Vulnerability-Lookup

CVE-2022-3195 (GCVE-0-2022-3195)

Vulnerability from cvelistv5 – Published: 2022-09-26 00:00 – Updated: 2025-05-22 14:25

Summary

Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Out of bounds write

Assigner

Chrome

References

4 references

URL	Tags
https://crbug.com/1358381
https://chromereleases.googleblog.com/2022/09/sta…
https://security.gentoo.org/glsa/202209-23
https://lists.fedoraproject.org/archives/list/pac…

Impacted products

1 product

Vendor	Product	Version
Google	Chrome	Affected: unspecified , < 105.0.5195.125 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:00:10.600Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://crbug.com/1358381"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202209-23"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-3195",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-22T14:24:50.377227Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-22T14:25:23.886Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://issues.chromium.org/issues/40060728"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Chrome",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "105.0.5195.125",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Out of bounds write",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-10T00:00:00.000Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "url": "https://crbug.com/1358381"
        },
        {
          "url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
        },
        {
          "url": "https://security.gentoo.org/glsa/202209-23"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2022-3195",
    "datePublished": "2022-09-26T00:00:00.000Z",
    "dateReserved": "2022-09-13T00:00:00.000Z",
    "dateUpdated": "2025-05-22T14:25:23.886Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-3195",
      "date": "2026-05-19",
      "epss": "0.00955",
      "percentile": "0.76643"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"105.0.5195.125\", \"matchCriteriaId\": \"F07DA0CA-C55B-4A5E-839A-AB2B19D0CB0A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)\"}, {\"lang\": \"es\", \"value\": \"Una escritura fuera de l\\u00edmites en Storage en Google Chrome versiones anteriores a 105.0.5195.125, permit\\u00eda a un atacante remoto llevar a cabo una escritura en memoria fuera de l\\u00edmites por medio de una p\\u00e1gina HTML dise\\u00f1ada. (Gravedad de seguridad de Chromium: Alta)\"}]",
      "id": "CVE-2022-3195",
      "lastModified": "2024-11-21T07:19:01.363",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2022-09-26T16:15:13.517",
      "references": "[{\"url\": \"https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html\", \"source\": \"chrome-cve-admin@google.com\", \"tags\": [\"Patch\", \"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://crbug.com/1358381\", \"source\": \"chrome-cve-admin@google.com\", \"tags\": [\"Permissions Required\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/\", \"source\": \"chrome-cve-admin@google.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202209-23\", \"source\": \"chrome-cve-admin@google.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://crbug.com/1358381\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202209-23\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "chrome-cve-admin@google.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-3195\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2022-09-26T16:15:13.517\",\"lastModified\":\"2025-05-22T15:15:59.530\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)\"},{\"lang\":\"es\",\"value\":\"Una escritura fuera de l\u00edmites en Storage en Google Chrome versiones anteriores a 105.0.5195.125, permit\u00eda a un atacante remoto llevar a cabo una escritura en memoria fuera de l\u00edmites por medio de una p\u00e1gina HTML dise\u00f1ada. (Gravedad de seguridad de Chromium: Alta)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"105.0.5195.125\",\"matchCriteriaId\":\"F07DA0CA-C55B-4A5E-839A-AB2B19D0CB0A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"}]}]}],\"references\":[{\"url\":\"https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Patch\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1358381\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202209-23\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1358381\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202209-23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.chromium.org/issues/40060728\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://crbug.com/1358381\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202209-23\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T01:00:10.600Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-3195\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-22T14:24:50.377227Z\"}}}], \"references\": [{\"url\": \"https://issues.chromium.org/issues/40060728\", \"tags\": [\"exploit\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-22T14:25:18.563Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Google\", \"product\": \"Chrome\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"105.0.5195.125\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://crbug.com/1358381\"}, {\"url\": \"https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html\"}, {\"url\": \"https://security.gentoo.org/glsa/202209-23\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Out of bounds write\"}]}], \"providerMetadata\": {\"orgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"shortName\": \"Chrome\", \"dateUpdated\": \"2022-11-10T00:00:00.000Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-3195\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-22T14:25:23.886Z\", \"dateReserved\": \"2022-09-13T00:00:00.000Z\", \"assignerOrgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"datePublished\": \"2022-09-26T00:00:00.000Z\", \"assignerShortName\": \"Chrome\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2022-AVI-825

