Vulnerability from csaf_opensuse
Published
2022-06-03 09:26
Modified
2022-06-03 09:26
Summary
Security update for chromium
Notes
Title of the patch
Security update for chromium
Description of the patch
This update for chromium fixes the following issues:
Chromium 102.0.5001.61 (boo#1199893)
* CVE-2022-1853: Use after free in Indexed DB
* CVE-2022-1854: Use after free in ANGLE
* CVE-2022-1855: Use after free in Messaging
* CVE-2022-1856: Use after free in User Education
* CVE-2022-1857: Insufficient policy enforcement in File System API
* CVE-2022-1858: Out of bounds read in DevTools
* CVE-2022-1859: Use after free in Performance Manager
* CVE-2022-1860: Use after free in UI Foundations
* CVE-2022-1861: Use after free in Sharing
* CVE-2022-1862: Inappropriate implementation in Extensions
* CVE-2022-1863: Use after free in Tab Groups
* CVE-2022-1864: Use after free in WebApp Installs
* CVE-2022-1865: Use after free in Bookmarks
* CVE-2022-1866: Use after free in Tablet Mode
* CVE-2022-1867: Insufficient validation of untrusted input in Data Transfer
* CVE-2022-1868: Inappropriate implementation in Extensions API
* CVE-2022-1869: Type Confusion in V8
* CVE-2022-1870: Use after free in App Service
* CVE-2022-1871: Insufficient policy enforcement in File System API
* CVE-2022-1872: Insufficient policy enforcement in Extensions API
* CVE-2022-1873: Insufficient policy enforcement in COOP
* CVE-2022-1874: Insufficient policy enforcement in Safe Browsing
* CVE-2022-1875: Inappropriate implementation in PDF
* CVE-2022-1876: Heap buffer overflow in DevTools
- Chromium 101.0.4951.67
* fixes for other platforms
Patchnames
openSUSE-2022-10005
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for chromium",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for chromium fixes the following issues:\n\nChromium 102.0.5001.61 (boo#1199893)\n\n* CVE-2022-1853: Use after free in Indexed DB\n* CVE-2022-1854: Use after free in ANGLE\n* CVE-2022-1855: Use after free in Messaging\n* CVE-2022-1856: Use after free in User Education\n* CVE-2022-1857: Insufficient policy enforcement in File System API\n* CVE-2022-1858: Out of bounds read in DevTools\n* CVE-2022-1859: Use after free in Performance Manager\n* CVE-2022-1860: Use after free in UI Foundations\n* CVE-2022-1861: Use after free in Sharing\n* CVE-2022-1862: Inappropriate implementation in Extensions\n* CVE-2022-1863: Use after free in Tab Groups\n* CVE-2022-1864: Use after free in WebApp Installs\n* CVE-2022-1865: Use after free in Bookmarks\n* CVE-2022-1866: Use after free in Tablet Mode\n* CVE-2022-1867: Insufficient validation of untrusted input in Data Transfer\n* CVE-2022-1868: Inappropriate implementation in Extensions API\n* CVE-2022-1869: Type Confusion in V8\n* CVE-2022-1870: Use after free in App Service\n* CVE-2022-1871: Insufficient policy enforcement in File System API\n* CVE-2022-1872: Insufficient policy enforcement in Extensions API\n* CVE-2022-1873: Insufficient policy enforcement in COOP\n* CVE-2022-1874: Insufficient policy enforcement in Safe Browsing\n* CVE-2022-1875: Inappropriate implementation in PDF\n* CVE-2022-1876: Heap buffer overflow in DevTools\n\n- Chromium 101.0.4951.67\n\n * fixes for other platforms\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2022-10005",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_10005-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2022:10005-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JSMLLTNKJ3TPX4NE3EBN2DITMAJNWNB6/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2022:10005-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JSMLLTNKJ3TPX4NE3EBN2DITMAJNWNB6/"
},
{
"category": "self",
"summary": "SUSE Bug 1199893",
"url": "https://bugzilla.suse.com/1199893"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1853 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1854 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1855 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1856 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1857 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1858 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1859 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1860 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1861 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1862 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1863 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1864 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1865 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1866 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1867 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1868 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1869 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1870 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1871 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1872 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1873 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1874 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1875 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1876 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1876/"
}
],
"title": "Security update for chromium",
"tracking": {
"current_release_date": "2022-06-03T09:26:22Z",
"generator": {
"date": "2022-06-03T09:26:22Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2022:10005-1",
"initial_release_date": "2022-06-03T09:26:22Z",
"revision_history": [
{
"date": "2022-06-03T09:26:22Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"product": {
"name": "chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"product_id": "chromedriver-102.0.5005.61-bp154.2.5.3.aarch64"
}
},
{
"category": "product_version",
"name": "chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"product": {
"name": "chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"product_id": "chromium-102.0.5005.61-bp154.2.5.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"product": {
"name": "chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"product_id": "chromedriver-102.0.5005.61-bp154.2.5.3.x86_64"
}
},
{
"category": "product_version",
"name": "chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"product": {
"name": "chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"product_id": "chromium-102.0.5005.61-bp154.2.5.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP4",
"product": {
"name": "SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-102.0.5005.61-bp154.2.5.3.aarch64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64"
},
"product_reference": "chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-102.0.5005.61-bp154.2.5.3.x86_64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64"
},
"product_reference": "chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-102.0.5005.61-bp154.2.5.3.aarch64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64"
},
"product_reference": "chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-102.0.5005.61-bp154.2.5.3.x86_64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
},
"product_reference": "chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-102.0.5005.61-bp154.2.5.3.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64"
},
"product_reference": "chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-102.0.5005.61-bp154.2.5.3.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64"
},
"product_reference": "chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-102.0.5005.61-bp154.2.5.3.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64"
},
"product_reference": "chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-102.0.5005.61-bp154.2.5.3.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
},
"product_reference": "chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1853"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Indexed DB in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1853",
"url": "https://www.suse.com/security/cve/CVE-2022-1853"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1853",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1853"
},
{
"cve": "CVE-2022-1854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1854"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1854",
"url": "https://www.suse.com/security/cve/CVE-2022-1854"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1854",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1854"
