Google Chrome Chrome vulnerabilities

CVE-2023-1530 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-1530 Long Term Support Channel Update for ChromeOS CVE-2023-1530

CVE-2023-1533 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-1533 Long Term Support Channel Update for ChromeOS CVE-2023-1533

CVE-2023-1534 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-1534 Long Term Support Channel Update for ChromeOS CVE-2023-1534

CVE-2023-1810 [HIGH] Stable Channel Update for Desktop: CVE-2023-1810 Stable Channel Update for Desktop CVE-2023-1810: Heap buffer overflow in Visuals. Reported by Weipeng Jiang (@Krace) of VRI on 2023-02-08 [$3000][ 1420510 ] High CVE-2023-1811: Use after free in Frames Reported by Thomas Orlita on 2023-03-01 [$TBD][ 1335974 ] High CVE-2023-2313: Inappropriate implementation in Sandbox Severity: high

CVE-2023-1812 [MEDIUM] Stable Channel Update for Desktop: CVE-2023-1812 Stable Channel Update for Desktop CVE-2023-1812: Out of bounds memory access in DOM Bindings. Reported by Shijiang Yu on 2023-02-22 [$5000][ 1423258 ] Medium CVE-2023-1813: Inappropriate implementation in Extensions Reported by Axel Chong on 2023-03-10 [$3000][ 1417325 ] Medium CVE-2023-1814: Insufficient validation of untrusted input in Safe Browsing Severity: medium

CVE-2023-1820 [MEDIUM] Stable Channel Update for Desktop: CVE-2023-1820 Stable Channel Update for Desktop CVE-2023-1820: Heap buffer overflow in Browser History. Reported by raven at KunLun lab on 2023-01-17 [$1000][ 1413618 ] Low CVE-2023-1821: Inappropriate implementation in WebShare Reported by Axel Chong on 2023-02-07 [$500][ 1066555 ] Low CVE-2023-1822: Incorrect security UI in Navigation Severity: medium

CVE-2023-1815 [MEDIUM] Stable Channel Update for Desktop: CVE-2023-1815 Stable Channel Update for Desktop CVE-2023-1815: Use after free in Networking APIs. Reported by DDV_UA on 2021-12-10 [$1000][ 1413919 ] Medium CVE-2023-1816: Incorrect security UI in Picture In Picture Reported by NDevTK on 2023-02-08 [$1000][ 1418061 ] Medium CVE-2023-1817: Insufficient policy enforcement in Intents Severity: medium

CVE-2023-2311 [MEDIUM] Stable Channel Update for Desktop: CVE-2023-2311 Stable Channel Update for Desktop CVE-2023-2311: Insufficient policy enforcement in File System API. Reported by Axel Chong on 2022-08-19 [$NA][ 1223346 ] Medium CVE-2023-1818: Use after free in Vulkan Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research, Eric Lawrence, Microsoft, Patrick Walker (@HomeSen), and Kirtikumar Anandrao Ramchandani on 2021-06-24 [$NA][ 1406588 ] Medium CVE-2023-1819: Out of

CVE-2023-1823 [LOW] Stable Channel Update for Desktop: CVE-2023-1823 Stable Channel Update for Desktop CVE-2023-1823: Inappropriate implementation in FedCM. Reported by Jasper Rebane (popstonia) on 2023-01-13 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel Severity: low

CVE-2023-1220 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-1220 Long Term Support Channel Update for ChromeOS CVE-2023-1220

CVE-2023-0931 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-0931 Long Term Support Channel Update for ChromeOS CVE-2023-0931

CVE-2023-1215 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-1215 Long Term Support Channel Update for ChromeOS CVE-2023-1215

CVE-2023-0941 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-0941 Long Term Support Channel Update for ChromeOS CVE-2023-0941

CVE-2023-1219 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-1219 Long Term Support Channel Update for ChromeOS CVE-2023-1219

CVE-2023-1218 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-1218 Long Term Support Channel Update for ChromeOS CVE-2023-1218

CVE-2023-1531 [HIGH] Stable Channel Update for Desktop: CVE-2023-1531 Stable Channel Update for Desktop CVE-2023-1531: Use after free in ANGLE. Reported by Piotr Bania of Cisco Talos on 2023-02-13 [$NA][ 1421268 ] High CVE-2023-1532: Out of bounds read in GPU Video Reported by Mark Brand of Google Project Zero on 2023-03-03 [$TBD][ 1422183 ] High CVE-2023-1533: Use after free in WebProtect Severity: high

CVE-2023-1227 [HIGH] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2023-1227 Stable Channel Update for ChromeOS / ChromeOS Flex CVE-2023-1227

CVE-2023-1216 [HIGH] Stable Channel Update for Desktop: CVE-2023-1216 Stable Channel Update for Desktop CVE-2023-1216: Use after free in DevTools. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2023-02-21 [$3000][ 1412658 ] High CVE-2023-1217: Stack buffer overflow in Crash reporting Reported by sunburst of Ant Group Tianqiong Security Lab on 2023-02-03 [$3000][ 1413628 ] High CVE-2023-1218: Use after free in WebRTC Severity: high

CVE-2023-1213 [HIGH] Stable Channel Update for Desktop: CVE-2023-1213 Stable Channel Update for Desktop CVE-2023-1213: Use after free in Swiftshader. Reported by Jaehun Jeong(@n3sk) of Theori on 2023-01-30 [$10000][ 1412487 ] High CVE-2023-1214: Type Confusion in V8 Reported by Man Yue Mo of GitHub Security Lab on 2023-02-03 [$7000][ 1417176 ] High CVE-2023-1215: Type Confusion in CSS Severity: high

CVE-2023-1222 [MEDIUM] Stable Channel Update for Desktop: CVE-2023-1222 Stable Channel Update for Desktop CVE-2023-1222: Heap buffer overflow in Web Audio API. Reported by Cassidy Kim(@cassidy6564) on 2022-12-24 [$5000][ 1398579 ] Medium CVE-2023-1223: Insufficient policy enforcement in Autofill Reported by Ahmed ElMasry on 2022-12-07 [$5000][ 1403539 ] Medium CVE-2023-1224: Insufficient policy enforcement in Web Payments API Severity: medium