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Google	Chrome	Chrome 105.0.5195.125 sur Mac et Linux
	Google	Chrome	Chrome 105.0.5195.125/126/127 sur Windows

References

Title

Publication Time

Tags

Bulletin de sécurité Google du 14 septembre 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Chrome 105.0.5195.125 sur Mac et Linux",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    },
    {
      "description": "Chrome 105.0.5195.125/126/127 sur Windows",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-3196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3196"
    },
    {
      "name": "CVE-2022-3197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3197"
    },
    {
      "name": "CVE-2022-3199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3199"
    },
    {
      "name": "CVE-2022-3201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3201"
    },
    {
      "name": "CVE-2022-3200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3200"
    },
    {
      "name": "CVE-2022-3198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3198"
    },
    {
      "name": "CVE-2022-3195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3195"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-825",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-09-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Chrome.\nElles permettent \u00e0 un attaquant de provoquer un contournement de la\npolitique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Google du 14 septembre 2022",
      "url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
    }
  ]
}

CERTFR-2022-AVI-830

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	Edge	Microsoft Edge versions antérieures à 105.0.1343.42

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2022-3199 du 15 septembre 2022	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2022-3200 du 15 septembre 2022	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2022-3195 du 15 septembre 2022	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2022-3198 du 15 septembre 2022	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2022-3197 du 15 septembre 2022	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2022-3196 du 15 septembre 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Edge versions ant\u00e9rieures \u00e0 105.0.1343.42",
      "product": {
        "name": "Edge",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-3196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3196"
    },
    {
      "name": "CVE-2022-3197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3197"
    },
    {
      "name": "CVE-2022-3199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3199"
    },
    {
      "name": "CVE-2022-3200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3200"
    },
    {
      "name": "CVE-2022-3198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3198"
    },
    {
      "name": "CVE-2022-3195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3195"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-830",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-09-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Edge.\nElles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-3199 du 15 septembre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3199"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-3200 du 15 septembre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3200"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-3195 du 15 septembre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3195"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-3198 du 15 septembre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3198"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-3197 du 15 septembre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3197"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-3196 du 15 septembre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3196"
    }
  ]
}

CERTFR-2022-AVI-825

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Google	Chrome	Chrome 105.0.5195.125 sur Mac et Linux
	Google	Chrome	Chrome 105.0.5195.125/126/127 sur Windows

References

Title

Publication Time

Tags

Bulletin de sécurité Google du 14 septembre 2022

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Chrome 105.0.5195.125 sur Mac et Linux",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    },
    {
      "description": "Chrome 105.0.5195.125/126/127 sur Windows",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-3196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3196"
    },
    {
      "name": "CVE-2022-3197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3197"
    },
    {
      "name": "CVE-2022-3199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3199"
    },
    {
      "name": "CVE-2022-3201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3201"
    },
    {
      "name": "CVE-2022-3200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3200"
    },
    {
      "name": "CVE-2022-3198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3198"
    },
    {
      "name": "CVE-2022-3195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3195"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-825",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-09-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Chrome.\nElles permettent \u00e0 un attaquant de provoquer un contournement de la\npolitique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Google du 14 septembre 2022",
      "url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
    }
  ]
}

CERTFR-2022-AVI-830

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	Edge	Microsoft Edge versions antérieures à 105.0.1343.42