},
{
"cve": "CVE-2022-1855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1855"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1855",
"url": "https://www.suse.com/security/cve/CVE-2022-1855"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1855",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1855"
},
{
"cve": "CVE-2022-1856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1856"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in User Education in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension or specific user interaction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1856",
"url": "https://www.suse.com/security/cve/CVE-2022-1856"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1856",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1856"
},
{
"cve": "CVE-2022-1857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1857"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1857",
"url": "https://www.suse.com/security/cve/CVE-2022-1857"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1857",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1857"
},
{
"cve": "CVE-2022-1858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1858"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds read in DevTools in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform an out of bounds memory read via specific user interaction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1858",
"url": "https://www.suse.com/security/cve/CVE-2022-1858"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1858",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1858"
},
{
"cve": "CVE-2022-1859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1859"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Performance Manager in Google Chrome prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1859",
"url": "https://www.suse.com/security/cve/CVE-2022-1859"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1859",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1859"
},
{
"cve": "CVE-2022-1860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1860"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user interactions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1860",
"url": "https://www.suse.com/security/cve/CVE-2022-1860"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1860",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1860"
},
{
"cve": "CVE-2022-1861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1861"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific user interaction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1861",
"url": "https://www.suse.com/security/cve/CVE-2022-1861"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1861",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1861"
},
{
"cve": "CVE-2022-1862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1862"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in Extensions in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass profile restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1862",
"url": "https://www.suse.com/security/cve/CVE-2022-1862"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1862",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1862"
},
{
"cve": "CVE-2022-1863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1863"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1863",
"url": "https://www.suse.com/security/cve/CVE-2022-1863"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1863",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1863"
},
{
"cve": "CVE-2022-1864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1864"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1864",
"url": "https://www.suse.com/security/cve/CVE-2022-1864"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1864",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1864"
},
{
"cve": "CVE-2022-1865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1865"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1865",
"url": "https://www.suse.com/security/cve/CVE-2022-1865"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1865",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1865"
},
{
"cve": "CVE-2022-1866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1866"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1866",
"url": "https://www.suse.com/security/cve/CVE-2022-1866"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1866",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1866"
},
{
"cve": "CVE-2022-1867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1867"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass same origin policy via a crafted clipboard content.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1867",
"url": "https://www.suse.com/security/cve/CVE-2022-1867"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1867",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1867"
},
{
"cve": "CVE-2022-1868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1868"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1868",
"url": "https://www.suse.com/security/cve/CVE-2022-1868"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1868",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1868"
},
{
"cve": "CVE-2022-1869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1869"
}
],
"notes": [
{
"category": "general",
"text": "Type Confusion in V8 in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1869",
"url": "https://www.suse.com/security/cve/CVE-2022-1869"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1869",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1869"
},
{
"cve": "CVE-2022-1870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1870"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1870",
"url": "https://www.suse.com/security/cve/CVE-2022-1870"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1870",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1870"
},
{
"cve": "CVE-2022-1871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1871"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1871",
"url": "https://www.suse.com/security/cve/CVE-2022-1871"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1871",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1871"
},
{
"cve": "CVE-2022-1872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1872"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1872",
"url": "https://www.suse.com/security/cve/CVE-2022-1872"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1872",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1872"
},
{
"cve": "CVE-2022-1873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1873"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1873",
"url": "https://www.suse.com/security/cve/CVE-2022-1873"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1873",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1873"
},
{
"cve": "CVE-2022-1874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1874"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1874",
"url": "https://www.suse.com/security/cve/CVE-2022-1874"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1874",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1874"
},
{
"cve": "CVE-2022-1875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1875"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1875",
"url": "https://www.suse.com/security/cve/CVE-2022-1875"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1875",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1875"
},
{
"cve": "CVE-2022-1876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1876"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1876",
"url": "https://www.suse.com/security/cve/CVE-2022-1876"
},
{
"category": "external",
"summary": "SUSE Bug 1199893 for CVE-2022-1876",
"url": "https://bugzilla.suse.com/1199893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"SUSE Package Hub 15 SP4:chromium-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromedriver-102.0.5005.61-bp154.2.5.3.x86_64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.aarch64",
"openSUSE Leap 15.4:chromium-102.0.5005.61-bp154.2.5.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T09:26:22Z",
"details": "critical"
}
],
"title": "CVE-2022-1876"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.