AVG-2739 log

Package chromium
Status Fixed
Severity Critical
Type multiple issues
Affected 101.0.4951.54-1
Fixed 102.0.5005.61-1
Current 104.0.5112.79-1 [extra]
Ticket None
Created Wed May 25 09:55:02 2022
Advisory Pending
Issue Severity Remote Type Description
CVE-2022-1876 Low Unknown Unknown
Heap buffer overflow in DevTools
CVE-2022-1875 Low Unknown Unknown
Inappropriate implementation in PDF
CVE-2022-1874 Low Unknown Unknown
Insufficient policy enforcement in Safe Browsing
CVE-2022-1873 Low Unknown Unknown
Insufficient policy enforcement in COOP
CVE-2022-1872 Low Unknown Unknown
Insufficient policy enforcement in Extensions API
CVE-2022-1871 Low Unknown Unknown
Insufficient policy enforcement in File System API
CVE-2022-1870 Medium Unknown Unknown
Use after free in App Service
CVE-2022-1869 Medium Unknown Unknown
Type Confusion in V8
CVE-2022-1868 Medium Unknown Unknown
Inappropriate implementation in Extensions API
CVE-2022-1867 Medium Unknown Unknown
Insufficient validation of untrusted input in Data Transfer
CVE-2022-1866 Medium Unknown Unknown
Use after free in Tablet Mode
CVE-2022-1865 Medium Unknown Unknown
Use after free in Bookmarks
CVE-2022-1864 Medium Unknown Unknown
Use after free in WebApp Installs
CVE-2022-1863 Medium Unknown Unknown
Use after free in Tab Groups
CVE-2022-1862 Medium Unknown Unknown
Inappropriate implementation in Extensions
CVE-2022-1861 High Yes Arbitrary code execution
Use after free in Sharing
CVE-2022-1860 High Yes Arbitrary code execution
Use after free in UI Foundations
CVE-2022-1859 High Yes Arbitrary code execution
Use after free in Performance Manager
CVE-2022-1858 High Yes Arbitrary code execution
Out of bounds read in DevTools
CVE-2022-1857 High Yes Arbitrary filesystem access
Insufficient policy enforcement in File System API
CVE-2022-1856 High Yes Arbitrary code execution
Use after free in User Education
CVE-2022-1855 High Yes Arbitrary code execution
Use after free in Messaging
CVE-2022-1854 High Yes Arbitrary code execution
Use after free in ANGLE
CVE-2022-1853 Critical Yes Arbitrary code execution
Use after free in Indexed DB
References
https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_24.html