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2022-3199 du 15 septembre 2022	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2022-3200 du 15 septembre 2022	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2022-3195 du 15 septembre 2022	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2022-3198 du 15 septembre 2022	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2022-3197 du 15 septembre 2022	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2022-3196 du 15 septembre 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Edge versions ant\u00e9rieures \u00e0 105.0.1343.42",
      "product": {
        "name": "Edge",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-3196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3196"
    },
    {
      "name": "CVE-2022-3197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3197"
    },
    {
      "name": "CVE-2022-3199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3199"
    },
    {
      "name": "CVE-2022-3200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3200"
    },
    {
      "name": "CVE-2022-3198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3198"
    },
    {
      "name": "CVE-2022-3195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3195"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-830",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-09-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Edge.\nElles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-3199 du 15 septembre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3199"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-3200 du 15 septembre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3200"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-3195 du 15 septembre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3195"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-3198 du 15 septembre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3198"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-3197 du 15 septembre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3197"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2022-3196 du 15 septembre 2022",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3196"
    }
  ]
}

BDU:2022-06536

Vulnerability from fstec - Published: 14.09.2022

Title

Уязвимость хранилища Storage браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Description

Уязвимость хранилища Storage браузера Google Chrome связана с записью за границами буфера. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации с помощью специально сформированной HTML-страницы

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vendor

ООО «РусБИТех-Астра», Google Inc, АО "НППКТ", АО «Концерн ВНИИНС»

Software Name

Astra Linux Special Edition (запись в едином реестре российских программ №369), Google Chrome, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)

Software Version

1.6 «Смоленск» (Astra Linux Special Edition), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), до 105.0.5195.125 (Google Chrome), до 2.6 (ОСОН ОСнова Оnyx), до 16.01.2023 (ОС ОН «Стрелец»)

Possible Mitigations

Использование рекомендаций производителя: https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html Для ОСОН ОСнова Оnyx: Обновление программного обеспечения chromium до версии 107.0.5304.87+repack-1~deb11u1.osnova1 Для Astra Linux Special Edition 1.7: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17 Для Astra Linux Special Edition 4.7: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47 Для ОС Astra Linux: использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20221220SE16 Для ОС Astra Linux Special Edition 1.7: использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1221SE17MD Для ОС Astra Linux Special Edition 4.7 для архитектуры ARM: использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0131SE47MD Для ОС ОН «Стрелец»: Обновление программного обеспечения chromium до версии 105.0.5195.125+repack2-1~deb11u1.osnova1.strelets

Reference

https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html https://nvd.nist.gov/vuln/detail/CVE-2022-3195 https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.6/ https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17 https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47 https://wiki.astralinux.ru/astra-linux-se16-bulletin-20221220SE16 https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1221SE17MD https://wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0131SE47MD https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023

CWE

CWE-787

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Google Inc, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), \u0434\u043e 105.0.5195.125 (Google Chrome), \u0434\u043e 2.6 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f chromium \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 107.0.5304.87+repack-1~deb11u1.osnova1\n\n\u0414\u043b\u044f Astra Linux Special Edition 1.7: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20221220SE16\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux Special Edition 1.7:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1221SE17MD\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux Special Edition 4.7 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0131SE47MD\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f chromium \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 105.0.5195.125+repack2-1~deb11u1.osnova1.strelets",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.09.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.11.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "31.10.2022",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-06536",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-3195",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Google Chrome, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux - , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Apple Inc. MacOS - , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.6  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 Storage \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Google Chrome, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 Storage \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Google Chrome \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 HTML-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-3195\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.6/\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1110SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-1121SE47\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20221220SE16\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2022-1221SE17MD\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0131SE47MD\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-787",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}

FKIE_CVE-2022-3195

Vulnerability from fkie_nvd - Published: 2022-09-26 16:15 - Updated: 2025-05-22 15:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

References

URL	Tags
chrome-cve-admin@google.com	https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html	Patch, Release Notes, Vendor Advisory
chrome-cve-admin@google.com	https://crbug.com/1358381	Permissions Required, Vendor Advisory
chrome-cve-admin@google.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/	Mailing List, Third Party Advisory
chrome-cve-admin@google.com	https://security.gentoo.org/glsa/202209-23	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html	Patch, Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://crbug.com/1358381	Permissions Required, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202209-23	Third Party Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://issues.chromium.org/issues/40060728

