dueDate": "2022-04-18", "product": "Chromium V8", "requiredAction": "Apply updates per vendor instructions.", "shortDescription": "The vulnerability exists due to a type confusion error within the V8 component in Chromium, affecting all Chromium-based browsers.", "vendorProject": "Google", "vulnerabilityName": "Google Chromium V8 Type Confusion Vulnerability" }, "cve.org": { "CVE_data_meta": { "ASSIGNER": "chrome-cve-admin@google.com", "ID": "CVE-2022-1096", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Chrome", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "99.0.4844.84" } ] } } ] }, "vendor_name": "Google" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Type Confusion" } ] } ] }, "references": { "reference_data": [ { "name": "https://crbug.com/1309225", "refsource": "MISC", "url": "https://crbug.com/1309225" }, { "name": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html", "refsource": "MISC", "url": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html" }, { "name": "GLSA-202208-25", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202208-25" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "99.0.4844.84", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "chrome-cve-admin@google.com", "ID": "CVE-2022-1096" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-843" } ] } ] }, "references": { "reference_data": [ { "name": "https://crbug.com/1309225", "refsource": "MISC", "tags": [ "Permissions Required", "Vendor Advisory" ], "url": "https://crbug.com/1309225" }, { "name": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html", "refsource": "MISC", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html" }, { "name": "GLSA-202208-25", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/202208-25" } ] } }, "impact": { "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9 } }, "lastModifiedDate": "2022-10-27T22:50Z", "publishedDate": "2022-07-23T00:15Z" } } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.