Debian Chromium vulnerabilities

2,176 known vulnerabilities affecting debian/chromium.

Total CVEs

2,176

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL102HIGH1256MEDIUM754LOW56UNKNOWN8

Vulnerabilities

Page 48 of 109

CVE-2022-3199HIGHCVSS 8.8fixed in chromium 105.0.5195.125-1 (bookworm)2022

CVE-2022-3199 [HIGH] CVE-2022-3199: chromium - Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remo... Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 105.0.5195.125-1) bullseye: resolved (fixed in 105.0.5195.125-1~deb11u1) forky: resolved (fixed in 105.0.5195.125-1) sid: resolved (fixe

debian

CVE-2022-2161HIGHCVSS 8.8fixed in chromium 103.0.5060.53-1 (bookworm)2022

CVE-2022-2161 [HIGH] CVE-2022-2161: chromium - Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowe... Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who convinced the user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. Scope: local bookworm: resolved (fixed in 103.0.5060.53-1) bullseye: resolved (fixed in 103.0.5060.53-1~deb11u1) forky: resolved (fixed i

debian

CVE-2022-0797HIGHCVSS 8.8fixed in chromium 99.0.4844.51-1 (bookworm)2022

CVE-2022-0797 [HIGH] CVE-2022-0797: chromium - Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allow... Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Scope: local bookworm: resolved (fixed in 99.0.4844.51-1) bullseye: resolved (fixed in 99.0.4844.51-1~deb11u1) forky: resolved (fixed in 99.0.4844.51-1) sid: resolved (fixed in 99.0.4844.51-1) trixie: r

debian

CVE-2022-4921HIGHCVSS 8.8fixed in chromium 99.0.4844.51-1 (bookworm)2022

CVE-2022-4921 [HIGH] CVE-2022-4921: chromium - Use after free in Accessibility in Google Chrome prior to 99.0.4844.51 allowed a... Use after free in Accessibility in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low) Scope: local bookworm: resolved (fixed in 99.0.4844.51-1) bullseye: resolved (fixed in 99.0.4844.51-1~deb11u1) forky: resolved

debian

CVE-2022-3052HIGHCVSS 8.8fixed in chromium 105.0.5195.52-1 (bookworm)2022

CVE-2022-3052 [HIGH] CVE-2022-3052: chromium - Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros pri... Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. Scope: local bookworm: resolved (fixed in 105.0.5195.52-1) bullseye: resolved (fixed in 105.0.5195.52-1~deb11u1) for

debian

CVE-2022-0980HIGHCVSS 8.8fixed in chromium 99.0.4844.74-1 (bookworm)2022

CVE-2022-0980 [HIGH] CVE-2022-0980: chromium - Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an... Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. Scope: local bookworm: resolved (fixed in 99.0.4844.74-1) bullseye: resolved (fixed in 99.0.4844.74-1~deb11u1) forky: resolved (fixed in 99.0.4844.74-1) s

debian

CVE-2022-2857HIGHCVSS 8.8fixed in chromium 104.0.5112.101-1 (bookworm)2022

CVE-2022-2857 [HIGH] CVE-2022-2857: chromium - Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remot... Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 104.0.5112.101-1) bullseye: resolved (fixed in 104.0.5112.101-1~deb11u1) forky: resolved (fixed in 104.0.5112.101-1) sid: resolved (fixed in 104.0.5112.101-1) trixie: resol

debian

CVE-2022-1855HIGHCVSS 8.8fixed in chromium 102.0.5005.61-1 (bookworm)2022

CVE-2022-1855 [HIGH] CVE-2022-1855: chromium - Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a re... Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 102.0.5005.61-1) bullseye: resolved (fixed in 102.0.5005.61-1~deb11u1) forky: resolved (fixed in 102.0.5005.61-1) sid: resolved (fixed in 102.0.5005.61-1) trixie: resolv

debian

CVE-2022-0456HIGHCVSS 8.8fixed in chromium 98.0.4758.80-1 (bookworm)2022

CVE-2022-0456 [HIGH] CVE-2022-0456: chromium - Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a re... Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via profile destruction. Scope: local bookworm: resolved (fixed in 98.0.4758.80-1) bullseye: resolved (fixed in 98.0.4758.80-1~deb11u1) forky: resolved (fixed in 98.0.4758.80-1) sid: resolved (fixed in 98.0.4758.80-1) trixie: resolved (