Impacted products

	Vendor	Product	Version
	google	chrome	*
	fedoraproject	fedora	37

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F07DA0CA-C55B-4A5E-839A-AB2B19D0CB0A",
              "versionEndExcluding": "105.0.5195.125",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)"
    },
    {
      "lang": "es",
      "value": "Una escritura fuera de l\u00edmites en Storage en Google Chrome versiones anteriores a 105.0.5195.125, permit\u00eda a un atacante remoto llevar a cabo una escritura en memoria fuera de l\u00edmites por medio de una p\u00e1gina HTML dise\u00f1ada. (Gravedad de seguridad de Chromium: Alta)"
    }
  ],
  "id": "CVE-2022-3195",
  "lastModified": "2025-05-22T15:15:59.530",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-09-26T16:15:13.517",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Patch",
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://crbug.com/1358381"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202209-23"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://crbug.com/1358381"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202209-23"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://issues.chromium.org/issues/40060728"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-M2PV-FF2Q-QXXJ

Vulnerability from github – Published: 2022-09-27 00:00 – Updated: 2025-05-22 15:34

Details

Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-3195"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-26T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.",
  "id": "GHSA-m2pv-ff2q-qxxj",
  "modified": "2025-05-22T15:34:43Z",
  "published": "2022-09-27T00:00:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3195"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/1358381"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/40060728"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202209-23"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-3195

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Aliases

CVE-2022-3195

Aliases

CVE-2022-3195

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-3195",
    "id": "GSD-2022-3195",
    "references": [
      "https://www.debian.org/security/2022/dsa-5230",
      "https://www.suse.com/security/cve/CVE-2022-3195.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-3195"
      ],
      "details": "Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)",
      "id": "GSD-2022-3195",
      "modified": "2023-12-13T01:19:40.184827Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "chrome-cve-admin@google.com",
        "ID": "CVE-2022-3195",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Chrome",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "105.0.5195.125"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Google"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Out of bounds write"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://crbug.com/1358381",
            "refsource": "MISC",
            "url": "https://crbug.com/1358381"
          },
          {
            "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html",
            "refsource": "MISC",
            "url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
          },
          {
            "name": "https://security.gentoo.org/glsa/202209-23",
            "refsource": "MISC",
            "url": "https://security.gentoo.org/glsa/202209-23"
          },
          {
            "name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
            "refsource": "MISC",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "105.0.5195.125",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "chrome-cve-admin@google.com",
          "ID": "CVE-2022-3195"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Release Notes",
                "Vendor Advisory"
              ],
              "url": "https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html"
            },
            {
              "name": "https://crbug.com/1358381",
              "refsource": "MISC",
              "tags": [
                "Permissions Required",
                "Vendor Advisory"
              ],
              "url": "https://crbug.com/1358381"
            },
            {
              "name": "GLSA-202209-23",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202209-23"
            },
            {
              "name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/",
              "refsource": "MISC",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-01-19T03:23Z",
      "publishedDate": "2022-09-26T16:15Z"
    }
  }
}

OPENSUSE-SU-2022:10123-1

Vulnerability from csaf_opensuse - Published: 2022-09-16 23:09 - Updated: 2022-09-16 23:09

Summary

Security update for chromium

Severity

Important

Notes

Title of the patch: Security update for chromium

Description of the patch: This update for chromium fixes the following issues: Chromium 105.0.5195.127 (boo#1203419): * CVE-2022-3195: Out of bounds write in Storage * CVE-2022-3196: Use after free in PDF * CVE-2022-3197: Use after free in PDF * CVE-2022-3198: Use after free in PDF * CVE-2022-3199: Use after free in Frames * CVE-2022-3200: Heap buffer overflow in Internals * CVE-2022-3201: Insufficient validation of untrusted input in DevTools * Various fixes from internal audits, fuzzing and other initiatives

