Описание
Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.
Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-2617
- https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html
- https://crbug.com/1292451
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE
- https://security.gentoo.org/glsa/202208-35
Связанные уязвимости
Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.
Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.
Use after free in Extensions API in Google Chrome prior to 104.0.5112. ...
Уязвимость компонента Extensions API браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю раскрыть защищаемую информацию