debian

CVE-2022-3889HIGHCVSS 8.8fixed in chromium 107.0.5304.110-1 (bookworm)2022

CVE-2022-3889 [HIGH] CVE-2022-3889: chromium - Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote a... Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 107.0.5304.110-1) bullseye: resolved (fixed in 107.0.5304.110-1~deb11u1) forky: resolved (fixed in 107.0.5304.110-1) sid: resolved (fixed in

debian

CVE-2022-1481HIGHCVSS 8.8fixed in chromium 101.0.4951.41-1 (bookworm)2022

CVE-2022-1481 [HIGH] CVE-2022-1481: chromium - Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed... Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 101.0.4951.41-1) bullseye: resolved (fixed in 101.0.4951.41-1~deb11u1) forky: resolved (fixed in 101.0.4

debian

CVE-2022-1496HIGHCVSS 8.8fixed in chromium 101.0.4951.41-1 (bookworm)2022

CVE-2022-1496 [HIGH] CVE-2022-1496: chromium - Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a... Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. Scope: local bookworm: resolved (fixed in 101.0.4951.41-1) bullseye: resolved (fixed in 101.0.4951.41-1~deb11u1) forky: resolved (fixed in 101.0.4951.41-1) sid: resolved (fixed in 101.0.4951.

debian

CVE-2022-2296HIGHCVSS 8.8fixed in chromium 103.0.5060.114-1 (bookworm)2022

CVE-2022-2296 [HIGH] CVE-2022-2296: chromium - Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5... Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions. Scope: local bookworm: resolved (fixed in 103.0.5060.114-1) bullseye: resolved (fixed in 103.0.5060.114-1~deb11u1) forky: resol

debian

CVE-2022-0308HIGHCVSS 8.8fixed in chromium 97.0.4692.99-1 (bookworm)2022

CVE-2022-0308 [HIGH] CVE-2022-0308: chromium - Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692... Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 97.0.4692.99-1) bullseye: resolved (fixed in 97.0.4692.99-1~deb11u2) forky: resolved (fixed i

debian

CVE-2022-2399HIGHCVSS 8.8fixed in chromium 100.0.4896.88-1 (bookworm)2022

CVE-2022-2399 [HIGH] CVE-2022-2399: chromium - Use after free in WebGPU in Google Chrome prior to 100.0.4896.88 allowed a remot... Use after free in WebGPU in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 100.0.4896.88-1) bullseye: resolved (fixed in 100.0.4896.88-1~deb11u1) forky: resolved (fixed in 100.0.4896.88-1) sid: resolved (fixed in 100.0.4896.88-1) trixie: resolved

debian

CVE-2022-0805HIGHCVSS 8.8fixed in chromium 99.0.4844.51-1 (bookworm)2022

CVE-2022-0805 [HIGH] CVE-2022-0805: chromium - Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowe... Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. Scope: local bookworm: resolved (fixed in 99.0.4844.51-1) bullseye: resolved (fixed in 99.0.4844.51-1~deb11u1) forky: resolved (fixed in 99.0.4844.5

debian

CVE-2022-3886HIGHCVSS 8.8fixed in chromium 107.0.5304.110-1 (bookworm)2022

CVE-2022-3886 [HIGH] CVE-2022-3886: chromium - Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 al... Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 107.0.5304.110-1) bullseye: resolved (fixed in 107.0.5304.110-1~deb11u1) forky: resolved (fixed in 107.0.5304.110-1) sid: re

debian

CVE-2022-2609HIGHCVSS 8.8fixed in chromium 104.0.5112.79-1 (bookworm)2022

CVE-2022-2609 [HIGH] CVE-2022-2609: chromium - Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112... Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. Scope: local bookworm: resolved (fixed in 104.0.5112.79-1) bullseye: resolved (fixed in 104.0.5112.79-1~deb11u1) forky: resolved

debian

CVE-2022-0469HIGHCVSS 8.8fixed in chromium 98.0.4758.80-1 (bookworm)2022

CVE-2022-0469 [HIGH] CVE-2022-0469: chromium - Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote a... Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption via a crafted HTML page. Scope: local bookworm: resolved (fixed in 98.0.4758.80-1) bullseye: resolved (fixed in 98.0.4758.80-1~deb11u1) forky: resolved (fixed in 98.0.4758.80-1) sid: res

debian

CVE-2022-1141HIGHCVSS 8.8fixed in chromium 100.0.4896.60-1 (bookworm)2022

CVE-2022-1141 [HIGH] CVE-2022-1141: chromium - Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a... Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture. Scope: local bookworm: resolved (fixed in 100.0.4896.60-1) bullseye: resolved (fixed in 100.0.4896.60-1~deb11u1) forky: resolved (fixed in 100.0.4

debian

← Previous48 / 109Next →