Patchnames: openSUSE-2022-10123

CVE-2022-3195

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-3196

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-3197

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-3198

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-3199

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-3200

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-3201

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Affected products

Recommended 16 products

Product	Version	Remediation
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64	—	Vendor Fix

Threats

Impact important

References

27 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://lists.opensuse.org/archives/list/security…	self
https://lists.opensuse.org/archives/list/security…	self
https://bugzilla.suse.com/1203419	self
https://www.suse.com/security/cve/CVE-2022-3195/	self
https://www.suse.com/security/cve/CVE-2022-3196/	self
https://www.suse.com/security/cve/CVE-2022-3197/	self
https://www.suse.com/security/cve/CVE-2022-3198/	self
https://www.suse.com/security/cve/CVE-2022-3199/	self
https://www.suse.com/security/cve/CVE-2022-3200/	self
https://www.suse.com/security/cve/CVE-2022-3201/	self
https://www.suse.com/security/cve/CVE-2022-3195	external
https://bugzilla.suse.com/1203419	external
https://www.suse.com/security/cve/CVE-2022-3196	external
https://bugzilla.suse.com/1203419	external
https://www.suse.com/security/cve/CVE-2022-3197	external
https://bugzilla.suse.com/1203419	external
https://www.suse.com/security/cve/CVE-2022-3198	external
https://bugzilla.suse.com/1203419	external
https://www.suse.com/security/cve/CVE-2022-3199	external
https://bugzilla.suse.com/1203419	external
https://www.suse.com/security/cve/CVE-2022-3200	external
https://bugzilla.suse.com/1203419	external
https://www.suse.com/security/cve/CVE-2022-3201	external
https://bugzilla.suse.com/1203419	external
https://bugzilla.suse.com/1203808	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for chromium",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for chromium fixes the following issues:\n\nChromium 105.0.5195.127 (boo#1203419):\n\n* CVE-2022-3195: Out of bounds write in Storage\n* CVE-2022-3196: Use after free in PDF\n* CVE-2022-3197: Use after free in PDF\n* CVE-2022-3198: Use after free in PDF\n* CVE-2022-3199: Use after free in Frames\n* CVE-2022-3200: Heap buffer overflow in Internals\n* CVE-2022-3201: Insufficient validation of untrusted input in DevTools\n* Various fixes from internal audits, fuzzing and other initiatives\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-2022-10123",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_10123-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2022:10123-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/D2I7OF5TIFM7EAD27EFGQPLCZSCREBGJ/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2022:10123-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/D2I7OF5TIFM7EAD27EFGQPLCZSCREBGJ/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1203419",
        "url": "https://bugzilla.suse.com/1203419"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3195 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3195/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3196 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3196/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3197 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3197/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3198 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3198/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3199 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3199/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3200 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3200/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3201 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3201/"
      }
    ],
    "title": "Security update for chromium",
    "tracking": {
      "current_release_date": "2022-09-16T23:09:12Z",
      "generator": {
        "date": "2022-09-16T23:09:12Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2022:10123-1",
      "initial_release_date": "2022-09-16T23:09:12Z",
      "revision_history": [
        {
          "date": "2022-09-16T23:09:12Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
                "product": {
                  "name": "chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
                  "product_id": "chromedriver-105.0.5195.127-bp154.2.29.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "chromium-105.0.5195.127-bp154.2.29.1.aarch64",
                "product": {
                  "name": "chromium-105.0.5195.127-bp154.2.29.1.aarch64",
                  "product_id": "chromium-105.0.5195.127-bp154.2.29.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
                "product": {
                  "name": "chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
                  "product_id": "chromedriver-105.0.5195.127-bp154.2.29.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "chromium-105.0.5195.127-bp154.2.29.1.x86_64",
                "product": {
                  "name": "chromium-105.0.5195.127-bp154.2.29.1.x86_64",
                  "product_id": "chromium-105.0.5195.127-bp154.2.29.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Package Hub 15 SP3",
                "product": {
                  "name": "SUSE Package Hub 15 SP3",
                  "product_id": "SUSE Package Hub 15 SP3"
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Package Hub 15 SP4",
                "product": {
                  "name": "SUSE Package Hub 15 SP4",
                  "product_id": "SUSE Package Hub 15 SP4"
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.3",
                "product": {
                  "name": "openSUSE Leap 15.3",
                  "product_id": "openSUSE Leap 15.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.4",
                "product": {
                  "name": "openSUSE Leap 15.4",
                  "product_id": "openSUSE Leap 15.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-105.0.5195.127-bp154.2.29.1.aarch64 as component of SUSE Package Hub 15 SP3",
          "product_id": "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64"
        },
        "product_reference": "chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-105.0.5195.127-bp154.2.29.1.x86_64 as component of SUSE Package Hub 15 SP3",
          "product_id": "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64"
        },
        "product_reference": "chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-105.0.5195.127-bp154.2.29.1.aarch64 as component of SUSE Package Hub 15 SP3",
          "product_id": "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64"
