Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hiveproHive ProHIVEPRO:F0E08A7B0A92ED0929AD9DE27F33C527
HistoryJan 06, 2022 - 4:36 a.m.

Google fixes multiple vulnerabilities in Chrome

2022-01-0604:36:10
Hive Pro
www.hivepro.com
22
google chrome
version 97
security flaws
high risk
critical
linux
macos
windows
update
cve-2022-0096
cve-2022-0097
cve-2022-0098
cve-2022-0099
cve-2022-0100
cve-2022-0101
cve-2022-0102
cve-2022-0103
cve-2022-0104
cve-2022-0105
cve-2022-0106
cve-2022-0107
cve-2022-0108
cve-2022-0109
cve-2022-0110
cve-2022-0111
cve-2022-0112
cve-2022-0113
cve-2022-0114
cve-2022-0115
cve-2022-0116
cve-2022-0117
cve-2022-0118
cve-2022-0120

EPSS

0.013

Percentile

86.0%

JSON

THREAT LEVEL: Amber.

For a detailed advisory, download the pdf file here.

Google Chrome has been updated to version 97, which addresses 37 security flaws. Google has classed ten of them as High and one as Critical, while the remaining thirteen have been classified as Medium or Low. These flaws pose a high risk to all Linux, macOS, and Windows users, and users should act by updating Chrome to version 97.0.4692.71.

This advisory addresses the following 24 Google-disclosed vulnerabilities. To avoid exploitation, the rest of them will be uncovered once most users have been upgraded.

• CVE-2022-0096: Use after free in Storage.
• CVE-2022-0097: Inappropriate implementation in DevTools.
• CVE-2022-0098: Use after free in Screen Capture.
• CVE-2022-0099: Use after free in Sign-in.
• CVE-2022-0100: Heap buffer overflow in Media streams API.
• CVE-2022-0101: Heap buffer overflow in Bookmarks.
• CVE-2022-0102: Type Confusion in V8.
• CVE-2022-0103: Use after free in SwiftShader.
• CVE-2022-0104: Heap buffer overflow in ANGLE.
• CVE-2022-0105: Use after free in PDF.
• CVE-2022-0106: Use after free in Autofill.
• CVE-2022-0107: Use after free in File Manager API.
• CVE-2022-0108: Inappropriate implementation in Navigation.
• CVE-2022-0109: Inappropriate implementation in Autofill.
• CVE-2022-0110: Incorrect security UI in Autofill.
• CVE-2022-0111: Inappropriate implementation in Navigation.
• CVE-2022-0112: Incorrect security UI in Browser UI.
• CVE-2022-0113: Inappropriate implementation in Blink.
• CVE-2022-0114: Out of bounds memory access in Web Serial.
• CVE-2022-0115: Uninitialized Use in File API.
• CVE-2022-0116: Inappropriate implementation in Compositing.
• CVE-2022-0117: Policy bypass in Service Workers.
• CVE-2022-0118: Inappropriate implementation in WebShare.
• CVE-2022-0120: Inappropriate implementation in Passwords.

Indicators of Compromise(IoCs)

Patch Links

<https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html&gt;

References

<https://www.cisa.gov/uscert/ncas/current-activity/2022/01/05/google-releases-security-updates-chrome&gt;

<https://www.forbes.com/sites/gordonkelly/2022/01/05/google-chrome-hack-warning-new-attacks-exploits-upgrade-chrome-now/?sh=467db05810b0&gt;

