Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-2858HistorySep 26, 2022 - 4:15 p.m.
CVE-2022-2858
2022-09-2616:15:11
Debian Security Bug Tracker
security-tracker.debian.org
37
google chrome
sign-in flow
use after free
heap corruption
remote attacker
ui interaction
cve-2022-2858
unix
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.005
Percentile
76.8%
Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | chromium | < 104.0.5112.101-1 | chromium_104.0.5112.101-1_all.deb |
| Debian | 11 | all | chromium | < 104.0.5112.101-1~deb11u1 | chromium_104.0.5112.101-1~deb11u1_all.deb |
| Debian | 999 | all | chromium | < 104.0.5112.101-1 | chromium_104.0.5112.101-1_all.deb |
| Debian | 13 | all | chromium | < 104.0.5112.101-1 | chromium_104.0.5112.101-1_all.deb |
Related
veracode
veracode
Remote Code Execution
2022-09-01 10:43:30
osv
osv
CVE-2022-2858
2022-09-26 16:15:11
chromium - security update
2022-08-18 00:00:00
nvd
nvd
CVE-2022-2858
2022-09-26 16:15:11
cve
cve
CVE-2022-2858
2022-09-26 16:15:11
prion
prion
Design/Logic Flaw
2022-09-26 16:15:00
ubuntucve
ubuntucve
CVE-2022-2858
2022-09-26 00:00:00
cvelist
cvelist
CVE-2022-2858
2022-09-26 15:01:14
mscve
mscve
Chromium: CVE-2022-2858 Use after free in Sign-In Flow
2022-08-19 07:00:00
nessus
nessus
Microsoft Edge (Chromium) < 104.0.1293.63 Multiple Vulnerabilities
2022-08-19 00:00:00
openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10099-1)
2022-08-26 00:00:00
kaspersky
kaspersky
KLA15724 Multiple vulnerabilities in Microsoft Browser
2022-08-19 00:00:00
KLA15725 Multiple vulnerabilities in Opera
2022-08-23 00:00:00
KLA15722 Multiple vulnerabilities in Google Chrome
2022-08-16 00:00:00
openvas
openvas
Google Chrome Security Update (stable-channel-update-for-desktop_16-2022-08) - Windows
2022-08-18 00:00:00
openSUSE: Security Advisory for chromium (openSUSE-SU-2022:10099-1)
2024-03-04 00:00:00
Mageia: Security Advisory (MGASA-2022-0307)
2022-08-26 00:00:00
suse
suse
Security update for chromium (important)
2022-08-25 00:00:00
Security update for opera (important)
2022-08-29 00:00:00
Security update for opera (important)
2022-08-29 00:00:00
debian
debian
[SECURITY] [DSA 5212-1] chromium security update
2022-08-17 22:57:57
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2022-08-26 00:21:07
freebsd
freebsd
chromium -- multiple vulnerabilities
2022-08-16 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2022-08-16 00:00:00
gentoo
gentoo
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
2022-08-21 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: chromium-105.0.5195.125-2.fc36
2022-10-05 01:01:54
[SECURITY] Fedora 37 Update: chromium-105.0.5195.125-2.fc37
2022-10-03 00:22:01
[SECURITY] Fedora 35 Update: chromium-105.0.5195.125-2.fc35
2022-10-05 01:05:03
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.005
Percentile
76.8%
Related for DEBIANCVE:CVE-2022-2858