Searching
..

Click anywhere to stop

KLA12493
Multiple vulnerabilities in Google Chrome

Updated: 01/25/2024
Detect date
?
03/29/2022
Severity
?
High
Description

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Heap buffer overflow vulnerability in WebUI can be exploited to cause denial of service.
  2. Use after free in WebRTC vulnerability can be exploited to cause denial of service or execute arbitrary code.
  3. Use after free vulnerability in File Manager can be exploited to cause denial of service or execute arbitrary code.
  4. Implementation vulnerability in Virtual Keyboard can be exploited to cause denial of service.
  5. Type confusion vulnerability in V8 can be exploited to cause denial of service.
  6. Implementation vulnerability in Web Cursor can be exploited to cause denial of service.
  7. Use after free vulnerability in Tab Strip can be exploited to cause denial of service or execute arbitrary code.
  8. Use after free vulnerability in QR Code Generator can be exploited to cause denial of service or execute arbitrary code.
  9. Use after free vulnerability in Shopping Cart can be exploited to cause denial of service or execute arbitrary code.
  10. Implementation vulnerability in Full Screen Mode can be exploited to cause denial of service.
  11. Implementation vulnerability in Background Fetch API can be exploited to cause denial of service.
  12. Implementation in Extensions can be exploited to cause denial of service.
  13. Insufficient validation of untrusted input in WebOTP can be exploited to cause denial of service.
  14. Implementation vulnerability in Web Share API can be exploited to cause denial of service.
  15. Use after free vulnerability in Portals can be exploited to cause denial of service or execute arbitrary code.
  16. Implementation vulnerability in Resource Timing can be exploited to cause denial of service.
  17. Use after free vulnerability in Extensions can be exploited to cause denial of service or execute arbitrary code.
  18. Use after free vulnerability in Cast UI can be exploited to cause denial of service or execute arbitrary code.
  19. Use after free vulnerability in WebUI can be exploited to cause denial of service or execute arbitrary code.
Affected products

Google Chrome earlier than 100.0.4896.60

Solution

Update to the latest version
Download Google Chrome

Original advisories

Stable Channel Update for Desktop

Impacts
?
ACE 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]
Related products
Google Chrome
CVE-IDS
?
CVE-2022-11438.8Critical
CVE-2022-11338.8Critical
CVE-2022-11418.8Critical
CVE-2022-11326.1High
CVE-2022-11348.8Critical
CVE-2022-11386.5High
CVE-2022-11368.8Critical
CVE-2022-11278.8Critical
CVE-2022-11358.8Critical
CVE-2022-11296.5High
CVE-2022-11396.5High
CVE-2022-11376.5High
CVE-2022-11308.1Critical
CVE-2022-11286.5High
CVE-2022-11428.8Critical
CVE-2022-11258.8Critical
CVE-2022-11466.5High
CVE-2022-11457.5Critical
CVE-2022-11318.8Critical
CVE-2022-11448.8Critical
Find out the statistics of the vulnerabilities spreading in your region