Related

freebsd 1
nessus 5
osv 1
suse 2
openvas 7
chrome 1
kaspersky 2
fedora 3
mageia 1
veracode 16
prion 18
cvelist 19
cnvd 16
cve 18
mscve 20
alpinelinux 10
debiancve 18
nvd 20
redhatcve 2
ubuntucve 18
thn 1
freebsd
freebsd
chromium -- multiple vulnerabilities
2022-01-04 00:00:00
nessus
nessus
Google Chrome < 97.0.4692.71 Multiple Vulnerabilities
2022-01-04 00:00:00
Google Chrome < 97.0.4692.71 Multiple Vulnerabilities
2022-01-04 00:00:00
FreeBSD : chromium -- multiple vulnerabilities (9eeccbf3-6e26-11ec-bb10-3065ec8fd3ec)
2022-01-05 00:00:00
osv
osv
chromedriver-97.0.4692.71-1.1 on GA media
2024-06-15 00:00:00
suse
suse
Security update for chromium (important)
2022-01-17 00:00:00
Security update for opera (important)
2022-02-21 00:00:00
openvas
openvas
Google Chrome Security Update (stable-channel-update-for-desktop-2022-01) - Mac OS X
2022-01-14 00:00:00
Google Chrome Security Update (stable-channel-update-for-desktop-2022-01) - Linux
2022-01-14 00:00:00
Google Chrome Security Update (stable-channel-update-for-desktop-2022-01) - Windows
2022-01-14 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2022-01-04 00:00:00
kaspersky
kaspersky
KLA12411 Multiple vulnerabilities in Google Chrome
2022-01-04 00:00:00
KLA12413 Multiple vulnerabilities in Microsoft Browser
2022-01-06 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: chromium-99.0.4844.51-1.fc34
2022-03-14 22:27:09
[SECURITY] Fedora 36 Update: chromium-99.0.4844.51-1.fc36
2022-03-26 15:43:20
[SECURITY] Fedora 35 Update: chromium-99.0.4844.51-1.fc35
2022-03-11 14:48:13
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2022-02-03 00:29:30
veracode
veracode
Use After Free
2022-01-14 23:59:14
Incorrect Security UI In Autofill
2022-01-15 00:02:44
Denial Of Service (DoS)
2022-01-14 23:57:35
prion
prion
Design/Logic Flaw
2022-02-12 00:15:00
Heap overflow
2022-02-12 00:15:00
Design/Logic Flaw
2022-02-12 00:15:00
cvelist
cvelist
CVE-2022-0110
2022-02-11 23:35:58
CVE-2022-0103
2022-02-11 23:35:49
CVE-2022-0106
2022-02-11 23:35:53
cnvd
cnvd
Google Chrome SwiftShader Code Execution Vulnerability (CNVD-2022-65577)
2022-01-10 00:00:00
Google Chrome Media streams API buffer overflow vulnerability
2022-01-10 00:00:00
Google Chrome PDF code execution vulnerability
2022-01-10 00:00:00
cve
cve
CVE-2022-0110
2022-02-12 00:15:07
CVE-2022-0105
2022-02-12 00:15:07
CVE-2022-0106
2022-02-12 00:15:07
mscve
mscve
Chromium: CVE-2022-0103 Use after free in SwiftShader
2022-01-06 08:00:00
Chromium: CVE-2022-0105 Use after free in PDF
2022-01-06 08:00:00
Chromium: CVE-2022-0104 Heap buffer overflow in ANGLE
2022-01-06 08:00:00
alpinelinux
alpinelinux
CVE-2022-0103
2022-02-12 00:15:07
CVE-2022-0104
2022-02-12 00:15:07
CVE-2022-0111
2022-02-12 00:15:07
debiancve
debiancve
CVE-2022-0104
2022-02-12 00:15:07
CVE-2022-0108
2022-02-12 00:15:07
CVE-2022-0103
2022-02-12 00:15:07
nvd
nvd
CVE-2022-0104
2022-02-12 00:15:07
CVE-2022-0110
2022-02-12 00:15:07
CVE-2022-0106
2022-02-12 00:15:07
redhatcve
redhatcve
CVE-2022-0103
2022-05-20 23:43:24
CVE-2022-0096
2022-05-21 00:19:41
ubuntucve
ubuntucve
CVE-2022-0104
2022-02-12 00:00:00
CVE-2022-0111
2022-02-12 00:00:00
CVE-2022-0116
2022-02-12 00:00:00
thn
thn
Google Releases New Chrome Update to Patch Dozens of New Browser Vulnerabilities
2022-01-06 05:47:00

EPSS

0.013

Percentile

86.0%

JSON
Related for HIVEPRO:F0E08A7B0A92ED0929AD9DE27F33C527
freebsd1nessus5osv1suse2openvas7chrome1kaspersky2fedora3mageia1veracode16prion18cvelist19cnvd16cve18mscve20alpinelinux10debiancve18nvd20redhatcve2ubuntucve18thn1