VuXML: chromium -- multiple vulnerabilities

VuXML ID	e0914087-9a09-11ec-9e61-3065ec8fd3ec
Discovery	2022-03-01
Entry	2022-03-02

Chrome Releases reports:

This release contains 28 security fixes, including:

[1289383] High CVE-2022-0789: Heap buffer overflow in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-01-21

[1274077] High CVE-2022-0790: Use after free in Cast UI. Reported by Anonymous on 2021-11-26

[1278322] High CVE-2022-0791: Use after free in Omnibox. Reported by Zhihua Yao of KunLun Lab on 2021-12-09

[1285885] High CVE-2022-0792: Out of bounds read in ANGLE. Reported by Jaehun Jeong (@n3sk) of Theori on 2022-01-11

[1291728] High CVE-2022-0793: Use after free in Views. Reported by Thomas Orlita on 2022-01-28

[1294097] High CVE-2022-0794: Use after free in WebShare. Reported by Khalil Zhani on 2022-02-04

[1282782] High CVE-2022-0795: Type Confusion in Blink Layout. Reported by 0x74960 on 2021-12-27

[1295786] High CVE-2022-0796: Use after free in Media. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-02-10

[1281908] High CVE-2022-0797: Out of bounds memory access in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-12-21

[1283402] Medium CVE-2022-0798: Use after free in MediaStream. Reported by Samet Bekmezci @sametbekmezci on 2021-12-30

[1279188] Medium CVE-2022-0799: Insufficient policy enforcement in Installer. Reported by Abdelhamid Naceri (halov) on 2021-12-12

[1242962] Medium CVE-2022-0800: Heap buffer overflow in Cast UI. Reported by Khalil Zhani on 2021-08-24

[1231037] Medium CVE-2022-0801: Inappropriate implementation in HTML parser. Reported by Michal Bentkowski of Securitum on 2021-07-20

[1270052] Medium CVE-2022-0802: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2021-11-14

[1280233] Medium CVE-2022-0803: Inappropriate implementation in Permissions. Reported by Abdulla Aldoseri on 2021-12-15

[1264561] Medium CVE-2022-0804: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2021-10-29

[1290700] Medium CVE-2022-0805: Use after free in Browser Switcher. Reported by raven at KunLun Lab on 2022-01-25

[1283434] Medium CVE-2022-0806: Data leak in Canvas. Reported by Paril on 2021-12-31

[1287364] Medium CVE-2022-0807: Inappropriate implementation in Autofill. Reported by Alesandro Ortiz on 2022-01-14

[1292271] Medium CVE-2022-0808: Use after free in Chrome OS Shell. Reported by @ginggilBesel on 2022-01-29

[1293428] Medium CVE-2022-0809: Out of bounds memory access in WebXR. Reported by @uwu7586 on 2022-02-03

[source]

CVE Name	CVE-2022-0789
CVE Name	CVE-2022-0790
CVE Name	CVE-2022-0791
CVE Name	CVE-2022-0792
CVE Name	CVE-2022-0793
CVE Name	CVE-2022-0794
CVE Name	CVE-2022-0795
CVE Name	CVE-2022-0796
CVE Name	CVE-2022-0797
CVE Name	CVE-2022-0798
CVE Name	CVE-2022-0799
CVE Name	CVE-2022-0800
CVE Name	CVE-2022-0801
CVE Name	CVE-2022-0802
CVE Name	CVE-2022-0803
CVE Name	CVE-2022-0804
CVE Name	CVE-2022-0805
CVE Name	CVE-2022-0806
CVE Name	CVE-2022-0807
CVE Name	CVE-2022-0808
CVE Name	CVE-2022-0809
URL	https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html

chromium -- multiple vulnerabilities

Details

References