        },
        "product_reference": "chromium-105.0.5195.127-bp154.2.29.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-105.0.5195.127-bp154.2.29.1.x86_64 as component of SUSE Package Hub 15 SP3",
          "product_id": "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
        },
        "product_reference": "chromium-105.0.5195.127-bp154.2.29.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-105.0.5195.127-bp154.2.29.1.aarch64 as component of SUSE Package Hub 15 SP4",
          "product_id": "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64"
        },
        "product_reference": "chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-105.0.5195.127-bp154.2.29.1.x86_64 as component of SUSE Package Hub 15 SP4",
          "product_id": "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64"
        },
        "product_reference": "chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-105.0.5195.127-bp154.2.29.1.aarch64 as component of SUSE Package Hub 15 SP4",
          "product_id": "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64"
        },
        "product_reference": "chromium-105.0.5195.127-bp154.2.29.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-105.0.5195.127-bp154.2.29.1.x86_64 as component of SUSE Package Hub 15 SP4",
          "product_id": "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
        },
        "product_reference": "chromium-105.0.5195.127-bp154.2.29.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-105.0.5195.127-bp154.2.29.1.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64"
        },
        "product_reference": "chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-105.0.5195.127-bp154.2.29.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64"
        },
        "product_reference": "chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-105.0.5195.127-bp154.2.29.1.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64"
        },
        "product_reference": "chromium-105.0.5195.127-bp154.2.29.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-105.0.5195.127-bp154.2.29.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
        },
        "product_reference": "chromium-105.0.5195.127-bp154.2.29.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-105.0.5195.127-bp154.2.29.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64"
        },
        "product_reference": "chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-105.0.5195.127-bp154.2.29.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64"
        },
        "product_reference": "chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-105.0.5195.127-bp154.2.29.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64"
        },
        "product_reference": "chromium-105.0.5195.127-bp154.2.29.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-105.0.5195.127-bp154.2.29.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
        },
        "product_reference": "chromium-105.0.5195.127-bp154.2.29.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-3195",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3195"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3195",
          "url": "https://www.suse.com/security/cve/CVE-2022-3195"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3195",
          "url": "https://bugzilla.suse.com/1203419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-09-16T23:09:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3195"
    },
    {
      "cve": "CVE-2022-3196",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3196"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3196",
          "url": "https://www.suse.com/security/cve/CVE-2022-3196"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3196",
          "url": "https://bugzilla.suse.com/1203419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-09-16T23:09:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3196"
    },
    {
      "cve": "CVE-2022-3197",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3197"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3197",
          "url": "https://www.suse.com/security/cve/CVE-2022-3197"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3197",
          "url": "https://bugzilla.suse.com/1203419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-09-16T23:09:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3197"
    },
    {
      "cve": "CVE-2022-3198",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3198"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3198",
          "url": "https://www.suse.com/security/cve/CVE-2022-3198"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3198",
          "url": "https://bugzilla.suse.com/1203419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-09-16T23:09:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3198"
    },
    {
      "cve": "CVE-2022-3199",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3199"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3199",
          "url": "https://www.suse.com/security/cve/CVE-2022-3199"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3199",
          "url": "https://bugzilla.suse.com/1203419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-09-16T23:09:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3199"
    },
    {
      "cve": "CVE-2022-3200",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3200"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3200",
          "url": "https://www.suse.com/security/cve/CVE-2022-3200"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3200",
          "url": "https://bugzilla.suse.com/1203419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-09-16T23:09:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3200"
    },
    {
      "cve": "CVE-2022-3201",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3201"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
          "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3201",
          "url": "https://www.suse.com/security/cve/CVE-2022-3201"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3201",
          "url": "https://bugzilla.suse.com/1203419"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203808 for CVE-2022-3201",
          "url": "https://bugzilla.suse.com/1203808"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "SUSE Package Hub 15 SP4:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.3:chromium-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromedriver-105.0.5195.127-bp154.2.29.1.x86_64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.aarch64",
            "openSUSE Leap 15.4:chromium-105.0.5195.127-bp154.2.29.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-09-16T23:09:12Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3201"
    }
  ]
}

