High CVE-2022-3075: Insufficient data validation in Mojo.Various fixes from internal audits, fuzzing and other initiatives Low CVE-2022-3058: Use after free in Sign-In Flow.Low CVE-2022-3057: Inappropriate implementation in iframe Sandbox.Low CVE-2022-3056: Insufficient policy enforcement in Content Security Policy.Reported by Weipeng Jiang and Guang Gong of 360 Vulnerability Research Institute on Medium CVE-2022-3055: Use after free in Passwords.Medium CVE-2022-3054: Insufficient policy enforcement in DevTools.Reported by Jesper van den Ende (Pelican Party Studios) on Medium CVE-2022-3053: Inappropriate implementation in Pointer Lock.Medium CVE-2022-3052: Heap buffer overflow in Window Manager.Medium CVE-2022-3051: Heap buffer overflow in Exosphere.Medium CVE-2022-3050: Heap buffer overflow in WebUI.Medium CVE-2022-3049: Use after free in SplitScreen.Medium CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen.Medium CVE-2022-3047: Insufficient policy enforcement in Extensions API.High CVE-2022-3046: Use after free in Browser Tag.High CVE-2022-3045: Insufficient validation of untrusted input in V8.Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on High CVE-2022-3044: Inappropriate implementation in Site Isolation.High CVE-2022-3043: Heap buffer overflow in Screen Capture.Reported by and Guang Gong of 360 Vulnerability Research Institute on High CVE-2022-3042: Use after free in PhoneHub.
Reported by Ziling Chen and Nan of 360 Vulnerability Research Institute on
0 kommentar(er)
