libQt5Pdf5-5.15.12-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:12590 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libQt5Pdf5-5.15.12-1.1 on GA media These are all security issues fixed in the libQt5Pdf5-5.15.12-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-12590 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:12590 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2022-3038/ SUSE CVE CVE-2022-3038 page https://www.suse.com/security/cve/CVE-2022-3040/ SUSE CVE CVE-2022-3040 page https://www.suse.com/security/cve/CVE-2022-3041/ SUSE CVE CVE-2022-3041 page https://www.suse.com/security/cve/CVE-2022-3046/ SUSE CVE CVE-2022-3046 page https://www.suse.com/security/cve/CVE-2022-3075/ SUSE CVE CVE-2022-3075 page https://www.suse.com/security/cve/CVE-2022-3196/ SUSE CVE CVE-2022-3196 page https://www.suse.com/security/cve/CVE-2022-3197/ SUSE CVE CVE-2022-3197 page https://www.suse.com/security/cve/CVE-2022-3198/ SUSE CVE CVE-2022-3198 page https://www.suse.com/security/cve/CVE-2022-3199/ SUSE CVE CVE-2022-3199 page https://www.suse.com/security/cve/CVE-2022-3200/ SUSE CVE CVE-2022-3200 page https://www.suse.com/security/cve/CVE-2022-3201/ SUSE CVE CVE-2022-3201 page https://www.suse.com/security/cve/CVE-2022-3304/ SUSE CVE CVE-2022-3304 page https://www.suse.com/security/cve/CVE-2022-3370/ SUSE CVE CVE-2022-3370 page https://www.suse.com/security/cve/CVE-2022-3373/ SUSE CVE CVE-2022-3373 page https://www.suse.com/security/cve/CVE-2022-3445/ SUSE CVE CVE-2022-3445 page https://www.suse.com/security/cve/CVE-2022-3446/ SUSE CVE CVE-2022-3446 page https://www.suse.com/security/cve/CVE-2022-3885/ SUSE CVE CVE-2022-3885 page https://www.suse.com/security/cve/CVE-2022-3887/ SUSE CVE CVE-2022-3887 page https://www.suse.com/security/cve/CVE-2022-3889/ SUSE CVE CVE-2022-3889 page https://www.suse.com/security/cve/CVE-2022-3890/ SUSE CVE CVE-2022-3890 page https://www.suse.com/security/cve/CVE-2022-4174/ SUSE CVE CVE-2022-4174 page https://www.suse.com/security/cve/CVE-2022-4180/ SUSE CVE CVE-2022-4180 page https://www.suse.com/security/cve/CVE-2022-4181/ SUSE CVE CVE-2022-4181 page https://www.suse.com/security/cve/CVE-2022-4262/ SUSE CVE CVE-2022-4262 page openSUSE Tumbleweed libQt5Pdf5-5.15.12-1.1 libQt5PdfWidgets5-5.15.12-1.1 libqt5-qtpdf-devel-5.15.12-1.1 libqt5-qtpdf-examples-5.15.12-1.1 libqt5-qtpdf-imports-5.15.12-1.1 libqt5-qtpdf-private-headers-devel-5.15.12-1.1 libqt5-qtwebengine-5.15.12-1.1 libqt5-qtwebengine-devel-5.15.12-1.1 libqt5-qtwebengine-examples-5.15.12-1.1 libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 libQt5Pdf5-5.15.12-1.1 as a component of openSUSE Tumbleweed libQt5PdfWidgets5-5.15.12-1.1 as a component of openSUSE Tumbleweed libqt5-qtpdf-devel-5.15.12-1.1 as a component of openSUSE Tumbleweed libqt5-qtpdf-examples-5.15.12-1.1 as a component of openSUSE Tumbleweed libqt5-qtpdf-imports-5.15.12-1.1 as a component of openSUSE Tumbleweed libqt5-qtpdf-private-headers-devel-5.15.12-1.1 as a component of openSUSE Tumbleweed libqt5-qtwebengine-5.15.12-1.1 as a component of openSUSE Tumbleweed libqt5-qtwebengine-devel-5.15.12-1.1 as a component of openSUSE Tumbleweed libqt5-qtwebengine-examples-5.15.12-1.1 as a component of openSUSE Tumbleweed libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 as a component of openSUSE Tumbleweed Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3038 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3038.html CVE-2022-3038 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3040 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3040.html CVE-2022-3040 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3041 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3041.html CVE-2022-3041 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3046 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3046.html CVE-2022-3046 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2022-3075 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3075.html CVE-2022-3075 https://bugzilla.suse.com/1203102 SUSE Bug 1203102 Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) CVE-2022-3196 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3196.html CVE-2022-3196 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) CVE-2022-3197 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3197.html CVE-2022-3197 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) CVE-2022-3198 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3198.html CVE-2022-3198 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3199 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3199.html CVE-2022-3199 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3200 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3200.html CVE-2022-3200 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High) CVE-2022-3201 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3201.html CVE-2022-3201 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3304 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3304.html CVE-2022-3304 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3370 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3370.html CVE-2022-3370 Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) CVE-2022-3373 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3373.html CVE-2022-3373 Use after free in Skia in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3445 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3445.html CVE-2022-3445 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Heap buffer overflow in WebSQL in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3446 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3446.html CVE-2022-3446 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3885 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3885.html CVE-2022-3885 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3887 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3887.html CVE-2022-3887 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3889 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3889.html CVE-2022-3889 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVE-2022-3890 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3890.html CVE-2022-3890 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4174 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4174.html CVE-2022-4174 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High) CVE-2022-4180 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4180.html CVE-2022-4180 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4181 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4181.html CVE-2022-4181 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4262 openSUSE Tumbleweed:libQt5Pdf5-5.15.12-1.1 openSUSE Tumbleweed:libQt5PdfWidgets5-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-imports-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtpdf-private-headers-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-devel-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-examples-5.15.12-1.1 openSUSE Tumbleweed:libqt5-qtwebengine-private-headers-devel-5.15.12-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4262.html CVE-2022-4262 https://bugzilla.suse.com/1205999 SUSE Bug 1205999