OPENSUSE-SU-2024:12333-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

chromedriver-105.0.5195.127-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: chromedriver-105.0.5195.127-1.1 on GA media

Description of the patch: These are all security issues fixed in the chromedriver-105.0.5195.127-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-12333

CVE-2022-3195

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-3196

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-3197

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-3198

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-3199

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-3200

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-3201

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64	—	Vendor Fix

Threats

Impact important

References

24 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2022-3195/	self
https://www.suse.com/security/cve/CVE-2022-3196/	self
https://www.suse.com/security/cve/CVE-2022-3197/	self
https://www.suse.com/security/cve/CVE-2022-3198/	self
https://www.suse.com/security/cve/CVE-2022-3199/	self
https://www.suse.com/security/cve/CVE-2022-3200/	self
https://www.suse.com/security/cve/CVE-2022-3201/	self
https://www.suse.com/security/cve/CVE-2022-3195	external
https://bugzilla.suse.com/1203419	external
https://www.suse.com/security/cve/CVE-2022-3196	external
https://bugzilla.suse.com/1203419	external
https://www.suse.com/security/cve/CVE-2022-3197	external
https://bugzilla.suse.com/1203419	external
https://www.suse.com/security/cve/CVE-2022-3198	external
https://bugzilla.suse.com/1203419	external
https://www.suse.com/security/cve/CVE-2022-3199	external
https://bugzilla.suse.com/1203419	external
https://www.suse.com/security/cve/CVE-2022-3200	external
https://bugzilla.suse.com/1203419	external
https://www.suse.com/security/cve/CVE-2022-3201	external
https://bugzilla.suse.com/1203419	external
https://bugzilla.suse.com/1203808	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "chromedriver-105.0.5195.127-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the chromedriver-105.0.5195.127-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-12333",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12333-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3195 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3195/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3196 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3196/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3197 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3197/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3198 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3198/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3199 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3199/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3200 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3200/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3201 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3201/"
      }
    ],
    "title": "chromedriver-105.0.5195.127-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:12333-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromedriver-105.0.5195.127-1.1.aarch64",
                "product": {
                  "name": "chromedriver-105.0.5195.127-1.1.aarch64",
                  "product_id": "chromedriver-105.0.5195.127-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "chromium-105.0.5195.127-1.1.aarch64",
                "product": {
                  "name": "chromium-105.0.5195.127-1.1.aarch64",
                  "product_id": "chromium-105.0.5195.127-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromedriver-105.0.5195.127-1.1.ppc64le",
                "product": {
                  "name": "chromedriver-105.0.5195.127-1.1.ppc64le",
                  "product_id": "chromedriver-105.0.5195.127-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "chromium-105.0.5195.127-1.1.ppc64le",
                "product": {
                  "name": "chromium-105.0.5195.127-1.1.ppc64le",
                  "product_id": "chromium-105.0.5195.127-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromedriver-105.0.5195.127-1.1.s390x",
                "product": {
                  "name": "chromedriver-105.0.5195.127-1.1.s390x",
                  "product_id": "chromedriver-105.0.5195.127-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "chromium-105.0.5195.127-1.1.s390x",
                "product": {
                  "name": "chromium-105.0.5195.127-1.1.s390x",
                  "product_id": "chromium-105.0.5195.127-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "chromedriver-105.0.5195.127-1.1.x86_64",
                "product": {
                  "name": "chromedriver-105.0.5195.127-1.1.x86_64",
                  "product_id": "chromedriver-105.0.5195.127-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "chromium-105.0.5195.127-1.1.x86_64",
                "product": {
                  "name": "chromium-105.0.5195.127-1.1.x86_64",
                  "product_id": "chromium-105.0.5195.127-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-105.0.5195.127-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64"
        },
        "product_reference": "chromedriver-105.0.5195.127-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-105.0.5195.127-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le"
        },
        "product_reference": "chromedriver-105.0.5195.127-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-105.0.5195.127-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x"
        },
        "product_reference": "chromedriver-105.0.5195.127-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromedriver-105.0.5195.127-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64"
        },
        "product_reference": "chromedriver-105.0.5195.127-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-105.0.5195.127-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64"
        },
        "product_reference": "chromium-105.0.5195.127-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-105.0.5195.127-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le"
        },
        "product_reference": "chromium-105.0.5195.127-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-105.0.5195.127-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x"
        },
        "product_reference": "chromium-105.0.5195.127-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "chromium-105.0.5195.127-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
        },
        "product_reference": "chromium-105.0.5195.127-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-3195",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3195"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3195",
          "url": "https://www.suse.com/security/cve/CVE-2022-3195"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3195",
          "url": "https://bugzilla.suse.com/1203419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3195"
    },
    {
      "cve": "CVE-2022-3196",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3196"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3196",
          "url": "https://www.suse.com/security/cve/CVE-2022-3196"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3196",
          "url": "https://bugzilla.suse.com/1203419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3196"
    },
    {
      "cve": "CVE-2022-3197",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3197"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3197",
          "url": "https://www.suse.com/security/cve/CVE-2022-3197"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3197",
          "url": "https://bugzilla.suse.com/1203419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3197"
    },
    {
      "cve": "CVE-2022-3198",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3198"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3198",
          "url": "https://www.suse.com/security/cve/CVE-2022-3198"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3198",
          "url": "https://bugzilla.suse.com/1203419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3198"
    },
    {
      "cve": "CVE-2022-3199",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3199"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3199",
          "url": "https://www.suse.com/security/cve/CVE-2022-3199"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3199",
          "url": "https://bugzilla.suse.com/1203419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3199"
    },
    {
      "cve": "CVE-2022-3200",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3200"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3200",
          "url": "https://www.suse.com/security/cve/CVE-2022-3200"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3200",
          "url": "https://bugzilla.suse.com/1203419"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3200"
    },
    {
      "cve": "CVE-2022-3201",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3201"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
          "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3201",
          "url": "https://www.suse.com/security/cve/CVE-2022-3201"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203419 for CVE-2022-3201",
          "url": "https://bugzilla.suse.com/1203419"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203808 for CVE-2022-3201",
          "url": "https://bugzilla.suse.com/1203808"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromedriver-105.0.5195.127-1.1.x86_64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.aarch64",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.ppc64le",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.s390x",
            "openSUSE Tumbleweed:chromium-105.0.5195.127-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3201"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-3195 (GCVE-0-2022-3195)

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature