ungoogled-chromium-113.0.5672.92-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:12948 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z ungoogled-chromium-113.0.5672.92-1.1 on GA media These are all security issues fixed in the ungoogled-chromium-113.0.5672.92-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-12948 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:12948 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2011-3015/ SUSE CVE CVE-2011-3015 page https://www.suse.com/security/cve/CVE-2011-3016/ SUSE CVE CVE-2011-3016 page https://www.suse.com/security/cve/CVE-2011-3017/ SUSE CVE CVE-2011-3017 page https://www.suse.com/security/cve/CVE-2011-3018/ SUSE CVE CVE-2011-3018 page https://www.suse.com/security/cve/CVE-2011-3019/ SUSE CVE CVE-2011-3019 page https://www.suse.com/security/cve/CVE-2011-3020/ SUSE CVE CVE-2011-3020 page https://www.suse.com/security/cve/CVE-2011-3021/ SUSE CVE CVE-2011-3021 page https://www.suse.com/security/cve/CVE-2011-3022/ SUSE CVE CVE-2011-3022 page https://www.suse.com/security/cve/CVE-2011-3023/ SUSE CVE CVE-2011-3023 page https://www.suse.com/security/cve/CVE-2011-3024/ SUSE CVE CVE-2011-3024 page https://www.suse.com/security/cve/CVE-2011-3025/ SUSE CVE CVE-2011-3025 page https://www.suse.com/security/cve/CVE-2011-3026/ SUSE CVE CVE-2011-3026 page https://www.suse.com/security/cve/CVE-2011-3027/ SUSE CVE CVE-2011-3027 page https://www.suse.com/security/cve/CVE-2011-3031/ SUSE CVE CVE-2011-3031 page https://www.suse.com/security/cve/CVE-2011-3032/ SUSE CVE CVE-2011-3032 page https://www.suse.com/security/cve/CVE-2011-3033/ SUSE CVE CVE-2011-3033 page https://www.suse.com/security/cve/CVE-2011-3034/ SUSE CVE CVE-2011-3034 page https://www.suse.com/security/cve/CVE-2011-3035/ SUSE CVE CVE-2011-3035 page https://www.suse.com/security/cve/CVE-2011-3036/ SUSE CVE CVE-2011-3036 page https://www.suse.com/security/cve/CVE-2011-3037/ SUSE CVE CVE-2011-3037 page https://www.suse.com/security/cve/CVE-2011-3038/ SUSE CVE CVE-2011-3038 page https://www.suse.com/security/cve/CVE-2011-3039/ SUSE CVE CVE-2011-3039 page https://www.suse.com/security/cve/CVE-2011-3040/ SUSE CVE CVE-2011-3040 page https://www.suse.com/security/cve/CVE-2011-3041/ SUSE CVE CVE-2011-3041 page https://www.suse.com/security/cve/CVE-2011-3042/ SUSE CVE CVE-2011-3042 page https://www.suse.com/security/cve/CVE-2011-3043/ SUSE CVE CVE-2011-3043 page https://www.suse.com/security/cve/CVE-2011-3044/ SUSE CVE CVE-2011-3044 page https://www.suse.com/security/cve/CVE-2011-3045/ SUSE CVE CVE-2011-3045 page https://www.suse.com/security/cve/CVE-2011-3046/ SUSE CVE CVE-2011-3046 page https://www.suse.com/security/cve/CVE-2011-3047/ SUSE CVE CVE-2011-3047 page https://www.suse.com/security/cve/CVE-2011-3049/ SUSE CVE CVE-2011-3049 page https://www.suse.com/security/cve/CVE-2011-3050/ SUSE CVE CVE-2011-3050 page https://www.suse.com/security/cve/CVE-2011-3051/ SUSE CVE CVE-2011-3051 page https://www.suse.com/security/cve/CVE-2011-3052/ SUSE CVE CVE-2011-3052 page https://www.suse.com/security/cve/CVE-2011-3053/ SUSE CVE CVE-2011-3053 page https://www.suse.com/security/cve/CVE-2011-3054/ SUSE CVE CVE-2011-3054 page https://www.suse.com/security/cve/CVE-2011-3055/ SUSE CVE CVE-2011-3055 page https://www.suse.com/security/cve/CVE-2011-3056/ SUSE CVE CVE-2011-3056 page https://www.suse.com/security/cve/CVE-2011-3057/ SUSE CVE CVE-2011-3057 page https://www.suse.com/security/cve/CVE-2011-3058/ SUSE CVE CVE-2011-3058 page https://www.suse.com/security/cve/CVE-2011-3059/ SUSE CVE CVE-2011-3059 page https://www.suse.com/security/cve/CVE-2011-3060/ SUSE CVE CVE-2011-3060 page https://www.suse.com/security/cve/CVE-2011-3061/ SUSE CVE CVE-2011-3061 page https://www.suse.com/security/cve/CVE-2011-3062/ SUSE CVE CVE-2011-3062 page https://www.suse.com/security/cve/CVE-2011-3063/ SUSE CVE CVE-2011-3063 page https://www.suse.com/security/cve/CVE-2011-3064/ SUSE CVE CVE-2011-3064 page https://www.suse.com/security/cve/CVE-2011-3065/ SUSE CVE CVE-2011-3065 page https://www.suse.com/security/cve/CVE-2011-3066/ SUSE CVE CVE-2011-3066 page https://www.suse.com/security/cve/CVE-2011-3067/ SUSE CVE CVE-2011-3067 page https://www.suse.com/security/cve/CVE-2011-3068/ SUSE CVE CVE-2011-3068 page https://www.suse.com/security/cve/CVE-2011-3069/ SUSE CVE CVE-2011-3069 page https://www.suse.com/security/cve/CVE-2011-3070/ SUSE CVE CVE-2011-3070 page https://www.suse.com/security/cve/CVE-2011-3071/ SUSE CVE CVE-2011-3071 page https://www.suse.com/security/cve/CVE-2011-3072/ SUSE CVE CVE-2011-3072 page https://www.suse.com/security/cve/CVE-2011-3073/ SUSE CVE CVE-2011-3073 page https://www.suse.com/security/cve/CVE-2011-3074/ SUSE CVE CVE-2011-3074 page https://www.suse.com/security/cve/CVE-2011-3075/ SUSE CVE CVE-2011-3075 page https://www.suse.com/security/cve/CVE-2011-3076/ SUSE CVE CVE-2011-3076 page https://www.suse.com/security/cve/CVE-2011-3077/ SUSE CVE CVE-2011-3077 page https://www.suse.com/security/cve/CVE-2011-3078/ SUSE CVE CVE-2011-3078 page https://www.suse.com/security/cve/CVE-2011-3079/ SUSE CVE CVE-2011-3079 page https://www.suse.com/security/cve/CVE-2011-3080/ SUSE CVE CVE-2011-3080 page https://www.suse.com/security/cve/CVE-2011-3081/ SUSE CVE CVE-2011-3081 page https://www.suse.com/security/cve/CVE-2011-3083/ SUSE CVE CVE-2011-3083 page https://www.suse.com/security/cve/CVE-2011-3084/ SUSE CVE CVE-2011-3084 page https://www.suse.com/security/cve/CVE-2011-3085/ SUSE CVE CVE-2011-3085 page https://www.suse.com/security/cve/CVE-2011-3086/ SUSE CVE CVE-2011-3086 page https://www.suse.com/security/cve/CVE-2011-3087/ SUSE CVE CVE-2011-3087 page https://www.suse.com/security/cve/CVE-2011-3088/ SUSE CVE CVE-2011-3088 page https://www.suse.com/security/cve/CVE-2011-3089/ SUSE CVE CVE-2011-3089 page https://www.suse.com/security/cve/CVE-2011-3090/ SUSE CVE CVE-2011-3090 page https://www.suse.com/security/cve/CVE-2011-3091/ SUSE CVE CVE-2011-3091 page https://www.suse.com/security/cve/CVE-2011-3092/ SUSE CVE CVE-2011-3092 page https://www.suse.com/security/cve/CVE-2011-3093/ SUSE CVE CVE-2011-3093 page https://www.suse.com/security/cve/CVE-2011-3094/ SUSE CVE CVE-2011-3094 page https://www.suse.com/security/cve/CVE-2011-3095/ SUSE CVE CVE-2011-3095 page https://www.suse.com/security/cve/CVE-2011-3096/ SUSE CVE CVE-2011-3096 page https://www.suse.com/security/cve/CVE-2011-3098/ SUSE CVE CVE-2011-3098 page https://www.suse.com/security/cve/CVE-2011-3100/ SUSE CVE CVE-2011-3100 page https://www.suse.com/security/cve/CVE-2011-3101/ SUSE CVE CVE-2011-3101 page https://www.suse.com/security/cve/CVE-2011-3102/ SUSE CVE CVE-2011-3102 page https://www.suse.com/security/cve/CVE-2011-3903/ SUSE CVE CVE-2011-3903 page https://www.suse.com/security/cve/CVE-2011-3904/ SUSE CVE CVE-2011-3904 page https://www.suse.com/security/cve/CVE-2011-3905/ SUSE CVE CVE-2011-3905 page https://www.suse.com/security/cve/CVE-2011-3906/ SUSE CVE CVE-2011-3906 page https://www.suse.com/security/cve/CVE-2011-3907/ SUSE CVE CVE-2011-3907 page https://www.suse.com/security/cve/CVE-2011-3908/ SUSE CVE CVE-2011-3908 page https://www.suse.com/security/cve/CVE-2011-3909/ SUSE CVE CVE-2011-3909 page https://www.suse.com/security/cve/CVE-2011-3910/ SUSE CVE CVE-2011-3910 page https://www.suse.com/security/cve/CVE-2011-3911/ SUSE CVE CVE-2011-3911 page https://www.suse.com/security/cve/CVE-2011-3912/ SUSE CVE CVE-2011-3912 page https://www.suse.com/security/cve/CVE-2011-3914/ SUSE CVE CVE-2011-3914 page https://www.suse.com/security/cve/CVE-2011-3915/ SUSE CVE CVE-2011-3915 page https://www.suse.com/security/cve/CVE-2011-3916/ SUSE CVE CVE-2011-3916 page https://www.suse.com/security/cve/CVE-2011-3917/ SUSE CVE CVE-2011-3917 page https://www.suse.com/security/cve/CVE-2011-3919/ SUSE CVE CVE-2011-3919 page https://www.suse.com/security/cve/CVE-2011-3921/ SUSE CVE CVE-2011-3921 page https://www.suse.com/security/cve/CVE-2011-3922/ SUSE CVE CVE-2011-3922 page https://www.suse.com/security/cve/CVE-2011-3924/ SUSE CVE CVE-2011-3924 page https://www.suse.com/security/cve/CVE-2011-3925/ SUSE CVE CVE-2011-3925 page https://www.suse.com/security/cve/CVE-2011-3926/ SUSE CVE CVE-2011-3926 page https://www.suse.com/security/cve/CVE-2011-3927/ SUSE CVE CVE-2011-3927 page https://www.suse.com/security/cve/CVE-2011-3928/ SUSE CVE CVE-2011-3928 page https://www.suse.com/security/cve/CVE-2011-3953/ SUSE CVE CVE-2011-3953 page https://www.suse.com/security/cve/CVE-2011-3954/ SUSE CVE CVE-2011-3954 page https://www.suse.com/security/cve/CVE-2011-3955/ SUSE CVE CVE-2011-3955 page https://www.suse.com/security/cve/CVE-2011-3956/ SUSE CVE CVE-2011-3956 page https://www.suse.com/security/cve/CVE-2011-3957/ SUSE CVE CVE-2011-3957 page https://www.suse.com/security/cve/CVE-2011-3958/ SUSE CVE CVE-2011-3958 page https://www.suse.com/security/cve/CVE-2011-3959/ SUSE CVE CVE-2011-3959 page https://www.suse.com/security/cve/CVE-2011-3960/ SUSE CVE CVE-2011-3960 page https://www.suse.com/security/cve/CVE-2011-3961/ SUSE CVE CVE-2011-3961 page https://www.suse.com/security/cve/CVE-2011-3962/ SUSE CVE CVE-2011-3962 page https://www.suse.com/security/cve/CVE-2011-3963/ SUSE CVE CVE-2011-3963 page https://www.suse.com/security/cve/CVE-2011-3964/ SUSE CVE CVE-2011-3964 page https://www.suse.com/security/cve/CVE-2011-3965/ SUSE CVE CVE-2011-3965 page https://www.suse.com/security/cve/CVE-2011-3966/ SUSE CVE CVE-2011-3966 page https://www.suse.com/security/cve/CVE-2011-3967/ SUSE CVE CVE-2011-3967 page https://www.suse.com/security/cve/CVE-2011-3968/ SUSE CVE CVE-2011-3968 page https://www.suse.com/security/cve/CVE-2011-3969/ SUSE CVE CVE-2011-3969 page https://www.suse.com/security/cve/CVE-2011-3970/ SUSE CVE CVE-2011-3970 page https://www.suse.com/security/cve/CVE-2011-3971/ SUSE CVE CVE-2011-3971 page https://www.suse.com/security/cve/CVE-2011-3972/ SUSE CVE CVE-2011-3972 page https://www.suse.com/security/cve/CVE-2012-1521/ SUSE CVE CVE-2012-1521 page https://www.suse.com/security/cve/CVE-2012-2807/ SUSE CVE CVE-2012-2807 page https://www.suse.com/security/cve/CVE-2012-2815/ SUSE CVE CVE-2012-2815 page https://www.suse.com/security/cve/CVE-2012-2816/ SUSE CVE CVE-2012-2816 page https://www.suse.com/security/cve/CVE-2012-2817/ SUSE CVE CVE-2012-2817 page https://www.suse.com/security/cve/CVE-2012-2818/ SUSE CVE CVE-2012-2818 page https://www.suse.com/security/cve/CVE-2012-2819/ SUSE CVE CVE-2012-2819 page https://www.suse.com/security/cve/CVE-2012-2820/ SUSE CVE CVE-2012-2820 page https://www.suse.com/security/cve/CVE-2012-2821/ SUSE CVE CVE-2012-2821 page https://www.suse.com/security/cve/CVE-2012-2823/ SUSE CVE CVE-2012-2823 page https://www.suse.com/security/cve/CVE-2012-2825/ SUSE CVE CVE-2012-2825 page https://www.suse.com/security/cve/CVE-2012-2826/ SUSE CVE CVE-2012-2826 page https://www.suse.com/security/cve/CVE-2012-2829/ SUSE CVE CVE-2012-2829 page https://www.suse.com/security/cve/CVE-2012-2830/ SUSE CVE CVE-2012-2830 page https://www.suse.com/security/cve/CVE-2012-2831/ SUSE CVE CVE-2012-2831 page https://www.suse.com/security/cve/CVE-2012-2834/ SUSE CVE CVE-2012-2834 page https://www.suse.com/security/cve/CVE-2012-2842/ SUSE CVE CVE-2012-2842 page https://www.suse.com/security/cve/CVE-2012-2843/ SUSE CVE CVE-2012-2843 page https://www.suse.com/security/cve/CVE-2012-2865/ SUSE CVE CVE-2012-2865 page https://www.suse.com/security/cve/CVE-2012-2866/ SUSE CVE CVE-2012-2866 page https://www.suse.com/security/cve/CVE-2012-2867/ SUSE CVE CVE-2012-2867 page https://www.suse.com/security/cve/CVE-2012-2868/ SUSE CVE CVE-2012-2868 page https://www.suse.com/security/cve/CVE-2012-2869/ SUSE CVE CVE-2012-2869 page https://www.suse.com/security/cve/CVE-2012-2870/ SUSE CVE CVE-2012-2870 page https://www.suse.com/security/cve/CVE-2012-2871/ SUSE CVE CVE-2012-2871 page https://www.suse.com/security/cve/CVE-2012-2872/ SUSE CVE CVE-2012-2872 page https://www.suse.com/security/cve/CVE-2012-2874/ SUSE CVE CVE-2012-2874 page https://www.suse.com/security/cve/CVE-2012-2876/ SUSE CVE CVE-2012-2876 page https://www.suse.com/security/cve/CVE-2012-2877/ SUSE CVE CVE-2012-2877 page https://www.suse.com/security/cve/CVE-2012-2878/ SUSE CVE CVE-2012-2878 page https://www.suse.com/security/cve/CVE-2012-2879/ SUSE CVE CVE-2012-2879 page https://www.suse.com/security/cve/CVE-2012-2880/ SUSE CVE CVE-2012-2880 page https://www.suse.com/security/cve/CVE-2012-2881/ SUSE CVE CVE-2012-2881 page https://www.suse.com/security/cve/CVE-2012-2882/ SUSE CVE CVE-2012-2882 page https://www.suse.com/security/cve/CVE-2012-2883/ SUSE CVE CVE-2012-2883 page https://www.suse.com/security/cve/CVE-2012-2884/ SUSE CVE CVE-2012-2884 page https://www.suse.com/security/cve/CVE-2012-2885/ SUSE CVE CVE-2012-2885 page https://www.suse.com/security/cve/CVE-2012-2886/ SUSE CVE CVE-2012-2886 page https://www.suse.com/security/cve/CVE-2012-2887/ SUSE CVE CVE-2012-2887 page https://www.suse.com/security/cve/CVE-2012-2888/ SUSE CVE CVE-2012-2888 page https://www.suse.com/security/cve/CVE-2012-2889/ SUSE CVE CVE-2012-2889 page https://www.suse.com/security/cve/CVE-2012-2891/ SUSE CVE CVE-2012-2891 page https://www.suse.com/security/cve/CVE-2012-2892/ SUSE CVE CVE-2012-2892 page https://www.suse.com/security/cve/CVE-2012-2893/ SUSE CVE CVE-2012-2893 page https://www.suse.com/security/cve/CVE-2012-2894/ SUSE CVE CVE-2012-2894 page https://www.suse.com/security/cve/CVE-2012-2896/ SUSE CVE CVE-2012-2896 page https://www.suse.com/security/cve/CVE-2012-5130/ SUSE CVE CVE-2012-5130 page https://www.suse.com/security/cve/CVE-2012-5131/ SUSE CVE CVE-2012-5131 page https://www.suse.com/security/cve/CVE-2012-5132/ SUSE CVE CVE-2012-5132 page https://www.suse.com/security/cve/CVE-2012-5133/ SUSE CVE CVE-2012-5133 page https://www.suse.com/security/cve/CVE-2012-5134/ SUSE CVE CVE-2012-5134 page https://www.suse.com/security/cve/CVE-2012-5135/ SUSE CVE CVE-2012-5135 page https://www.suse.com/security/cve/CVE-2012-5136/ SUSE CVE CVE-2012-5136 page https://www.suse.com/security/cve/CVE-2012-5137/ SUSE CVE CVE-2012-5137 page https://www.suse.com/security/cve/CVE-2012-5138/ SUSE CVE CVE-2012-5138 page https://www.suse.com/security/cve/CVE-2012-5139/ SUSE CVE CVE-2012-5139 page https://www.suse.com/security/cve/CVE-2012-5140/ SUSE CVE CVE-2012-5140 page https://www.suse.com/security/cve/CVE-2012-5141/ SUSE CVE CVE-2012-5141 page https://www.suse.com/security/cve/CVE-2012-5142/ SUSE CVE CVE-2012-5142 page https://www.suse.com/security/cve/CVE-2012-5143/ SUSE CVE CVE-2012-5143 page https://www.suse.com/security/cve/CVE-2012-5144/ SUSE CVE CVE-2012-5144 page https://www.suse.com/security/cve/CVE-2012-5145/ SUSE CVE CVE-2012-5145 page https://www.suse.com/security/cve/CVE-2012-5146/ SUSE CVE CVE-2012-5146 page https://www.suse.com/security/cve/CVE-2012-5147/ SUSE CVE CVE-2012-5147 page https://www.suse.com/security/cve/CVE-2012-5148/ SUSE CVE CVE-2012-5148 page https://www.suse.com/security/cve/CVE-2012-5149/ SUSE CVE CVE-2012-5149 page https://www.suse.com/security/cve/CVE-2012-5150/ SUSE CVE CVE-2012-5150 page https://www.suse.com/security/cve/CVE-2012-5152/ SUSE CVE CVE-2012-5152 page https://www.suse.com/security/cve/CVE-2012-5153/ SUSE CVE CVE-2012-5153 page https://www.suse.com/security/cve/CVE-2012-5154/ SUSE CVE CVE-2012-5154 page https://www.suse.com/security/cve/CVE-2013-0830/ SUSE CVE CVE-2013-0830 page https://www.suse.com/security/cve/CVE-2013-0831/ SUSE CVE CVE-2013-0831 page https://www.suse.com/security/cve/CVE-2013-0832/ SUSE CVE CVE-2013-0832 page https://www.suse.com/security/cve/CVE-2013-0833/ SUSE CVE CVE-2013-0833 page https://www.suse.com/security/cve/CVE-2013-0834/ SUSE CVE CVE-2013-0834 page https://www.suse.com/security/cve/CVE-2013-0835/ SUSE CVE CVE-2013-0835 page https://www.suse.com/security/cve/CVE-2013-0836/ SUSE CVE CVE-2013-0836 page https://www.suse.com/security/cve/CVE-2013-0837/ SUSE CVE CVE-2013-0837 page https://www.suse.com/security/cve/CVE-2013-0838/ SUSE CVE CVE-2013-0838 page https://www.suse.com/security/cve/CVE-2013-0879/ SUSE CVE CVE-2013-0879 page https://www.suse.com/security/cve/CVE-2013-0880/ SUSE CVE CVE-2013-0880 page https://www.suse.com/security/cve/CVE-2013-0881/ SUSE CVE CVE-2013-0881 page https://www.suse.com/security/cve/CVE-2013-0882/ SUSE CVE CVE-2013-0882 page https://www.suse.com/security/cve/CVE-2013-0883/ SUSE CVE CVE-2013-0883 page https://www.suse.com/security/cve/CVE-2013-0884/ SUSE CVE CVE-2013-0884 page https://www.suse.com/security/cve/CVE-2013-0885/ SUSE CVE CVE-2013-0885 page https://www.suse.com/security/cve/CVE-2013-0886/ SUSE CVE CVE-2013-0886 page https://www.suse.com/security/cve/CVE-2013-0887/ SUSE CVE CVE-2013-0887 page https://www.suse.com/security/cve/CVE-2013-0888/ SUSE CVE CVE-2013-0888 page https://www.suse.com/security/cve/CVE-2013-0889/ SUSE CVE CVE-2013-0889 page https://www.suse.com/security/cve/CVE-2013-0890/ SUSE CVE CVE-2013-0890 page https://www.suse.com/security/cve/CVE-2013-0891/ SUSE CVE CVE-2013-0891 page https://www.suse.com/security/cve/CVE-2013-0892/ SUSE CVE CVE-2013-0892 page https://www.suse.com/security/cve/CVE-2013-0893/ SUSE CVE CVE-2013-0893 page https://www.suse.com/security/cve/CVE-2013-0894/ SUSE CVE CVE-2013-0894 page https://www.suse.com/security/cve/CVE-2013-0895/ SUSE CVE CVE-2013-0895 page https://www.suse.com/security/cve/CVE-2013-0896/ SUSE CVE CVE-2013-0896 page https://www.suse.com/security/cve/CVE-2013-0897/ SUSE CVE CVE-2013-0897 page https://www.suse.com/security/cve/CVE-2013-0898/ SUSE CVE CVE-2013-0898 page https://www.suse.com/security/cve/CVE-2013-0899/ SUSE CVE CVE-2013-0899 page https://www.suse.com/security/cve/CVE-2013-0900/ SUSE CVE CVE-2013-0900 page https://www.suse.com/security/cve/CVE-2013-2838/ SUSE CVE CVE-2013-2838 page https://www.suse.com/security/cve/CVE-2013-2906/ SUSE CVE CVE-2013-2906 page https://www.suse.com/security/cve/CVE-2013-2907/ SUSE CVE CVE-2013-2907 page https://www.suse.com/security/cve/CVE-2013-2908/ SUSE CVE CVE-2013-2908 page https://www.suse.com/security/cve/CVE-2013-2909/ SUSE CVE CVE-2013-2909 page https://www.suse.com/security/cve/CVE-2013-2910/ SUSE CVE CVE-2013-2910 page https://www.suse.com/security/cve/CVE-2013-2911/ SUSE CVE CVE-2013-2911 page https://www.suse.com/security/cve/CVE-2013-2912/ SUSE CVE CVE-2013-2912 page https://www.suse.com/security/cve/CVE-2013-2913/ SUSE CVE CVE-2013-2913 page https://www.suse.com/security/cve/CVE-2013-2914/ SUSE CVE CVE-2013-2914 page https://www.suse.com/security/cve/CVE-2013-2915/ SUSE CVE CVE-2013-2915 page https://www.suse.com/security/cve/CVE-2013-2916/ SUSE CVE CVE-2013-2916 page https://www.suse.com/security/cve/CVE-2013-2917/ SUSE CVE CVE-2013-2917 page https://www.suse.com/security/cve/CVE-2013-2918/ SUSE CVE CVE-2013-2918 page https://www.suse.com/security/cve/CVE-2013-2919/ SUSE CVE CVE-2013-2919 page https://www.suse.com/security/cve/CVE-2013-2920/ SUSE CVE CVE-2013-2920 page https://www.suse.com/security/cve/CVE-2013-2921/ SUSE CVE CVE-2013-2921 page https://www.suse.com/security/cve/CVE-2013-2922/ SUSE CVE CVE-2013-2922 page https://www.suse.com/security/cve/CVE-2013-2923/ SUSE CVE CVE-2013-2923 page https://www.suse.com/security/cve/CVE-2013-2924/ SUSE CVE CVE-2013-2924 page https://www.suse.com/security/cve/CVE-2013-2925/ SUSE CVE CVE-2013-2925 page https://www.suse.com/security/cve/CVE-2013-2926/ SUSE CVE CVE-2013-2926 page https://www.suse.com/security/cve/CVE-2013-2927/ SUSE CVE CVE-2013-2927 page https://www.suse.com/security/cve/CVE-2013-2928/ SUSE CVE CVE-2013-2928 page https://www.suse.com/security/cve/CVE-2013-2931/ SUSE CVE CVE-2013-2931 page https://www.suse.com/security/cve/CVE-2013-6621/ SUSE CVE CVE-2013-6621 page https://www.suse.com/security/cve/CVE-2013-6622/ SUSE CVE CVE-2013-6622 page https://www.suse.com/security/cve/CVE-2013-6623/ SUSE CVE CVE-2013-6623 page https://www.suse.com/security/cve/CVE-2013-6624/ SUSE CVE CVE-2013-6624 page https://www.suse.com/security/cve/CVE-2013-6625/ SUSE CVE CVE-2013-6625 page https://www.suse.com/security/cve/CVE-2013-6626/ SUSE CVE CVE-2013-6626 page https://www.suse.com/security/cve/CVE-2013-6627/ SUSE CVE CVE-2013-6627 page https://www.suse.com/security/cve/CVE-2013-6628/ SUSE CVE CVE-2013-6628 page https://www.suse.com/security/cve/CVE-2013-6629/ SUSE CVE CVE-2013-6629 page https://www.suse.com/security/cve/CVE-2013-6630/ SUSE CVE CVE-2013-6630 page https://www.suse.com/security/cve/CVE-2013-6631/ SUSE CVE CVE-2013-6631 page https://www.suse.com/security/cve/CVE-2013-6632/ SUSE CVE CVE-2013-6632 page https://www.suse.com/security/cve/CVE-2013-6634/ SUSE CVE CVE-2013-6634 page https://www.suse.com/security/cve/CVE-2013-6635/ SUSE CVE CVE-2013-6635 page https://www.suse.com/security/cve/CVE-2013-6636/ SUSE CVE CVE-2013-6636 page https://www.suse.com/security/cve/CVE-2013-6637/ SUSE CVE CVE-2013-6637 page https://www.suse.com/security/cve/CVE-2013-6638/ SUSE CVE CVE-2013-6638 page https://www.suse.com/security/cve/CVE-2013-6639/ SUSE CVE CVE-2013-6639 page https://www.suse.com/security/cve/CVE-2013-6640/ SUSE CVE CVE-2013-6640 page https://www.suse.com/security/cve/CVE-2013-6641/ SUSE CVE CVE-2013-6641 page https://www.suse.com/security/cve/CVE-2013-6643/ SUSE CVE CVE-2013-6643 page https://www.suse.com/security/cve/CVE-2013-6644/ SUSE CVE CVE-2013-6644 page https://www.suse.com/security/cve/CVE-2013-6645/ SUSE CVE CVE-2013-6645 page https://www.suse.com/security/cve/CVE-2013-6646/ SUSE CVE CVE-2013-6646 page https://www.suse.com/security/cve/CVE-2013-6649/ SUSE CVE CVE-2013-6649 page https://www.suse.com/security/cve/CVE-2013-6650/ SUSE CVE CVE-2013-6650 page https://www.suse.com/security/cve/CVE-2013-6653/ SUSE CVE CVE-2013-6653 page https://www.suse.com/security/cve/CVE-2013-6654/ SUSE CVE CVE-2013-6654 page https://www.suse.com/security/cve/CVE-2013-6655/ SUSE CVE CVE-2013-6655 page https://www.suse.com/security/cve/CVE-2013-6656/ SUSE CVE CVE-2013-6656 page https://www.suse.com/security/cve/CVE-2013-6657/ SUSE CVE CVE-2013-6657 page https://www.suse.com/security/cve/CVE-2013-6658/ SUSE CVE CVE-2013-6658 page https://www.suse.com/security/cve/CVE-2013-6659/ SUSE CVE CVE-2013-6659 page https://www.suse.com/security/cve/CVE-2013-6660/ SUSE CVE CVE-2013-6660 page https://www.suse.com/security/cve/CVE-2013-6661/ SUSE CVE CVE-2013-6661 page https://www.suse.com/security/cve/CVE-2014-0574/ SUSE CVE CVE-2014-0574 page https://www.suse.com/security/cve/CVE-2014-1700/ SUSE CVE CVE-2014-1700 page https://www.suse.com/security/cve/CVE-2014-1701/ SUSE CVE CVE-2014-1701 page https://www.suse.com/security/cve/CVE-2014-1702/ SUSE CVE CVE-2014-1702 page https://www.suse.com/security/cve/CVE-2014-1703/ SUSE CVE CVE-2014-1703 page https://www.suse.com/security/cve/CVE-2014-1704/ SUSE CVE CVE-2014-1704 page https://www.suse.com/security/cve/CVE-2014-1705/ SUSE CVE CVE-2014-1705 page https://www.suse.com/security/cve/CVE-2014-1713/ SUSE CVE CVE-2014-1713 page https://www.suse.com/security/cve/CVE-2014-1714/ SUSE CVE CVE-2014-1714 page https://www.suse.com/security/cve/CVE-2014-1715/ SUSE CVE CVE-2014-1715 page https://www.suse.com/security/cve/CVE-2014-1716/ SUSE CVE CVE-2014-1716 page https://www.suse.com/security/cve/CVE-2014-1717/ SUSE CVE CVE-2014-1717 page https://www.suse.com/security/cve/CVE-2014-1718/ SUSE CVE CVE-2014-1718 page https://www.suse.com/security/cve/CVE-2014-1719/ SUSE CVE CVE-2014-1719 page https://www.suse.com/security/cve/CVE-2014-1720/ SUSE CVE CVE-2014-1720 page https://www.suse.com/security/cve/CVE-2014-1721/ SUSE CVE CVE-2014-1721 page https://www.suse.com/security/cve/CVE-2014-1722/ SUSE CVE CVE-2014-1722 page https://www.suse.com/security/cve/CVE-2014-1723/ SUSE CVE CVE-2014-1723 page https://www.suse.com/security/cve/CVE-2014-1724/ SUSE CVE CVE-2014-1724 page https://www.suse.com/security/cve/CVE-2014-1725/ SUSE CVE CVE-2014-1725 page https://www.suse.com/security/cve/CVE-2014-1726/ SUSE CVE CVE-2014-1726 page https://www.suse.com/security/cve/CVE-2014-1727/ SUSE CVE CVE-2014-1727 page https://www.suse.com/security/cve/CVE-2014-1728/ SUSE CVE CVE-2014-1728 page https://www.suse.com/security/cve/CVE-2014-1729/ SUSE CVE CVE-2014-1729 page https://www.suse.com/security/cve/CVE-2014-1730/ SUSE CVE CVE-2014-1730 page https://www.suse.com/security/cve/CVE-2014-1731/ SUSE CVE CVE-2014-1731 page https://www.suse.com/security/cve/CVE-2014-1732/ SUSE CVE CVE-2014-1732 page https://www.suse.com/security/cve/CVE-2014-1733/ SUSE CVE CVE-2014-1733 page https://www.suse.com/security/cve/CVE-2014-1734/ SUSE CVE CVE-2014-1734 page https://www.suse.com/security/cve/CVE-2014-1735/ SUSE CVE CVE-2014-1735 page https://www.suse.com/security/cve/CVE-2014-1740/ SUSE CVE CVE-2014-1740 page https://www.suse.com/security/cve/CVE-2014-1741/ SUSE CVE CVE-2014-1741 page https://www.suse.com/security/cve/CVE-2014-1742/ SUSE CVE CVE-2014-1742 page https://www.suse.com/security/cve/CVE-2014-1743/ SUSE CVE CVE-2014-1743 page https://www.suse.com/security/cve/CVE-2014-1744/ SUSE CVE CVE-2014-1744 page https://www.suse.com/security/cve/CVE-2014-1745/ SUSE CVE CVE-2014-1745 page https://www.suse.com/security/cve/CVE-2014-1746/ SUSE CVE CVE-2014-1746 page https://www.suse.com/security/cve/CVE-2014-1747/ SUSE CVE CVE-2014-1747 page https://www.suse.com/security/cve/CVE-2014-1748/ SUSE CVE CVE-2014-1748 page https://www.suse.com/security/cve/CVE-2014-1749/ SUSE CVE CVE-2014-1749 page https://www.suse.com/security/cve/CVE-2014-3152/ SUSE CVE CVE-2014-3152 page https://www.suse.com/security/cve/CVE-2014-3154/ SUSE CVE CVE-2014-3154 page https://www.suse.com/security/cve/CVE-2014-3155/ SUSE CVE CVE-2014-3155 page https://www.suse.com/security/cve/CVE-2014-3156/ SUSE CVE CVE-2014-3156 page https://www.suse.com/security/cve/CVE-2014-3157/ SUSE CVE CVE-2014-3157 page https://www.suse.com/security/cve/CVE-2014-3160/ SUSE CVE CVE-2014-3160 page https://www.suse.com/security/cve/CVE-2014-3162/ SUSE CVE CVE-2014-3162 page https://www.suse.com/security/cve/CVE-2014-3165/ SUSE CVE CVE-2014-3165 page https://www.suse.com/security/cve/CVE-2014-3166/ SUSE CVE CVE-2014-3166 page https://www.suse.com/security/cve/CVE-2014-3167/ SUSE CVE CVE-2014-3167 page https://www.suse.com/security/cve/CVE-2014-3168/ SUSE CVE CVE-2014-3168 page https://www.suse.com/security/cve/CVE-2014-3169/ SUSE CVE CVE-2014-3169 page https://www.suse.com/security/cve/CVE-2014-3170/ SUSE CVE CVE-2014-3170 page https://www.suse.com/security/cve/CVE-2014-3171/ SUSE CVE CVE-2014-3171 page https://www.suse.com/security/cve/CVE-2014-3172/ SUSE CVE CVE-2014-3172 page https://www.suse.com/security/cve/CVE-2014-3173/ SUSE CVE CVE-2014-3173 page https://www.suse.com/security/cve/CVE-2014-3174/ SUSE CVE CVE-2014-3174 page https://www.suse.com/security/cve/CVE-2014-3175/ SUSE CVE CVE-2014-3175 page https://www.suse.com/security/cve/CVE-2014-3176/ SUSE CVE CVE-2014-3176 page https://www.suse.com/security/cve/CVE-2014-3178/ SUSE CVE CVE-2014-3178 page https://www.suse.com/security/cve/CVE-2014-3188/ SUSE CVE CVE-2014-3188 page https://www.suse.com/security/cve/CVE-2014-3189/ SUSE CVE CVE-2014-3189 page https://www.suse.com/security/cve/CVE-2014-3190/ SUSE CVE CVE-2014-3190 page https://www.suse.com/security/cve/CVE-2014-3191/ SUSE CVE CVE-2014-3191 page https://www.suse.com/security/cve/CVE-2014-3192/ SUSE CVE CVE-2014-3192 page https://www.suse.com/security/cve/CVE-2014-3193/ SUSE CVE CVE-2014-3193 page https://www.suse.com/security/cve/CVE-2014-3194/ SUSE CVE CVE-2014-3194 page https://www.suse.com/security/cve/CVE-2014-3195/ SUSE CVE CVE-2014-3195 page https://www.suse.com/security/cve/CVE-2014-3196/ SUSE CVE CVE-2014-3196 page https://www.suse.com/security/cve/CVE-2014-3197/ SUSE CVE CVE-2014-3197 page https://www.suse.com/security/cve/CVE-2014-3198/ SUSE CVE CVE-2014-3198 page https://www.suse.com/security/cve/CVE-2014-3199/ SUSE CVE CVE-2014-3199 page https://www.suse.com/security/cve/CVE-2014-3200/ SUSE CVE CVE-2014-3200 page https://www.suse.com/security/cve/CVE-2014-7899/ SUSE CVE CVE-2014-7899 page https://www.suse.com/security/cve/CVE-2014-7900/ SUSE CVE CVE-2014-7900 page https://www.suse.com/security/cve/CVE-2014-7901/ SUSE CVE CVE-2014-7901 page https://www.suse.com/security/cve/CVE-2014-7902/ SUSE CVE CVE-2014-7902 page https://www.suse.com/security/cve/CVE-2014-7903/ SUSE CVE CVE-2014-7903 page https://www.suse.com/security/cve/CVE-2014-7904/ SUSE CVE CVE-2014-7904 page https://www.suse.com/security/cve/CVE-2014-7905/ SUSE CVE CVE-2014-7905 page https://www.suse.com/security/cve/CVE-2014-7906/ SUSE CVE CVE-2014-7906 page https://www.suse.com/security/cve/CVE-2014-7907/ SUSE CVE CVE-2014-7907 page https://www.suse.com/security/cve/CVE-2014-7908/ SUSE CVE CVE-2014-7908 page https://www.suse.com/security/cve/CVE-2014-7909/ SUSE CVE CVE-2014-7909 page https://www.suse.com/security/cve/CVE-2014-7910/ SUSE CVE CVE-2014-7910 page https://www.suse.com/security/cve/CVE-2014-7923/ SUSE CVE CVE-2014-7923 page https://www.suse.com/security/cve/CVE-2014-7924/ SUSE CVE CVE-2014-7924 page https://www.suse.com/security/cve/CVE-2014-7925/ SUSE CVE CVE-2014-7925 page https://www.suse.com/security/cve/CVE-2014-7926/ SUSE CVE CVE-2014-7926 page https://www.suse.com/security/cve/CVE-2014-7927/ SUSE CVE CVE-2014-7927 page https://www.suse.com/security/cve/CVE-2014-7928/ SUSE CVE CVE-2014-7928 page https://www.suse.com/security/cve/CVE-2014-7929/ SUSE CVE CVE-2014-7929 page https://www.suse.com/security/cve/CVE-2014-7930/ SUSE CVE CVE-2014-7930 page https://www.suse.com/security/cve/CVE-2014-7932/ SUSE CVE CVE-2014-7932 page https://www.suse.com/security/cve/CVE-2014-7933/ SUSE CVE CVE-2014-7933 page https://www.suse.com/security/cve/CVE-2014-7934/ SUSE CVE CVE-2014-7934 page https://www.suse.com/security/cve/CVE-2014-7935/ SUSE CVE CVE-2014-7935 page https://www.suse.com/security/cve/CVE-2014-7936/ SUSE CVE CVE-2014-7936 page https://www.suse.com/security/cve/CVE-2014-7937/ SUSE CVE CVE-2014-7937 page https://www.suse.com/security/cve/CVE-2014-7938/ SUSE CVE CVE-2014-7938 page https://www.suse.com/security/cve/CVE-2014-7939/ SUSE CVE CVE-2014-7939 page https://www.suse.com/security/cve/CVE-2014-7940/ SUSE CVE CVE-2014-7940 page https://www.suse.com/security/cve/CVE-2014-7941/ SUSE CVE CVE-2014-7941 page https://www.suse.com/security/cve/CVE-2014-7942/ SUSE CVE CVE-2014-7942 page https://www.suse.com/security/cve/CVE-2014-7943/ SUSE CVE CVE-2014-7943 page https://www.suse.com/security/cve/CVE-2014-7944/ SUSE CVE CVE-2014-7944 page https://www.suse.com/security/cve/CVE-2014-7945/ SUSE CVE CVE-2014-7945 page https://www.suse.com/security/cve/CVE-2014-7946/ SUSE CVE CVE-2014-7946 page https://www.suse.com/security/cve/CVE-2014-7947/ SUSE CVE CVE-2014-7947 page https://www.suse.com/security/cve/CVE-2014-7948/ SUSE CVE CVE-2014-7948 page https://www.suse.com/security/cve/CVE-2015-1205/ SUSE CVE CVE-2015-1205 page https://www.suse.com/security/cve/CVE-2015-1209/ SUSE CVE CVE-2015-1209 page https://www.suse.com/security/cve/CVE-2015-1210/ SUSE CVE CVE-2015-1210 page https://www.suse.com/security/cve/CVE-2015-1211/ SUSE CVE CVE-2015-1211 page https://www.suse.com/security/cve/CVE-2015-1212/ SUSE CVE CVE-2015-1212 page https://www.suse.com/security/cve/CVE-2015-1213/ SUSE CVE CVE-2015-1213 page https://www.suse.com/security/cve/CVE-2015-1214/ SUSE CVE CVE-2015-1214 page https://www.suse.com/security/cve/CVE-2015-1215/ SUSE CVE CVE-2015-1215 page https://www.suse.com/security/cve/CVE-2015-1216/ SUSE CVE CVE-2015-1216 page https://www.suse.com/security/cve/CVE-2015-1217/ SUSE CVE CVE-2015-1217 page https://www.suse.com/security/cve/CVE-2015-1218/ SUSE CVE CVE-2015-1218 page https://www.suse.com/security/cve/CVE-2015-1219/ SUSE CVE CVE-2015-1219 page https://www.suse.com/security/cve/CVE-2015-1220/ SUSE CVE CVE-2015-1220 page https://www.suse.com/security/cve/CVE-2015-1221/ SUSE CVE CVE-2015-1221 page https://www.suse.com/security/cve/CVE-2015-1222/ SUSE CVE CVE-2015-1222 page https://www.suse.com/security/cve/CVE-2015-1223/ SUSE CVE CVE-2015-1223 page https://www.suse.com/security/cve/CVE-2015-1224/ SUSE CVE CVE-2015-1224 page https://www.suse.com/security/cve/CVE-2015-1225/ SUSE CVE CVE-2015-1225 page https://www.suse.com/security/cve/CVE-2015-1226/ SUSE CVE CVE-2015-1226 page https://www.suse.com/security/cve/CVE-2015-1227/ SUSE CVE CVE-2015-1227 page https://www.suse.com/security/cve/CVE-2015-1228/ SUSE CVE CVE-2015-1228 page https://www.suse.com/security/cve/CVE-2015-1229/ SUSE CVE CVE-2015-1229 page https://www.suse.com/security/cve/CVE-2015-1230/ SUSE CVE CVE-2015-1230 page https://www.suse.com/security/cve/CVE-2015-1231/ SUSE CVE CVE-2015-1231 page https://www.suse.com/security/cve/CVE-2015-1233/ SUSE CVE CVE-2015-1233 page https://www.suse.com/security/cve/CVE-2015-1234/ SUSE CVE CVE-2015-1234 page https://www.suse.com/security/cve/CVE-2015-1235/ SUSE CVE CVE-2015-1235 page https://www.suse.com/security/cve/CVE-2015-1236/ SUSE CVE CVE-2015-1236 page https://www.suse.com/security/cve/CVE-2015-1237/ SUSE CVE CVE-2015-1237 page https://www.suse.com/security/cve/CVE-2015-1238/ SUSE CVE CVE-2015-1238 page https://www.suse.com/security/cve/CVE-2015-1240/ SUSE CVE CVE-2015-1240 page https://www.suse.com/security/cve/CVE-2015-1241/ SUSE CVE CVE-2015-1241 page https://www.suse.com/security/cve/CVE-2015-1242/ SUSE CVE CVE-2015-1242 page https://www.suse.com/security/cve/CVE-2015-1243/ SUSE CVE CVE-2015-1243 page https://www.suse.com/security/cve/CVE-2015-1244/ SUSE CVE CVE-2015-1244 page https://www.suse.com/security/cve/CVE-2015-1245/ SUSE CVE CVE-2015-1245 page https://www.suse.com/security/cve/CVE-2015-1246/ SUSE CVE CVE-2015-1246 page https://www.suse.com/security/cve/CVE-2015-1247/ SUSE CVE CVE-2015-1247 page https://www.suse.com/security/cve/CVE-2015-1248/ SUSE CVE CVE-2015-1248 page https://www.suse.com/security/cve/CVE-2015-1249/ SUSE CVE CVE-2015-1249 page https://www.suse.com/security/cve/CVE-2015-1250/ SUSE CVE CVE-2015-1250 page https://www.suse.com/security/cve/CVE-2015-1251/ SUSE CVE CVE-2015-1251 page https://www.suse.com/security/cve/CVE-2015-1252/ SUSE CVE CVE-2015-1252 page https://www.suse.com/security/cve/CVE-2015-1253/ SUSE CVE CVE-2015-1253 page https://www.suse.com/security/cve/CVE-2015-1254/ SUSE CVE CVE-2015-1254 page https://www.suse.com/security/cve/CVE-2015-1255/ SUSE CVE CVE-2015-1255 page https://www.suse.com/security/cve/CVE-2015-1256/ SUSE CVE CVE-2015-1256 page https://www.suse.com/security/cve/CVE-2015-1257/ SUSE CVE CVE-2015-1257 page https://www.suse.com/security/cve/CVE-2015-1258/ SUSE CVE CVE-2015-1258 page https://www.suse.com/security/cve/CVE-2015-1259/ SUSE CVE CVE-2015-1259 page https://www.suse.com/security/cve/CVE-2015-1260/ SUSE CVE CVE-2015-1260 page https://www.suse.com/security/cve/CVE-2015-1261/ SUSE CVE CVE-2015-1261 page https://www.suse.com/security/cve/CVE-2015-1262/ SUSE CVE CVE-2015-1262 page https://www.suse.com/security/cve/CVE-2015-1263/ SUSE CVE CVE-2015-1263 page https://www.suse.com/security/cve/CVE-2015-1264/ SUSE CVE CVE-2015-1264 page https://www.suse.com/security/cve/CVE-2015-1265/ SUSE CVE CVE-2015-1265 page https://www.suse.com/security/cve/CVE-2015-1266/ SUSE CVE CVE-2015-1266 page https://www.suse.com/security/cve/CVE-2015-1267/ SUSE CVE CVE-2015-1267 page https://www.suse.com/security/cve/CVE-2015-1268/ SUSE CVE CVE-2015-1268 page https://www.suse.com/security/cve/CVE-2015-1269/ SUSE CVE CVE-2015-1269 page https://www.suse.com/security/cve/CVE-2015-1270/ SUSE CVE CVE-2015-1270 page https://www.suse.com/security/cve/CVE-2015-1271/ SUSE CVE CVE-2015-1271 page https://www.suse.com/security/cve/CVE-2015-1272/ SUSE CVE CVE-2015-1272 page https://www.suse.com/security/cve/CVE-2015-1273/ SUSE CVE CVE-2015-1273 page https://www.suse.com/security/cve/CVE-2015-1274/ SUSE CVE CVE-2015-1274 page https://www.suse.com/security/cve/CVE-2015-1275/ SUSE CVE CVE-2015-1275 page https://www.suse.com/security/cve/CVE-2015-1276/ SUSE CVE CVE-2015-1276 page https://www.suse.com/security/cve/CVE-2015-1277/ SUSE CVE CVE-2015-1277 page https://www.suse.com/security/cve/CVE-2015-1278/ SUSE CVE CVE-2015-1278 page https://www.suse.com/security/cve/CVE-2015-1279/ SUSE CVE CVE-2015-1279 page https://www.suse.com/security/cve/CVE-2015-1280/ SUSE CVE CVE-2015-1280 page https://www.suse.com/security/cve/CVE-2015-1281/ SUSE CVE CVE-2015-1281 page https://www.suse.com/security/cve/CVE-2015-1282/ SUSE CVE CVE-2015-1282 page https://www.suse.com/security/cve/CVE-2015-1283/ SUSE CVE CVE-2015-1283 page https://www.suse.com/security/cve/CVE-2015-1284/ SUSE CVE CVE-2015-1284 page https://www.suse.com/security/cve/CVE-2015-1285/ SUSE CVE CVE-2015-1285 page https://www.suse.com/security/cve/CVE-2015-1286/ SUSE CVE CVE-2015-1286 page https://www.suse.com/security/cve/CVE-2015-1287/ SUSE CVE CVE-2015-1287 page https://www.suse.com/security/cve/CVE-2015-1288/ SUSE CVE CVE-2015-1288 page https://www.suse.com/security/cve/CVE-2015-1289/ SUSE CVE CVE-2015-1289 page https://www.suse.com/security/cve/CVE-2015-1291/ SUSE CVE CVE-2015-1291 page https://www.suse.com/security/cve/CVE-2015-1292/ SUSE CVE CVE-2015-1292 page https://www.suse.com/security/cve/CVE-2015-1293/ SUSE CVE CVE-2015-1293 page https://www.suse.com/security/cve/CVE-2015-1294/ SUSE CVE CVE-2015-1294 page https://www.suse.com/security/cve/CVE-2015-1295/ SUSE CVE CVE-2015-1295 page https://www.suse.com/security/cve/CVE-2015-1296/ SUSE CVE CVE-2015-1296 page https://www.suse.com/security/cve/CVE-2015-1297/ SUSE CVE CVE-2015-1297 page https://www.suse.com/security/cve/CVE-2015-1298/ SUSE CVE CVE-2015-1298 page https://www.suse.com/security/cve/CVE-2015-1299/ SUSE CVE CVE-2015-1299 page https://www.suse.com/security/cve/CVE-2015-1300/ SUSE CVE CVE-2015-1300 page https://www.suse.com/security/cve/CVE-2015-1301/ SUSE CVE CVE-2015-1301 page https://www.suse.com/security/cve/CVE-2015-1302/ SUSE CVE CVE-2015-1302 page https://www.suse.com/security/cve/CVE-2015-1303/ SUSE CVE CVE-2015-1303 page https://www.suse.com/security/cve/CVE-2015-1304/ SUSE CVE CVE-2015-1304 page https://www.suse.com/security/cve/CVE-2015-6755/ SUSE CVE CVE-2015-6755 page https://www.suse.com/security/cve/CVE-2015-6756/ SUSE CVE CVE-2015-6756 page https://www.suse.com/security/cve/CVE-2015-6757/ SUSE CVE CVE-2015-6757 page https://www.suse.com/security/cve/CVE-2015-6758/ SUSE CVE CVE-2015-6758 page https://www.suse.com/security/cve/CVE-2015-6759/ SUSE CVE CVE-2015-6759 page https://www.suse.com/security/cve/CVE-2015-6760/ SUSE CVE CVE-2015-6760 page https://www.suse.com/security/cve/CVE-2015-6761/ SUSE CVE CVE-2015-6761 page https://www.suse.com/security/cve/CVE-2015-6762/ SUSE CVE CVE-2015-6762 page https://www.suse.com/security/cve/CVE-2015-6763/ SUSE CVE CVE-2015-6763 page https://www.suse.com/security/cve/CVE-2015-6764/ SUSE CVE CVE-2015-6764 page https://www.suse.com/security/cve/CVE-2015-6765/ SUSE CVE CVE-2015-6765 page https://www.suse.com/security/cve/CVE-2015-6766/ SUSE CVE CVE-2015-6766 page https://www.suse.com/security/cve/CVE-2015-6767/ SUSE CVE CVE-2015-6767 page https://www.suse.com/security/cve/CVE-2015-6768/ SUSE CVE CVE-2015-6768 page https://www.suse.com/security/cve/CVE-2015-6769/ SUSE CVE CVE-2015-6769 page https://www.suse.com/security/cve/CVE-2015-6770/ SUSE CVE CVE-2015-6770 page https://www.suse.com/security/cve/CVE-2015-6771/ SUSE CVE CVE-2015-6771 page https://www.suse.com/security/cve/CVE-2015-6772/ SUSE CVE CVE-2015-6772 page https://www.suse.com/security/cve/CVE-2015-6773/ SUSE CVE CVE-2015-6773 page https://www.suse.com/security/cve/CVE-2015-6774/ SUSE CVE CVE-2015-6774 page https://www.suse.com/security/cve/CVE-2015-6775/ SUSE CVE CVE-2015-6775 page https://www.suse.com/security/cve/CVE-2015-6776/ SUSE CVE CVE-2015-6776 page https://www.suse.com/security/cve/CVE-2015-6777/ SUSE CVE CVE-2015-6777 page https://www.suse.com/security/cve/CVE-2015-6778/ SUSE CVE CVE-2015-6778 page https://www.suse.com/security/cve/CVE-2015-6779/ SUSE CVE CVE-2015-6779 page https://www.suse.com/security/cve/CVE-2015-6780/ SUSE CVE CVE-2015-6780 page https://www.suse.com/security/cve/CVE-2015-6781/ SUSE CVE CVE-2015-6781 page https://www.suse.com/security/cve/CVE-2015-6782/ SUSE CVE CVE-2015-6782 page https://www.suse.com/security/cve/CVE-2015-6783/ SUSE CVE CVE-2015-6783 page https://www.suse.com/security/cve/CVE-2015-6784/ SUSE CVE CVE-2015-6784 page https://www.suse.com/security/cve/CVE-2015-6785/ SUSE CVE CVE-2015-6785 page https://www.suse.com/security/cve/CVE-2015-6786/ SUSE CVE CVE-2015-6786 page https://www.suse.com/security/cve/CVE-2015-6787/ SUSE CVE CVE-2015-6787 page https://www.suse.com/security/cve/CVE-2015-6788/ SUSE CVE CVE-2015-6788 page https://www.suse.com/security/cve/CVE-2015-6789/ SUSE CVE CVE-2015-6789 page https://www.suse.com/security/cve/CVE-2015-6790/ SUSE CVE CVE-2015-6790 page https://www.suse.com/security/cve/CVE-2015-6791/ SUSE CVE CVE-2015-6791 page https://www.suse.com/security/cve/CVE-2015-6792/ SUSE CVE CVE-2015-6792 page https://www.suse.com/security/cve/CVE-2015-7834/ SUSE CVE CVE-2015-7834 page https://www.suse.com/security/cve/CVE-2015-8126/ SUSE CVE CVE-2015-8126 page https://www.suse.com/security/cve/CVE-2016-1612/ SUSE CVE CVE-2016-1612 page https://www.suse.com/security/cve/CVE-2016-1613/ SUSE CVE CVE-2016-1613 page https://www.suse.com/security/cve/CVE-2016-1614/ SUSE CVE CVE-2016-1614 page https://www.suse.com/security/cve/CVE-2016-1615/ SUSE CVE CVE-2016-1615 page https://www.suse.com/security/cve/CVE-2016-1616/ SUSE CVE CVE-2016-1616 page https://www.suse.com/security/cve/CVE-2016-1617/ SUSE CVE CVE-2016-1617 page https://www.suse.com/security/cve/CVE-2016-1618/ SUSE CVE CVE-2016-1618 page https://www.suse.com/security/cve/CVE-2016-1619/ SUSE CVE CVE-2016-1619 page https://www.suse.com/security/cve/CVE-2016-1620/ SUSE CVE CVE-2016-1620 page https://www.suse.com/security/cve/CVE-2016-1622/ SUSE CVE CVE-2016-1622 page https://www.suse.com/security/cve/CVE-2016-1623/ SUSE CVE CVE-2016-1623 page https://www.suse.com/security/cve/CVE-2016-1624/ SUSE CVE CVE-2016-1624 page https://www.suse.com/security/cve/CVE-2016-1625/ SUSE CVE CVE-2016-1625 page https://www.suse.com/security/cve/CVE-2016-1626/ SUSE CVE CVE-2016-1626 page https://www.suse.com/security/cve/CVE-2016-1627/ SUSE CVE CVE-2016-1627 page https://www.suse.com/security/cve/CVE-2016-1629/ SUSE CVE CVE-2016-1629 page https://www.suse.com/security/cve/CVE-2016-1630/ SUSE CVE CVE-2016-1630 page https://www.suse.com/security/cve/CVE-2016-1631/ SUSE CVE CVE-2016-1631 page https://www.suse.com/security/cve/CVE-2016-1632/ SUSE CVE CVE-2016-1632 page https://www.suse.com/security/cve/CVE-2016-1633/ SUSE CVE CVE-2016-1633 page https://www.suse.com/security/cve/CVE-2016-1634/ SUSE CVE CVE-2016-1634 page https://www.suse.com/security/cve/CVE-2016-1635/ SUSE CVE CVE-2016-1635 page https://www.suse.com/security/cve/CVE-2016-1636/ SUSE CVE CVE-2016-1636 page https://www.suse.com/security/cve/CVE-2016-1637/ SUSE CVE CVE-2016-1637 page https://www.suse.com/security/cve/CVE-2016-1638/ SUSE CVE CVE-2016-1638 page https://www.suse.com/security/cve/CVE-2016-1639/ SUSE CVE CVE-2016-1639 page https://www.suse.com/security/cve/CVE-2016-1640/ SUSE CVE CVE-2016-1640 page https://www.suse.com/security/cve/CVE-2016-1641/ SUSE CVE CVE-2016-1641 page https://www.suse.com/security/cve/CVE-2016-1642/ SUSE CVE CVE-2016-1642 page https://www.suse.com/security/cve/CVE-2016-1643/ SUSE CVE CVE-2016-1643 page https://www.suse.com/security/cve/CVE-2016-1644/ SUSE CVE CVE-2016-1644 page https://www.suse.com/security/cve/CVE-2016-1645/ SUSE CVE CVE-2016-1645 page https://www.suse.com/security/cve/CVE-2016-1646/ SUSE CVE CVE-2016-1646 page https://www.suse.com/security/cve/CVE-2016-1647/ SUSE CVE CVE-2016-1647 page https://www.suse.com/security/cve/CVE-2016-1648/ SUSE CVE CVE-2016-1648 page https://www.suse.com/security/cve/CVE-2016-1649/ SUSE CVE CVE-2016-1649 page https://www.suse.com/security/cve/CVE-2016-1650/ SUSE CVE CVE-2016-1650 page https://www.suse.com/security/cve/CVE-2016-1651/ SUSE CVE CVE-2016-1651 page https://www.suse.com/security/cve/CVE-2016-1652/ SUSE CVE CVE-2016-1652 page https://www.suse.com/security/cve/CVE-2016-1653/ SUSE CVE CVE-2016-1653 page https://www.suse.com/security/cve/CVE-2016-1654/ SUSE CVE CVE-2016-1654 page https://www.suse.com/security/cve/CVE-2016-1655/ SUSE CVE CVE-2016-1655 page https://www.suse.com/security/cve/CVE-2016-1656/ SUSE CVE CVE-2016-1656 page https://www.suse.com/security/cve/CVE-2016-1657/ SUSE CVE CVE-2016-1657 page https://www.suse.com/security/cve/CVE-2016-1658/ SUSE CVE CVE-2016-1658 page https://www.suse.com/security/cve/CVE-2016-1659/ SUSE CVE CVE-2016-1659 page https://www.suse.com/security/cve/CVE-2016-1660/ SUSE CVE CVE-2016-1660 page https://www.suse.com/security/cve/CVE-2016-1661/ SUSE CVE CVE-2016-1661 page https://www.suse.com/security/cve/CVE-2016-1662/ SUSE CVE CVE-2016-1662 page https://www.suse.com/security/cve/CVE-2016-1663/ SUSE CVE CVE-2016-1663 page https://www.suse.com/security/cve/CVE-2016-1664/ SUSE CVE CVE-2016-1664 page https://www.suse.com/security/cve/CVE-2016-1665/ SUSE CVE CVE-2016-1665 page https://www.suse.com/security/cve/CVE-2016-1666/ SUSE CVE CVE-2016-1666 page https://www.suse.com/security/cve/CVE-2016-1667/ SUSE CVE CVE-2016-1667 page https://www.suse.com/security/cve/CVE-2016-1668/ SUSE CVE CVE-2016-1668 page https://www.suse.com/security/cve/CVE-2016-1669/ SUSE CVE CVE-2016-1669 page https://www.suse.com/security/cve/CVE-2016-1670/ SUSE CVE CVE-2016-1670 page https://www.suse.com/security/cve/CVE-2016-1672/ SUSE CVE CVE-2016-1672 page https://www.suse.com/security/cve/CVE-2016-1673/ SUSE CVE CVE-2016-1673 page https://www.suse.com/security/cve/CVE-2016-1674/ SUSE CVE CVE-2016-1674 page https://www.suse.com/security/cve/CVE-2016-1675/ SUSE CVE CVE-2016-1675 page https://www.suse.com/security/cve/CVE-2016-1676/ SUSE CVE CVE-2016-1676 page https://www.suse.com/security/cve/CVE-2016-1677/ SUSE CVE CVE-2016-1677 page https://www.suse.com/security/cve/CVE-2016-1678/ SUSE CVE CVE-2016-1678 page https://www.suse.com/security/cve/CVE-2016-1679/ SUSE CVE CVE-2016-1679 page https://www.suse.com/security/cve/CVE-2016-1680/ SUSE CVE CVE-2016-1680 page https://www.suse.com/security/cve/CVE-2016-1681/ SUSE CVE CVE-2016-1681 page https://www.suse.com/security/cve/CVE-2016-1682/ SUSE CVE CVE-2016-1682 page https://www.suse.com/security/cve/CVE-2016-1683/ SUSE CVE CVE-2016-1683 page https://www.suse.com/security/cve/CVE-2016-1684/ SUSE CVE CVE-2016-1684 page https://www.suse.com/security/cve/CVE-2016-1685/ SUSE CVE CVE-2016-1685 page https://www.suse.com/security/cve/CVE-2016-1686/ SUSE CVE CVE-2016-1686 page https://www.suse.com/security/cve/CVE-2016-1687/ SUSE CVE CVE-2016-1687 page https://www.suse.com/security/cve/CVE-2016-1688/ SUSE CVE CVE-2016-1688 page https://www.suse.com/security/cve/CVE-2016-1689/ SUSE CVE CVE-2016-1689 page https://www.suse.com/security/cve/CVE-2016-1690/ SUSE CVE CVE-2016-1690 page https://www.suse.com/security/cve/CVE-2016-1691/ SUSE CVE CVE-2016-1691 page https://www.suse.com/security/cve/CVE-2016-1692/ SUSE CVE CVE-2016-1692 page https://www.suse.com/security/cve/CVE-2016-1693/ SUSE CVE CVE-2016-1693 page https://www.suse.com/security/cve/CVE-2016-1694/ SUSE CVE CVE-2016-1694 page https://www.suse.com/security/cve/CVE-2016-1695/ SUSE CVE CVE-2016-1695 page https://www.suse.com/security/cve/CVE-2016-1696/ SUSE CVE CVE-2016-1696 page https://www.suse.com/security/cve/CVE-2016-1697/ SUSE CVE CVE-2016-1697 page https://www.suse.com/security/cve/CVE-2016-1698/ SUSE CVE CVE-2016-1698 page https://www.suse.com/security/cve/CVE-2016-1699/ SUSE CVE CVE-2016-1699 page https://www.suse.com/security/cve/CVE-2016-1700/ SUSE CVE CVE-2016-1700 page https://www.suse.com/security/cve/CVE-2016-1701/ SUSE CVE CVE-2016-1701 page https://www.suse.com/security/cve/CVE-2016-1702/ SUSE CVE CVE-2016-1702 page https://www.suse.com/security/cve/CVE-2016-1703/ SUSE CVE CVE-2016-1703 page https://www.suse.com/security/cve/CVE-2016-1704/ SUSE CVE CVE-2016-1704 page https://www.suse.com/security/cve/CVE-2016-1705/ SUSE CVE CVE-2016-1705 page https://www.suse.com/security/cve/CVE-2016-1706/ SUSE CVE CVE-2016-1706 page https://www.suse.com/security/cve/CVE-2016-1707/ SUSE CVE CVE-2016-1707 page https://www.suse.com/security/cve/CVE-2016-1708/ SUSE CVE CVE-2016-1708 page https://www.suse.com/security/cve/CVE-2016-1709/ SUSE CVE CVE-2016-1709 page https://www.suse.com/security/cve/CVE-2016-1710/ SUSE CVE CVE-2016-1710 page https://www.suse.com/security/cve/CVE-2016-1711/ SUSE CVE CVE-2016-1711 page https://www.suse.com/security/cve/CVE-2016-3679/ SUSE CVE CVE-2016-3679 page https://www.suse.com/security/cve/CVE-2016-5127/ SUSE CVE CVE-2016-5127 page https://www.suse.com/security/cve/CVE-2016-5128/ SUSE CVE CVE-2016-5128 page https://www.suse.com/security/cve/CVE-2016-5129/ SUSE CVE CVE-2016-5129 page https://www.suse.com/security/cve/CVE-2016-5130/ SUSE CVE CVE-2016-5130 page https://www.suse.com/security/cve/CVE-2016-5131/ SUSE CVE CVE-2016-5131 page https://www.suse.com/security/cve/CVE-2016-5132/ SUSE CVE CVE-2016-5132 page https://www.suse.com/security/cve/CVE-2016-5133/ SUSE CVE CVE-2016-5133 page https://www.suse.com/security/cve/CVE-2016-5134/ SUSE CVE CVE-2016-5134 page https://www.suse.com/security/cve/CVE-2016-5135/ SUSE CVE CVE-2016-5135 page https://www.suse.com/security/cve/CVE-2016-5136/ SUSE CVE CVE-2016-5136 page https://www.suse.com/security/cve/CVE-2016-5137/ SUSE CVE CVE-2016-5137 page https://www.suse.com/security/cve/CVE-2016-5139/ SUSE CVE CVE-2016-5139 page https://www.suse.com/security/cve/CVE-2016-5140/ SUSE CVE CVE-2016-5140 page https://www.suse.com/security/cve/CVE-2016-5141/ SUSE CVE CVE-2016-5141 page https://www.suse.com/security/cve/CVE-2016-5142/ SUSE CVE CVE-2016-5142 page https://www.suse.com/security/cve/CVE-2016-5143/ SUSE CVE CVE-2016-5143 page https://www.suse.com/security/cve/CVE-2016-5144/ SUSE CVE CVE-2016-5144 page https://www.suse.com/security/cve/CVE-2016-5145/ SUSE CVE CVE-2016-5145 page https://www.suse.com/security/cve/CVE-2016-5146/ SUSE CVE CVE-2016-5146 page https://www.suse.com/security/cve/CVE-2016-5147/ SUSE CVE CVE-2016-5147 page https://www.suse.com/security/cve/CVE-2016-5148/ SUSE CVE CVE-2016-5148 page https://www.suse.com/security/cve/CVE-2016-5149/ SUSE CVE CVE-2016-5149 page https://www.suse.com/security/cve/CVE-2016-5150/ SUSE CVE CVE-2016-5150 page https://www.suse.com/security/cve/CVE-2016-5151/ SUSE CVE CVE-2016-5151 page https://www.suse.com/security/cve/CVE-2016-5152/ SUSE CVE CVE-2016-5152 page https://www.suse.com/security/cve/CVE-2016-5153/ SUSE CVE CVE-2016-5153 page https://www.suse.com/security/cve/CVE-2016-5154/ SUSE CVE CVE-2016-5154 page https://www.suse.com/security/cve/CVE-2016-5155/ SUSE CVE CVE-2016-5155 page https://www.suse.com/security/cve/CVE-2016-5156/ SUSE CVE CVE-2016-5156 page https://www.suse.com/security/cve/CVE-2016-5157/ SUSE CVE CVE-2016-5157 page https://www.suse.com/security/cve/CVE-2016-5158/ SUSE CVE CVE-2016-5158 page https://www.suse.com/security/cve/CVE-2016-5159/ SUSE CVE CVE-2016-5159 page https://www.suse.com/security/cve/CVE-2016-5160/ SUSE CVE CVE-2016-5160 page https://www.suse.com/security/cve/CVE-2016-5161/ SUSE CVE CVE-2016-5161 page https://www.suse.com/security/cve/CVE-2016-5162/ SUSE CVE CVE-2016-5162 page https://www.suse.com/security/cve/CVE-2016-5163/ SUSE CVE CVE-2016-5163 page https://www.suse.com/security/cve/CVE-2016-5164/ SUSE CVE CVE-2016-5164 page https://www.suse.com/security/cve/CVE-2016-5165/ SUSE CVE CVE-2016-5165 page https://www.suse.com/security/cve/CVE-2016-5166/ SUSE CVE CVE-2016-5166 page https://www.suse.com/security/cve/CVE-2016-5170/ SUSE CVE CVE-2016-5170 page https://www.suse.com/security/cve/CVE-2016-5171/ SUSE CVE CVE-2016-5171 page https://www.suse.com/security/cve/CVE-2016-5172/ SUSE CVE CVE-2016-5172 page https://www.suse.com/security/cve/CVE-2016-5173/ SUSE CVE CVE-2016-5173 page https://www.suse.com/security/cve/CVE-2016-5174/ SUSE CVE CVE-2016-5174 page https://www.suse.com/security/cve/CVE-2016-5175/ SUSE CVE CVE-2016-5175 page https://www.suse.com/security/cve/CVE-2016-5177/ SUSE CVE CVE-2016-5177 page https://www.suse.com/security/cve/CVE-2016-5178/ SUSE CVE CVE-2016-5178 page https://www.suse.com/security/cve/CVE-2016-5181/ SUSE CVE CVE-2016-5181 page https://www.suse.com/security/cve/CVE-2016-5182/ SUSE CVE CVE-2016-5182 page https://www.suse.com/security/cve/CVE-2016-5183/ SUSE CVE CVE-2016-5183 page https://www.suse.com/security/cve/CVE-2016-5184/ SUSE CVE CVE-2016-5184 page https://www.suse.com/security/cve/CVE-2016-5185/ SUSE CVE CVE-2016-5185 page https://www.suse.com/security/cve/CVE-2016-5186/ SUSE CVE CVE-2016-5186 page https://www.suse.com/security/cve/CVE-2016-5187/ SUSE CVE CVE-2016-5187 page https://www.suse.com/security/cve/CVE-2016-5188/ SUSE CVE CVE-2016-5188 page https://www.suse.com/security/cve/CVE-2016-5189/ SUSE CVE CVE-2016-5189 page https://www.suse.com/security/cve/CVE-2016-5190/ SUSE CVE CVE-2016-5190 page https://www.suse.com/security/cve/CVE-2016-5191/ SUSE CVE CVE-2016-5191 page https://www.suse.com/security/cve/CVE-2016-5192/ SUSE CVE CVE-2016-5192 page https://www.suse.com/security/cve/CVE-2016-5193/ SUSE CVE CVE-2016-5193 page https://www.suse.com/security/cve/CVE-2016-5198/ SUSE CVE CVE-2016-5198 page https://www.suse.com/security/cve/CVE-2016-5199/ SUSE CVE CVE-2016-5199 page https://www.suse.com/security/cve/CVE-2016-5200/ SUSE CVE CVE-2016-5200 page https://www.suse.com/security/cve/CVE-2016-5201/ SUSE CVE CVE-2016-5201 page https://www.suse.com/security/cve/CVE-2016-5202/ SUSE CVE CVE-2016-5202 page https://www.suse.com/security/cve/CVE-2016-5204/ SUSE CVE CVE-2016-5204 page https://www.suse.com/security/cve/CVE-2016-5211/ SUSE CVE CVE-2016-5211 page https://www.suse.com/security/cve/CVE-2016-5217/ SUSE CVE CVE-2016-5217 page https://www.suse.com/security/cve/CVE-2016-5222/ SUSE CVE CVE-2016-5222 page https://www.suse.com/security/cve/CVE-2016-5224/ SUSE CVE CVE-2016-5224 page https://www.suse.com/security/cve/CVE-2016-9651/ SUSE CVE CVE-2016-9651 page https://www.suse.com/security/cve/CVE-2017-11215/ SUSE CVE CVE-2017-11215 page https://www.suse.com/security/cve/CVE-2017-11225/ SUSE CVE CVE-2017-11225 page https://www.suse.com/security/cve/CVE-2017-15386/ SUSE CVE CVE-2017-15386 page https://www.suse.com/security/cve/CVE-2017-15387/ SUSE CVE CVE-2017-15387 page https://www.suse.com/security/cve/CVE-2017-15388/ SUSE CVE CVE-2017-15388 page https://www.suse.com/security/cve/CVE-2017-15389/ SUSE CVE CVE-2017-15389 page https://www.suse.com/security/cve/CVE-2017-15390/ SUSE CVE CVE-2017-15390 page https://www.suse.com/security/cve/CVE-2017-15391/ SUSE CVE CVE-2017-15391 page https://www.suse.com/security/cve/CVE-2017-15392/ SUSE CVE CVE-2017-15392 page https://www.suse.com/security/cve/CVE-2017-15393/ SUSE CVE CVE-2017-15393 page https://www.suse.com/security/cve/CVE-2017-15394/ SUSE CVE CVE-2017-15394 page https://www.suse.com/security/cve/CVE-2017-15395/ SUSE CVE CVE-2017-15395 page https://www.suse.com/security/cve/CVE-2017-15396/ SUSE CVE CVE-2017-15396 page https://www.suse.com/security/cve/CVE-2017-15398/ SUSE CVE CVE-2017-15398 page https://www.suse.com/security/cve/CVE-2017-15399/ SUSE CVE CVE-2017-15399 page https://www.suse.com/security/cve/CVE-2017-15407/ SUSE CVE CVE-2017-15407 page https://www.suse.com/security/cve/CVE-2017-15408/ SUSE CVE CVE-2017-15408 page https://www.suse.com/security/cve/CVE-2017-15409/ SUSE CVE CVE-2017-15409 page https://www.suse.com/security/cve/CVE-2017-15410/ SUSE CVE CVE-2017-15410 page https://www.suse.com/security/cve/CVE-2017-15411/ SUSE CVE CVE-2017-15411 page https://www.suse.com/security/cve/CVE-2017-15412/ SUSE CVE CVE-2017-15412 page https://www.suse.com/security/cve/CVE-2017-15413/ SUSE CVE CVE-2017-15413 page https://www.suse.com/security/cve/CVE-2017-15415/ SUSE CVE CVE-2017-15415 page https://www.suse.com/security/cve/CVE-2017-15416/ SUSE CVE CVE-2017-15416 page https://www.suse.com/security/cve/CVE-2017-15417/ SUSE CVE CVE-2017-15417 page https://www.suse.com/security/cve/CVE-2017-15418/ SUSE CVE CVE-2017-15418 page https://www.suse.com/security/cve/CVE-2017-15419/ SUSE CVE CVE-2017-15419 page https://www.suse.com/security/cve/CVE-2017-15420/ SUSE CVE CVE-2017-15420 page https://www.suse.com/security/cve/CVE-2017-15422/ SUSE CVE CVE-2017-15422 page https://www.suse.com/security/cve/CVE-2017-15423/ SUSE CVE CVE-2017-15423 page https://www.suse.com/security/cve/CVE-2017-15424/ SUSE CVE CVE-2017-15424 page https://www.suse.com/security/cve/CVE-2017-15425/ SUSE CVE CVE-2017-15425 page https://www.suse.com/security/cve/CVE-2017-15426/ SUSE CVE CVE-2017-15426 page https://www.suse.com/security/cve/CVE-2017-15427/ SUSE CVE CVE-2017-15427 page https://www.suse.com/security/cve/CVE-2017-15429/ SUSE CVE CVE-2017-15429 page https://www.suse.com/security/cve/CVE-2017-15430/ SUSE CVE CVE-2017-15430 page https://www.suse.com/security/cve/CVE-2017-5006/ SUSE CVE CVE-2017-5006 page https://www.suse.com/security/cve/CVE-2017-5007/ SUSE CVE CVE-2017-5007 page https://www.suse.com/security/cve/CVE-2017-5008/ SUSE CVE CVE-2017-5008 page https://www.suse.com/security/cve/CVE-2017-5009/ SUSE CVE CVE-2017-5009 page https://www.suse.com/security/cve/CVE-2017-5010/ SUSE CVE CVE-2017-5010 page https://www.suse.com/security/cve/CVE-2017-5011/ SUSE CVE CVE-2017-5011 page https://www.suse.com/security/cve/CVE-2017-5012/ SUSE CVE CVE-2017-5012 page https://www.suse.com/security/cve/CVE-2017-5013/ SUSE CVE CVE-2017-5013 page https://www.suse.com/security/cve/CVE-2017-5014/ SUSE CVE CVE-2017-5014 page https://www.suse.com/security/cve/CVE-2017-5015/ SUSE CVE CVE-2017-5015 page https://www.suse.com/security/cve/CVE-2017-5016/ SUSE CVE CVE-2017-5016 page https://www.suse.com/security/cve/CVE-2017-5017/ SUSE CVE CVE-2017-5017 page https://www.suse.com/security/cve/CVE-2017-5018/ SUSE CVE CVE-2017-5018 page https://www.suse.com/security/cve/CVE-2017-5019/ SUSE CVE CVE-2017-5019 page https://www.suse.com/security/cve/CVE-2017-5020/ SUSE CVE CVE-2017-5020 page https://www.suse.com/security/cve/CVE-2017-5021/ SUSE CVE CVE-2017-5021 page https://www.suse.com/security/cve/CVE-2017-5022/ SUSE CVE CVE-2017-5022 page https://www.suse.com/security/cve/CVE-2017-5023/ SUSE CVE CVE-2017-5023 page https://www.suse.com/security/cve/CVE-2017-5024/ SUSE CVE CVE-2017-5024 page https://www.suse.com/security/cve/CVE-2017-5025/ SUSE CVE CVE-2017-5025 page https://www.suse.com/security/cve/CVE-2017-5026/ SUSE CVE CVE-2017-5026 page https://www.suse.com/security/cve/CVE-2017-5030/ SUSE CVE CVE-2017-5030 page https://www.suse.com/security/cve/CVE-2017-5035/ SUSE CVE CVE-2017-5035 page https://www.suse.com/security/cve/CVE-2017-5041/ SUSE CVE CVE-2017-5041 page https://www.suse.com/security/cve/CVE-2017-5044/ SUSE CVE CVE-2017-5044 page https://www.suse.com/security/cve/CVE-2017-5052/ SUSE CVE CVE-2017-5052 page https://www.suse.com/security/cve/CVE-2017-5053/ SUSE CVE CVE-2017-5053 page https://www.suse.com/security/cve/CVE-2017-5054/ SUSE CVE CVE-2017-5054 page https://www.suse.com/security/cve/CVE-2017-5055/ SUSE CVE CVE-2017-5055 page https://www.suse.com/security/cve/CVE-2017-5056/ SUSE CVE CVE-2017-5056 page https://www.suse.com/security/cve/CVE-2017-5057/ SUSE CVE CVE-2017-5057 page https://www.suse.com/security/cve/CVE-2017-5058/ SUSE CVE CVE-2017-5058 page https://www.suse.com/security/cve/CVE-2017-5059/ SUSE CVE CVE-2017-5059 page https://www.suse.com/security/cve/CVE-2017-5060/ SUSE CVE CVE-2017-5060 page https://www.suse.com/security/cve/CVE-2017-5061/ SUSE CVE CVE-2017-5061 page https://www.suse.com/security/cve/CVE-2017-5062/ SUSE CVE CVE-2017-5062 page https://www.suse.com/security/cve/CVE-2017-5063/ SUSE CVE CVE-2017-5063 page https://www.suse.com/security/cve/CVE-2017-5064/ SUSE CVE CVE-2017-5064 page https://www.suse.com/security/cve/CVE-2017-5065/ SUSE CVE CVE-2017-5065 page https://www.suse.com/security/cve/CVE-2017-5066/ SUSE CVE CVE-2017-5066 page https://www.suse.com/security/cve/CVE-2017-5067/ SUSE CVE CVE-2017-5067 page https://www.suse.com/security/cve/CVE-2017-5068/ SUSE CVE CVE-2017-5068 page https://www.suse.com/security/cve/CVE-2017-5069/ SUSE CVE CVE-2017-5069 page https://www.suse.com/security/cve/CVE-2017-5070/ SUSE CVE CVE-2017-5070 page https://www.suse.com/security/cve/CVE-2017-5071/ SUSE CVE CVE-2017-5071 page https://www.suse.com/security/cve/CVE-2017-5072/ SUSE CVE CVE-2017-5072 page https://www.suse.com/security/cve/CVE-2017-5073/ SUSE CVE CVE-2017-5073 page https://www.suse.com/security/cve/CVE-2017-5074/ SUSE CVE CVE-2017-5074 page https://www.suse.com/security/cve/CVE-2017-5075/ SUSE CVE CVE-2017-5075 page https://www.suse.com/security/cve/CVE-2017-5076/ SUSE CVE CVE-2017-5076 page https://www.suse.com/security/cve/CVE-2017-5077/ SUSE CVE CVE-2017-5077 page https://www.suse.com/security/cve/CVE-2017-5078/ SUSE CVE CVE-2017-5078 page https://www.suse.com/security/cve/CVE-2017-5079/ SUSE CVE CVE-2017-5079 page https://www.suse.com/security/cve/CVE-2017-5080/ SUSE CVE CVE-2017-5080 page https://www.suse.com/security/cve/CVE-2017-5081/ SUSE CVE CVE-2017-5081 page https://www.suse.com/security/cve/CVE-2017-5082/ SUSE CVE CVE-2017-5082 page https://www.suse.com/security/cve/CVE-2017-5083/ SUSE CVE CVE-2017-5083 page https://www.suse.com/security/cve/CVE-2017-5085/ SUSE CVE CVE-2017-5085 page https://www.suse.com/security/cve/CVE-2017-5086/ SUSE CVE CVE-2017-5086 page https://www.suse.com/security/cve/CVE-2017-5087/ SUSE CVE CVE-2017-5087 page https://www.suse.com/security/cve/CVE-2017-5088/ SUSE CVE CVE-2017-5088 page https://www.suse.com/security/cve/CVE-2017-5089/ SUSE CVE CVE-2017-5089 page https://www.suse.com/security/cve/CVE-2017-5091/ SUSE CVE CVE-2017-5091 page https://www.suse.com/security/cve/CVE-2017-5092/ SUSE CVE CVE-2017-5092 page https://www.suse.com/security/cve/CVE-2017-5093/ SUSE CVE CVE-2017-5093 page https://www.suse.com/security/cve/CVE-2017-5094/ SUSE CVE CVE-2017-5094 page https://www.suse.com/security/cve/CVE-2017-5095/ SUSE CVE CVE-2017-5095 page https://www.suse.com/security/cve/CVE-2017-5096/ SUSE CVE CVE-2017-5096 page https://www.suse.com/security/cve/CVE-2017-5097/ SUSE CVE CVE-2017-5097 page https://www.suse.com/security/cve/CVE-2017-5098/ SUSE CVE CVE-2017-5098 page https://www.suse.com/security/cve/CVE-2017-5099/ SUSE CVE CVE-2017-5099 page https://www.suse.com/security/cve/CVE-2017-5100/ SUSE CVE CVE-2017-5100 page https://www.suse.com/security/cve/CVE-2017-5101/ SUSE CVE CVE-2017-5101 page https://www.suse.com/security/cve/CVE-2017-5102/ SUSE CVE CVE-2017-5102 page https://www.suse.com/security/cve/CVE-2017-5103/ SUSE CVE CVE-2017-5103 page https://www.suse.com/security/cve/CVE-2017-5104/ SUSE CVE CVE-2017-5104 page https://www.suse.com/security/cve/CVE-2017-5105/ SUSE CVE CVE-2017-5105 page https://www.suse.com/security/cve/CVE-2017-5106/ SUSE CVE CVE-2017-5106 page https://www.suse.com/security/cve/CVE-2017-5107/ SUSE CVE CVE-2017-5107 page https://www.suse.com/security/cve/CVE-2017-5108/ SUSE CVE CVE-2017-5108 page https://www.suse.com/security/cve/CVE-2017-5109/ SUSE CVE CVE-2017-5109 page https://www.suse.com/security/cve/CVE-2017-5110/ SUSE CVE CVE-2017-5110 page https://www.suse.com/security/cve/CVE-2017-5111/ SUSE CVE CVE-2017-5111 page https://www.suse.com/security/cve/CVE-2017-5112/ SUSE CVE CVE-2017-5112 page https://www.suse.com/security/cve/CVE-2017-5113/ SUSE CVE CVE-2017-5113 page https://www.suse.com/security/cve/CVE-2017-5114/ SUSE CVE CVE-2017-5114 page https://www.suse.com/security/cve/CVE-2017-5115/ SUSE CVE CVE-2017-5115 page https://www.suse.com/security/cve/CVE-2017-5116/ SUSE CVE CVE-2017-5116 page https://www.suse.com/security/cve/CVE-2017-5117/ SUSE CVE CVE-2017-5117 page https://www.suse.com/security/cve/CVE-2017-5118/ SUSE CVE CVE-2017-5118 page https://www.suse.com/security/cve/CVE-2017-5119/ SUSE CVE CVE-2017-5119 page https://www.suse.com/security/cve/CVE-2017-5120/ SUSE CVE CVE-2017-5120 page https://www.suse.com/security/cve/CVE-2017-5121/ SUSE CVE CVE-2017-5121 page https://www.suse.com/security/cve/CVE-2017-5122/ SUSE CVE CVE-2017-5122 page https://www.suse.com/security/cve/CVE-2017-5124/ SUSE CVE CVE-2017-5124 page https://www.suse.com/security/cve/CVE-2017-5125/ SUSE CVE CVE-2017-5125 page https://www.suse.com/security/cve/CVE-2017-5126/ SUSE CVE CVE-2017-5126 page https://www.suse.com/security/cve/CVE-2017-5127/ SUSE CVE CVE-2017-5127 page https://www.suse.com/security/cve/CVE-2017-5128/ SUSE CVE CVE-2017-5128 page https://www.suse.com/security/cve/CVE-2017-5129/ SUSE CVE CVE-2017-5129 page https://www.suse.com/security/cve/CVE-2017-5130/ SUSE CVE CVE-2017-5130 page https://www.suse.com/security/cve/CVE-2017-5131/ SUSE CVE CVE-2017-5131 page https://www.suse.com/security/cve/CVE-2017-5132/ SUSE CVE CVE-2017-5132 page https://www.suse.com/security/cve/CVE-2017-5133/ SUSE CVE CVE-2017-5133 page https://www.suse.com/security/cve/CVE-2017-7000/ SUSE CVE CVE-2017-7000 page https://www.suse.com/security/cve/CVE-2018-16065/ SUSE CVE CVE-2018-16065 page https://www.suse.com/security/cve/CVE-2018-16066/ SUSE CVE CVE-2018-16066 page https://www.suse.com/security/cve/CVE-2018-16067/ SUSE CVE CVE-2018-16067 page https://www.suse.com/security/cve/CVE-2018-16068/ SUSE CVE CVE-2018-16068 page https://www.suse.com/security/cve/CVE-2018-16069/ SUSE CVE CVE-2018-16069 page https://www.suse.com/security/cve/CVE-2018-16070/ SUSE CVE CVE-2018-16070 page https://www.suse.com/security/cve/CVE-2018-16071/ SUSE CVE CVE-2018-16071 page https://www.suse.com/security/cve/CVE-2018-16073/ SUSE CVE CVE-2018-16073 page https://www.suse.com/security/cve/CVE-2018-16074/ SUSE CVE CVE-2018-16074 page https://www.suse.com/security/cve/CVE-2018-16075/ SUSE CVE CVE-2018-16075 page https://www.suse.com/security/cve/CVE-2018-16076/ SUSE CVE CVE-2018-16076 page https://www.suse.com/security/cve/CVE-2018-16077/ SUSE CVE CVE-2018-16077 page https://www.suse.com/security/cve/CVE-2018-16078/ SUSE CVE CVE-2018-16078 page https://www.suse.com/security/cve/CVE-2018-16079/ SUSE CVE CVE-2018-16079 page https://www.suse.com/security/cve/CVE-2018-16080/ SUSE CVE CVE-2018-16080 page https://www.suse.com/security/cve/CVE-2018-16081/ SUSE CVE CVE-2018-16081 page https://www.suse.com/security/cve/CVE-2018-16082/ SUSE CVE CVE-2018-16082 page https://www.suse.com/security/cve/CVE-2018-16083/ SUSE CVE CVE-2018-16083 page https://www.suse.com/security/cve/CVE-2018-16084/ SUSE CVE CVE-2018-16084 page https://www.suse.com/security/cve/CVE-2018-16085/ SUSE CVE CVE-2018-16085 page https://www.suse.com/security/cve/CVE-2018-16086/ SUSE CVE CVE-2018-16086 page https://www.suse.com/security/cve/CVE-2018-16087/ SUSE CVE CVE-2018-16087 page https://www.suse.com/security/cve/CVE-2018-16088/ SUSE CVE CVE-2018-16088 page https://www.suse.com/security/cve/CVE-2018-17462/ SUSE CVE CVE-2018-17462 page https://www.suse.com/security/cve/CVE-2018-17463/ SUSE CVE CVE-2018-17463 page https://www.suse.com/security/cve/CVE-2018-17464/ SUSE CVE CVE-2018-17464 page https://www.suse.com/security/cve/CVE-2018-17465/ SUSE CVE CVE-2018-17465 page https://www.suse.com/security/cve/CVE-2018-17466/ SUSE CVE CVE-2018-17466 page https://www.suse.com/security/cve/CVE-2018-17467/ SUSE CVE CVE-2018-17467 page https://www.suse.com/security/cve/CVE-2018-17468/ SUSE CVE CVE-2018-17468 page https://www.suse.com/security/cve/CVE-2018-17469/ SUSE CVE CVE-2018-17469 page https://www.suse.com/security/cve/CVE-2018-17470/ SUSE CVE CVE-2018-17470 page https://www.suse.com/security/cve/CVE-2018-17471/ SUSE CVE CVE-2018-17471 page https://www.suse.com/security/cve/CVE-2018-17472/ SUSE CVE CVE-2018-17472 page https://www.suse.com/security/cve/CVE-2018-17473/ SUSE CVE CVE-2018-17473 page https://www.suse.com/security/cve/CVE-2018-17474/ SUSE CVE CVE-2018-17474 page https://www.suse.com/security/cve/CVE-2018-17475/ SUSE CVE CVE-2018-17475 page https://www.suse.com/security/cve/CVE-2018-17476/ SUSE CVE CVE-2018-17476 page https://www.suse.com/security/cve/CVE-2018-17477/ SUSE CVE CVE-2018-17477 page https://www.suse.com/security/cve/CVE-2018-17478/ SUSE CVE CVE-2018-17478 page https://www.suse.com/security/cve/CVE-2018-17479/ SUSE CVE CVE-2018-17479 page https://www.suse.com/security/cve/CVE-2018-17480/ SUSE CVE CVE-2018-17480 page https://www.suse.com/security/cve/CVE-2018-17481/ SUSE CVE CVE-2018-17481 page https://www.suse.com/security/cve/CVE-2018-18335/ SUSE CVE CVE-2018-18335 page https://www.suse.com/security/cve/CVE-2018-18336/ SUSE CVE CVE-2018-18336 page https://www.suse.com/security/cve/CVE-2018-18337/ SUSE CVE CVE-2018-18337 page https://www.suse.com/security/cve/CVE-2018-18338/ SUSE CVE CVE-2018-18338 page https://www.suse.com/security/cve/CVE-2018-18339/ SUSE CVE CVE-2018-18339 page https://www.suse.com/security/cve/CVE-2018-18340/ SUSE CVE CVE-2018-18340 page https://www.suse.com/security/cve/CVE-2018-18341/ SUSE CVE CVE-2018-18341 page https://www.suse.com/security/cve/CVE-2018-18342/ SUSE CVE CVE-2018-18342 page https://www.suse.com/security/cve/CVE-2018-18343/ SUSE CVE CVE-2018-18343 page https://www.suse.com/security/cve/CVE-2018-18344/ SUSE CVE CVE-2018-18344 page https://www.suse.com/security/cve/CVE-2018-18345/ SUSE CVE CVE-2018-18345 page https://www.suse.com/security/cve/CVE-2018-18346/ SUSE CVE CVE-2018-18346 page https://www.suse.com/security/cve/CVE-2018-18347/ SUSE CVE CVE-2018-18347 page https://www.suse.com/security/cve/CVE-2018-18348/ SUSE CVE CVE-2018-18348 page https://www.suse.com/security/cve/CVE-2018-18349/ SUSE CVE CVE-2018-18349 page https://www.suse.com/security/cve/CVE-2018-18350/ SUSE CVE CVE-2018-18350 page https://www.suse.com/security/cve/CVE-2018-18351/ SUSE CVE CVE-2018-18351 page https://www.suse.com/security/cve/CVE-2018-18352/ SUSE CVE CVE-2018-18352 page https://www.suse.com/security/cve/CVE-2018-18353/ SUSE CVE CVE-2018-18353 page https://www.suse.com/security/cve/CVE-2018-18354/ SUSE CVE CVE-2018-18354 page https://www.suse.com/security/cve/CVE-2018-18355/ SUSE CVE CVE-2018-18355 page https://www.suse.com/security/cve/CVE-2018-18356/ SUSE CVE CVE-2018-18356 page https://www.suse.com/security/cve/CVE-2018-18357/ SUSE CVE CVE-2018-18357 page https://www.suse.com/security/cve/CVE-2018-18358/ SUSE CVE CVE-2018-18358 page https://www.suse.com/security/cve/CVE-2018-18359/ SUSE CVE CVE-2018-18359 page https://www.suse.com/security/cve/CVE-2018-20073/ SUSE CVE CVE-2018-20073 page https://www.suse.com/security/cve/CVE-2018-4117/ SUSE CVE CVE-2018-4117 page https://www.suse.com/security/cve/CVE-2018-5179/ SUSE CVE CVE-2018-5179 page https://www.suse.com/security/cve/CVE-2018-6031/ SUSE CVE CVE-2018-6031 page https://www.suse.com/security/cve/CVE-2018-6032/ SUSE CVE CVE-2018-6032 page https://www.suse.com/security/cve/CVE-2018-6033/ SUSE CVE CVE-2018-6033 page https://www.suse.com/security/cve/CVE-2018-6034/ SUSE CVE CVE-2018-6034 page https://www.suse.com/security/cve/CVE-2018-6035/ SUSE CVE CVE-2018-6035 page https://www.suse.com/security/cve/CVE-2018-6036/ SUSE CVE CVE-2018-6036 page https://www.suse.com/security/cve/CVE-2018-6037/ SUSE CVE CVE-2018-6037 page https://www.suse.com/security/cve/CVE-2018-6038/ SUSE CVE CVE-2018-6038 page https://www.suse.com/security/cve/CVE-2018-6039/ SUSE CVE CVE-2018-6039 page https://www.suse.com/security/cve/CVE-2018-6040/ SUSE CVE CVE-2018-6040 page https://www.suse.com/security/cve/CVE-2018-6041/ SUSE CVE CVE-2018-6041 page https://www.suse.com/security/cve/CVE-2018-6042/ SUSE CVE CVE-2018-6042 page https://www.suse.com/security/cve/CVE-2018-6043/ SUSE CVE CVE-2018-6043 page https://www.suse.com/security/cve/CVE-2018-6044/ SUSE CVE CVE-2018-6044 page https://www.suse.com/security/cve/CVE-2018-6045/ SUSE CVE CVE-2018-6045 page https://www.suse.com/security/cve/CVE-2018-6046/ SUSE CVE CVE-2018-6046 page https://www.suse.com/security/cve/CVE-2018-6047/ SUSE CVE CVE-2018-6047 page https://www.suse.com/security/cve/CVE-2018-6048/ SUSE CVE CVE-2018-6048 page https://www.suse.com/security/cve/CVE-2018-6049/ SUSE CVE CVE-2018-6049 page https://www.suse.com/security/cve/CVE-2018-6050/ SUSE CVE CVE-2018-6050 page https://www.suse.com/security/cve/CVE-2018-6051/ SUSE CVE CVE-2018-6051 page https://www.suse.com/security/cve/CVE-2018-6052/ SUSE CVE CVE-2018-6052 page https://www.suse.com/security/cve/CVE-2018-6053/ SUSE CVE CVE-2018-6053 page https://www.suse.com/security/cve/CVE-2018-6054/ SUSE CVE CVE-2018-6054 page https://www.suse.com/security/cve/CVE-2018-6056/ SUSE CVE CVE-2018-6056 page https://www.suse.com/security/cve/CVE-2018-6057/ SUSE CVE CVE-2018-6057 page https://www.suse.com/security/cve/CVE-2018-6060/ SUSE CVE CVE-2018-6060 page https://www.suse.com/security/cve/CVE-2018-6061/ SUSE CVE CVE-2018-6061 page https://www.suse.com/security/cve/CVE-2018-6062/ SUSE CVE CVE-2018-6062 page https://www.suse.com/security/cve/CVE-2018-6063/ SUSE CVE CVE-2018-6063 page https://www.suse.com/security/cve/CVE-2018-6064/ SUSE CVE CVE-2018-6064 page https://www.suse.com/security/cve/CVE-2018-6065/ SUSE CVE CVE-2018-6065 page https://www.suse.com/security/cve/CVE-2018-6066/ SUSE CVE CVE-2018-6066 page https://www.suse.com/security/cve/CVE-2018-6067/ SUSE CVE CVE-2018-6067 page https://www.suse.com/security/cve/CVE-2018-6068/ SUSE CVE CVE-2018-6068 page https://www.suse.com/security/cve/CVE-2018-6069/ SUSE CVE CVE-2018-6069 page https://www.suse.com/security/cve/CVE-2018-6070/ SUSE CVE CVE-2018-6070 page https://www.suse.com/security/cve/CVE-2018-6071/ SUSE CVE CVE-2018-6071 page https://www.suse.com/security/cve/CVE-2018-6072/ SUSE CVE CVE-2018-6072 page https://www.suse.com/security/cve/CVE-2018-6073/ SUSE CVE CVE-2018-6073 page https://www.suse.com/security/cve/CVE-2018-6074/ SUSE CVE CVE-2018-6074 page https://www.suse.com/security/cve/CVE-2018-6075/ SUSE CVE CVE-2018-6075 page https://www.suse.com/security/cve/CVE-2018-6076/ SUSE CVE CVE-2018-6076 page https://www.suse.com/security/cve/CVE-2018-6077/ SUSE CVE CVE-2018-6077 page https://www.suse.com/security/cve/CVE-2018-6078/ SUSE CVE CVE-2018-6078 page https://www.suse.com/security/cve/CVE-2018-6079/ SUSE CVE CVE-2018-6079 page https://www.suse.com/security/cve/CVE-2018-6080/ SUSE CVE CVE-2018-6080 page https://www.suse.com/security/cve/CVE-2018-6081/ SUSE CVE CVE-2018-6081 page https://www.suse.com/security/cve/CVE-2018-6082/ SUSE CVE CVE-2018-6082 page https://www.suse.com/security/cve/CVE-2018-6083/ SUSE CVE CVE-2018-6083 page https://www.suse.com/security/cve/CVE-2018-6085/ SUSE CVE CVE-2018-6085 page https://www.suse.com/security/cve/CVE-2018-6086/ SUSE CVE CVE-2018-6086 page https://www.suse.com/security/cve/CVE-2018-6087/ SUSE CVE CVE-2018-6087 page https://www.suse.com/security/cve/CVE-2018-6088/ SUSE CVE CVE-2018-6088 page https://www.suse.com/security/cve/CVE-2018-6089/ SUSE CVE CVE-2018-6089 page https://www.suse.com/security/cve/CVE-2018-6090/ SUSE CVE CVE-2018-6090 page https://www.suse.com/security/cve/CVE-2018-6091/ SUSE CVE CVE-2018-6091 page https://www.suse.com/security/cve/CVE-2018-6092/ SUSE CVE CVE-2018-6092 page https://www.suse.com/security/cve/CVE-2018-6093/ SUSE CVE CVE-2018-6093 page https://www.suse.com/security/cve/CVE-2018-6094/ SUSE CVE CVE-2018-6094 page https://www.suse.com/security/cve/CVE-2018-6095/ SUSE CVE CVE-2018-6095 page https://www.suse.com/security/cve/CVE-2018-6096/ SUSE CVE CVE-2018-6096 page https://www.suse.com/security/cve/CVE-2018-6097/ SUSE CVE CVE-2018-6097 page https://www.suse.com/security/cve/CVE-2018-6098/ SUSE CVE CVE-2018-6098 page https://www.suse.com/security/cve/CVE-2018-6099/ SUSE CVE CVE-2018-6099 page https://www.suse.com/security/cve/CVE-2018-6100/ SUSE CVE CVE-2018-6100 page https://www.suse.com/security/cve/CVE-2018-6101/ SUSE CVE CVE-2018-6101 page https://www.suse.com/security/cve/CVE-2018-6102/ SUSE CVE CVE-2018-6102 page https://www.suse.com/security/cve/CVE-2018-6103/ SUSE CVE CVE-2018-6103 page https://www.suse.com/security/cve/CVE-2018-6104/ SUSE CVE CVE-2018-6104 page https://www.suse.com/security/cve/CVE-2018-6105/ SUSE CVE CVE-2018-6105 page https://www.suse.com/security/cve/CVE-2018-6106/ SUSE CVE CVE-2018-6106 page https://www.suse.com/security/cve/CVE-2018-6107/ SUSE CVE CVE-2018-6107 page https://www.suse.com/security/cve/CVE-2018-6108/ SUSE CVE CVE-2018-6108 page https://www.suse.com/security/cve/CVE-2018-6109/ SUSE CVE CVE-2018-6109 page https://www.suse.com/security/cve/CVE-2018-6110/ SUSE CVE CVE-2018-6110 page https://www.suse.com/security/cve/CVE-2018-6111/ SUSE CVE CVE-2018-6111 page https://www.suse.com/security/cve/CVE-2018-6112/ SUSE CVE CVE-2018-6112 page https://www.suse.com/security/cve/CVE-2018-6113/ SUSE CVE CVE-2018-6113 page https://www.suse.com/security/cve/CVE-2018-6114/ SUSE CVE CVE-2018-6114 page https://www.suse.com/security/cve/CVE-2018-6115/ SUSE CVE CVE-2018-6115 page https://www.suse.com/security/cve/CVE-2018-6116/ SUSE CVE CVE-2018-6116 page https://www.suse.com/security/cve/CVE-2018-6117/ SUSE CVE CVE-2018-6117 page https://www.suse.com/security/cve/CVE-2018-6118/ SUSE CVE CVE-2018-6118 page https://www.suse.com/security/cve/CVE-2018-6120/ SUSE CVE CVE-2018-6120 page https://www.suse.com/security/cve/CVE-2018-6121/ SUSE CVE CVE-2018-6121 page https://www.suse.com/security/cve/CVE-2018-6122/ SUSE CVE CVE-2018-6122 page https://www.suse.com/security/cve/CVE-2018-6123/ SUSE CVE CVE-2018-6123 page https://www.suse.com/security/cve/CVE-2018-6124/ SUSE CVE CVE-2018-6124 page https://www.suse.com/security/cve/CVE-2018-6125/ SUSE CVE CVE-2018-6125 page https://www.suse.com/security/cve/CVE-2018-6126/ SUSE CVE CVE-2018-6126 page https://www.suse.com/security/cve/CVE-2018-6127/ SUSE CVE CVE-2018-6127 page https://www.suse.com/security/cve/CVE-2018-6128/ SUSE CVE CVE-2018-6128 page https://www.suse.com/security/cve/CVE-2018-6129/ SUSE CVE CVE-2018-6129 page https://www.suse.com/security/cve/CVE-2018-6130/ SUSE CVE CVE-2018-6130 page https://www.suse.com/security/cve/CVE-2018-6131/ SUSE CVE CVE-2018-6131 page https://www.suse.com/security/cve/CVE-2018-6132/ SUSE CVE CVE-2018-6132 page https://www.suse.com/security/cve/CVE-2018-6133/ SUSE CVE CVE-2018-6133 page https://www.suse.com/security/cve/CVE-2018-6134/ SUSE CVE CVE-2018-6134 page https://www.suse.com/security/cve/CVE-2018-6135/ SUSE CVE CVE-2018-6135 page https://www.suse.com/security/cve/CVE-2018-6136/ SUSE CVE CVE-2018-6136 page https://www.suse.com/security/cve/CVE-2018-6137/ SUSE CVE CVE-2018-6137 page https://www.suse.com/security/cve/CVE-2018-6138/ SUSE CVE CVE-2018-6138 page https://www.suse.com/security/cve/CVE-2018-6139/ SUSE CVE CVE-2018-6139 page https://www.suse.com/security/cve/CVE-2018-6140/ SUSE CVE CVE-2018-6140 page https://www.suse.com/security/cve/CVE-2018-6141/ SUSE CVE CVE-2018-6141 page https://www.suse.com/security/cve/CVE-2018-6142/ SUSE CVE CVE-2018-6142 page https://www.suse.com/security/cve/CVE-2018-6143/ SUSE CVE CVE-2018-6143 page https://www.suse.com/security/cve/CVE-2018-6144/ SUSE CVE CVE-2018-6144 page https://www.suse.com/security/cve/CVE-2018-6145/ SUSE CVE CVE-2018-6145 page https://www.suse.com/security/cve/CVE-2018-6147/ SUSE CVE CVE-2018-6147 page https://www.suse.com/security/cve/CVE-2018-6148/ SUSE CVE CVE-2018-6148 page https://www.suse.com/security/cve/CVE-2018-6149/ SUSE CVE CVE-2018-6149 page https://www.suse.com/security/cve/CVE-2018-6153/ SUSE CVE CVE-2018-6153 page https://www.suse.com/security/cve/CVE-2018-6154/ SUSE CVE CVE-2018-6154 page https://www.suse.com/security/cve/CVE-2018-6155/ SUSE CVE CVE-2018-6155 page https://www.suse.com/security/cve/CVE-2018-6156/ SUSE CVE CVE-2018-6156 page https://www.suse.com/security/cve/CVE-2018-6157/ SUSE CVE CVE-2018-6157 page https://www.suse.com/security/cve/CVE-2018-6158/ SUSE CVE CVE-2018-6158 page https://www.suse.com/security/cve/CVE-2018-6159/ SUSE CVE CVE-2018-6159 page https://www.suse.com/security/cve/CVE-2018-6160/ SUSE CVE CVE-2018-6160 page https://www.suse.com/security/cve/CVE-2018-6161/ SUSE CVE CVE-2018-6161 page https://www.suse.com/security/cve/CVE-2018-6162/ SUSE CVE CVE-2018-6162 page https://www.suse.com/security/cve/CVE-2018-6163/ SUSE CVE CVE-2018-6163 page https://www.suse.com/security/cve/CVE-2018-6164/ SUSE CVE CVE-2018-6164 page https://www.suse.com/security/cve/CVE-2018-6165/ SUSE CVE CVE-2018-6165 page https://www.suse.com/security/cve/CVE-2018-6166/ SUSE CVE CVE-2018-6166 page https://www.suse.com/security/cve/CVE-2018-6167/ SUSE CVE CVE-2018-6167 page https://www.suse.com/security/cve/CVE-2018-6168/ SUSE CVE CVE-2018-6168 page https://www.suse.com/security/cve/CVE-2018-6169/ SUSE CVE CVE-2018-6169 page https://www.suse.com/security/cve/CVE-2018-6170/ SUSE CVE CVE-2018-6170 page https://www.suse.com/security/cve/CVE-2018-6171/ SUSE CVE CVE-2018-6171 page https://www.suse.com/security/cve/CVE-2018-6172/ SUSE CVE CVE-2018-6172 page https://www.suse.com/security/cve/CVE-2018-6173/ SUSE CVE CVE-2018-6173 page https://www.suse.com/security/cve/CVE-2018-6174/ SUSE CVE CVE-2018-6174 page https://www.suse.com/security/cve/CVE-2018-6175/ SUSE CVE CVE-2018-6175 page https://www.suse.com/security/cve/CVE-2018-6176/ SUSE CVE CVE-2018-6176 page https://www.suse.com/security/cve/CVE-2018-6177/ SUSE CVE CVE-2018-6177 page https://www.suse.com/security/cve/CVE-2018-6178/ SUSE CVE CVE-2018-6178 page https://www.suse.com/security/cve/CVE-2018-6179/ SUSE CVE CVE-2018-6179 page https://www.suse.com/security/cve/CVE-2018-6406/ SUSE CVE CVE-2018-6406 page https://www.suse.com/security/cve/CVE-2019-13659/ SUSE CVE CVE-2019-13659 page https://www.suse.com/security/cve/CVE-2019-13660/ SUSE CVE CVE-2019-13660 page https://www.suse.com/security/cve/CVE-2019-13661/ SUSE CVE CVE-2019-13661 page https://www.suse.com/security/cve/CVE-2019-13662/ SUSE CVE CVE-2019-13662 page https://www.suse.com/security/cve/CVE-2019-13663/ SUSE CVE CVE-2019-13663 page https://www.suse.com/security/cve/CVE-2019-13664/ SUSE CVE CVE-2019-13664 page https://www.suse.com/security/cve/CVE-2019-13665/ SUSE CVE CVE-2019-13665 page https://www.suse.com/security/cve/CVE-2019-13666/ SUSE CVE CVE-2019-13666 page https://www.suse.com/security/cve/CVE-2019-13667/ SUSE CVE CVE-2019-13667 page https://www.suse.com/security/cve/CVE-2019-13668/ SUSE CVE CVE-2019-13668 page https://www.suse.com/security/cve/CVE-2019-13669/ SUSE CVE CVE-2019-13669 page https://www.suse.com/security/cve/CVE-2019-13670/ SUSE CVE CVE-2019-13670 page https://www.suse.com/security/cve/CVE-2019-13671/ SUSE CVE CVE-2019-13671 page https://www.suse.com/security/cve/CVE-2019-13673/ SUSE CVE CVE-2019-13673 page https://www.suse.com/security/cve/CVE-2019-13674/ SUSE CVE CVE-2019-13674 page https://www.suse.com/security/cve/CVE-2019-13675/ SUSE CVE CVE-2019-13675 page https://www.suse.com/security/cve/CVE-2019-13676/ SUSE CVE CVE-2019-13676 page https://www.suse.com/security/cve/CVE-2019-13677/ SUSE CVE CVE-2019-13677 page https://www.suse.com/security/cve/CVE-2019-13678/ SUSE CVE CVE-2019-13678 page https://www.suse.com/security/cve/CVE-2019-13679/ SUSE CVE CVE-2019-13679 page https://www.suse.com/security/cve/CVE-2019-13680/ SUSE CVE CVE-2019-13680 page https://www.suse.com/security/cve/CVE-2019-13681/ SUSE CVE CVE-2019-13681 page https://www.suse.com/security/cve/CVE-2019-13682/ SUSE CVE CVE-2019-13682 page https://www.suse.com/security/cve/CVE-2019-13683/ SUSE CVE CVE-2019-13683 page https://www.suse.com/security/cve/CVE-2019-13685/ SUSE CVE CVE-2019-13685 page https://www.suse.com/security/cve/CVE-2019-13686/ SUSE CVE CVE-2019-13686 page https://www.suse.com/security/cve/CVE-2019-13687/ SUSE CVE CVE-2019-13687 page https://www.suse.com/security/cve/CVE-2019-13688/ SUSE CVE CVE-2019-13688 page https://www.suse.com/security/cve/CVE-2019-13693/ SUSE CVE CVE-2019-13693 page https://www.suse.com/security/cve/CVE-2019-13694/ SUSE CVE CVE-2019-13694 page https://www.suse.com/security/cve/CVE-2019-13695/ SUSE CVE CVE-2019-13695 page https://www.suse.com/security/cve/CVE-2019-13696/ SUSE CVE CVE-2019-13696 page https://www.suse.com/security/cve/CVE-2019-13697/ SUSE CVE CVE-2019-13697 page https://www.suse.com/security/cve/CVE-2019-13699/ SUSE CVE CVE-2019-13699 page https://www.suse.com/security/cve/CVE-2019-13700/ SUSE CVE CVE-2019-13700 page https://www.suse.com/security/cve/CVE-2019-13701/ SUSE CVE CVE-2019-13701 page https://www.suse.com/security/cve/CVE-2019-13702/ SUSE CVE CVE-2019-13702 page https://www.suse.com/security/cve/CVE-2019-13703/ SUSE CVE CVE-2019-13703 page https://www.suse.com/security/cve/CVE-2019-13704/ SUSE CVE CVE-2019-13704 page https://www.suse.com/security/cve/CVE-2019-13705/ SUSE CVE CVE-2019-13705 page https://www.suse.com/security/cve/CVE-2019-13706/ SUSE CVE CVE-2019-13706 page https://www.suse.com/security/cve/CVE-2019-13707/ SUSE CVE CVE-2019-13707 page https://www.suse.com/security/cve/CVE-2019-13708/ SUSE CVE CVE-2019-13708 page https://www.suse.com/security/cve/CVE-2019-13709/ SUSE CVE CVE-2019-13709 page https://www.suse.com/security/cve/CVE-2019-13710/ SUSE CVE CVE-2019-13710 page https://www.suse.com/security/cve/CVE-2019-13711/ SUSE CVE CVE-2019-13711 page https://www.suse.com/security/cve/CVE-2019-13713/ SUSE CVE CVE-2019-13713 page https://www.suse.com/security/cve/CVE-2019-13714/ SUSE CVE CVE-2019-13714 page https://www.suse.com/security/cve/CVE-2019-13715/ SUSE CVE CVE-2019-13715 page https://www.suse.com/security/cve/CVE-2019-13716/ SUSE CVE CVE-2019-13716 page https://www.suse.com/security/cve/CVE-2019-13717/ SUSE CVE CVE-2019-13717 page https://www.suse.com/security/cve/CVE-2019-13718/ SUSE CVE CVE-2019-13718 page https://www.suse.com/security/cve/CVE-2019-13719/ SUSE CVE CVE-2019-13719 page https://www.suse.com/security/cve/CVE-2019-13720/ SUSE CVE CVE-2019-13720 page https://www.suse.com/security/cve/CVE-2019-13721/ SUSE CVE CVE-2019-13721 page https://www.suse.com/security/cve/CVE-2019-13723/ SUSE CVE CVE-2019-13723 page https://www.suse.com/security/cve/CVE-2019-13724/ SUSE CVE CVE-2019-13724 page https://www.suse.com/security/cve/CVE-2019-13725/ SUSE CVE CVE-2019-13725 page https://www.suse.com/security/cve/CVE-2019-13726/ SUSE CVE CVE-2019-13726 page https://www.suse.com/security/cve/CVE-2019-13727/ SUSE CVE CVE-2019-13727 page https://www.suse.com/security/cve/CVE-2019-13728/ SUSE CVE CVE-2019-13728 page https://www.suse.com/security/cve/CVE-2019-13729/ SUSE CVE CVE-2019-13729 page https://www.suse.com/security/cve/CVE-2019-13730/ SUSE CVE CVE-2019-13730 page https://www.suse.com/security/cve/CVE-2019-13732/ SUSE CVE CVE-2019-13732 page https://www.suse.com/security/cve/CVE-2019-13734/ SUSE CVE CVE-2019-13734 page https://www.suse.com/security/cve/CVE-2019-13735/ SUSE CVE CVE-2019-13735 page https://www.suse.com/security/cve/CVE-2019-13736/ SUSE CVE CVE-2019-13736 page https://www.suse.com/security/cve/CVE-2019-13737/ SUSE CVE CVE-2019-13737 page https://www.suse.com/security/cve/CVE-2019-13738/ SUSE CVE CVE-2019-13738 page https://www.suse.com/security/cve/CVE-2019-13739/ SUSE CVE CVE-2019-13739 page https://www.suse.com/security/cve/CVE-2019-13740/ SUSE CVE CVE-2019-13740 page https://www.suse.com/security/cve/CVE-2019-13741/ SUSE CVE CVE-2019-13741 page https://www.suse.com/security/cve/CVE-2019-13742/ SUSE CVE CVE-2019-13742 page https://www.suse.com/security/cve/CVE-2019-13743/ SUSE CVE CVE-2019-13743 page https://www.suse.com/security/cve/CVE-2019-13744/ SUSE CVE CVE-2019-13744 page https://www.suse.com/security/cve/CVE-2019-13745/ SUSE CVE CVE-2019-13745 page https://www.suse.com/security/cve/CVE-2019-13746/ SUSE CVE CVE-2019-13746 page https://www.suse.com/security/cve/CVE-2019-13747/ SUSE CVE CVE-2019-13747 page https://www.suse.com/security/cve/CVE-2019-13748/ SUSE CVE CVE-2019-13748 page https://www.suse.com/security/cve/CVE-2019-13749/ SUSE CVE CVE-2019-13749 page https://www.suse.com/security/cve/CVE-2019-13750/ SUSE CVE CVE-2019-13750 page https://www.suse.com/security/cve/CVE-2019-13751/ SUSE CVE CVE-2019-13751 page https://www.suse.com/security/cve/CVE-2019-13752/ SUSE CVE CVE-2019-13752 page https://www.suse.com/security/cve/CVE-2019-13753/ SUSE CVE CVE-2019-13753 page https://www.suse.com/security/cve/CVE-2019-13754/ SUSE CVE CVE-2019-13754 page https://www.suse.com/security/cve/CVE-2019-13755/ SUSE CVE CVE-2019-13755 page https://www.suse.com/security/cve/CVE-2019-13756/ SUSE CVE CVE-2019-13756 page https://www.suse.com/security/cve/CVE-2019-13757/ SUSE CVE CVE-2019-13757 page https://www.suse.com/security/cve/CVE-2019-13758/ SUSE CVE CVE-2019-13758 page https://www.suse.com/security/cve/CVE-2019-13759/ SUSE CVE CVE-2019-13759 page https://www.suse.com/security/cve/CVE-2019-13761/ SUSE CVE CVE-2019-13761 page https://www.suse.com/security/cve/CVE-2019-13762/ SUSE CVE CVE-2019-13762 page https://www.suse.com/security/cve/CVE-2019-13763/ SUSE CVE CVE-2019-13763 page https://www.suse.com/security/cve/CVE-2019-13764/ SUSE CVE CVE-2019-13764 page https://www.suse.com/security/cve/CVE-2019-13767/ SUSE CVE CVE-2019-13767 page https://www.suse.com/security/cve/CVE-2019-15903/ SUSE CVE CVE-2019-15903 page https://www.suse.com/security/cve/CVE-2019-18197/ SUSE CVE CVE-2019-18197 page https://www.suse.com/security/cve/CVE-2019-19880/ SUSE CVE CVE-2019-19880 page https://www.suse.com/security/cve/CVE-2019-19923/ SUSE CVE CVE-2019-19923 page https://www.suse.com/security/cve/CVE-2019-19926/ SUSE CVE CVE-2019-19926 page https://www.suse.com/security/cve/CVE-2019-20503/ SUSE CVE CVE-2019-20503 page https://www.suse.com/security/cve/CVE-2019-5754/ SUSE CVE CVE-2019-5754 page https://www.suse.com/security/cve/CVE-2019-5755/ SUSE CVE CVE-2019-5755 page https://www.suse.com/security/cve/CVE-2019-5756/ SUSE CVE CVE-2019-5756 page https://www.suse.com/security/cve/CVE-2019-5757/ SUSE CVE CVE-2019-5757 page https://www.suse.com/security/cve/CVE-2019-5758/ SUSE CVE CVE-2019-5758 page https://www.suse.com/security/cve/CVE-2019-5759/ SUSE CVE CVE-2019-5759 page https://www.suse.com/security/cve/CVE-2019-5760/ SUSE CVE CVE-2019-5760 page https://www.suse.com/security/cve/CVE-2019-5761/ SUSE CVE CVE-2019-5761 page https://www.suse.com/security/cve/CVE-2019-5762/ SUSE CVE CVE-2019-5762 page https://www.suse.com/security/cve/CVE-2019-5763/ SUSE CVE CVE-2019-5763 page https://www.suse.com/security/cve/CVE-2019-5764/ SUSE CVE CVE-2019-5764 page https://www.suse.com/security/cve/CVE-2019-5765/ SUSE CVE CVE-2019-5765 page https://www.suse.com/security/cve/CVE-2019-5766/ SUSE CVE CVE-2019-5766 page https://www.suse.com/security/cve/CVE-2019-5767/ SUSE CVE CVE-2019-5767 page https://www.suse.com/security/cve/CVE-2019-5768/ SUSE CVE CVE-2019-5768 page https://www.suse.com/security/cve/CVE-2019-5769/ SUSE CVE CVE-2019-5769 page https://www.suse.com/security/cve/CVE-2019-5770/ SUSE CVE CVE-2019-5770 page https://www.suse.com/security/cve/CVE-2019-5771/ SUSE CVE CVE-2019-5771 page https://www.suse.com/security/cve/CVE-2019-5772/ SUSE CVE CVE-2019-5772 page https://www.suse.com/security/cve/CVE-2019-5773/ SUSE CVE CVE-2019-5773 page https://www.suse.com/security/cve/CVE-2019-5774/ SUSE CVE CVE-2019-5774 page https://www.suse.com/security/cve/CVE-2019-5775/ SUSE CVE CVE-2019-5775 page https://www.suse.com/security/cve/CVE-2019-5776/ SUSE CVE CVE-2019-5776 page https://www.suse.com/security/cve/CVE-2019-5777/ SUSE CVE CVE-2019-5777 page https://www.suse.com/security/cve/CVE-2019-5778/ SUSE CVE CVE-2019-5778 page https://www.suse.com/security/cve/CVE-2019-5779/ SUSE CVE CVE-2019-5779 page https://www.suse.com/security/cve/CVE-2019-5780/ SUSE CVE CVE-2019-5780 page https://www.suse.com/security/cve/CVE-2019-5781/ SUSE CVE CVE-2019-5781 page https://www.suse.com/security/cve/CVE-2019-5782/ SUSE CVE CVE-2019-5782 page https://www.suse.com/security/cve/CVE-2019-5784/ SUSE CVE CVE-2019-5784 page https://www.suse.com/security/cve/CVE-2019-5786/ SUSE CVE CVE-2019-5786 page https://www.suse.com/security/cve/CVE-2019-5787/ SUSE CVE CVE-2019-5787 page https://www.suse.com/security/cve/CVE-2019-5788/ SUSE CVE CVE-2019-5788 page https://www.suse.com/security/cve/CVE-2019-5789/ SUSE CVE CVE-2019-5789 page https://www.suse.com/security/cve/CVE-2019-5790/ SUSE CVE CVE-2019-5790 page https://www.suse.com/security/cve/CVE-2019-5791/ SUSE CVE CVE-2019-5791 page https://www.suse.com/security/cve/CVE-2019-5792/ SUSE CVE CVE-2019-5792 page https://www.suse.com/security/cve/CVE-2019-5793/ SUSE CVE CVE-2019-5793 page https://www.suse.com/security/cve/CVE-2019-5794/ SUSE CVE CVE-2019-5794 page https://www.suse.com/security/cve/CVE-2019-5795/ SUSE CVE CVE-2019-5795 page https://www.suse.com/security/cve/CVE-2019-5796/ SUSE CVE CVE-2019-5796 page https://www.suse.com/security/cve/CVE-2019-5797/ SUSE CVE CVE-2019-5797 page https://www.suse.com/security/cve/CVE-2019-5798/ SUSE CVE CVE-2019-5798 page https://www.suse.com/security/cve/CVE-2019-5799/ SUSE CVE CVE-2019-5799 page https://www.suse.com/security/cve/CVE-2019-5800/ SUSE CVE CVE-2019-5800 page https://www.suse.com/security/cve/CVE-2019-5801/ SUSE CVE CVE-2019-5801 page https://www.suse.com/security/cve/CVE-2019-5802/ SUSE CVE CVE-2019-5802 page https://www.suse.com/security/cve/CVE-2019-5803/ SUSE CVE CVE-2019-5803 page https://www.suse.com/security/cve/CVE-2019-5804/ SUSE CVE CVE-2019-5804 page https://www.suse.com/security/cve/CVE-2019-5805/ SUSE CVE CVE-2019-5805 page https://www.suse.com/security/cve/CVE-2019-5806/ SUSE CVE CVE-2019-5806 page https://www.suse.com/security/cve/CVE-2019-5807/ SUSE CVE CVE-2019-5807 page https://www.suse.com/security/cve/CVE-2019-5808/ SUSE CVE CVE-2019-5808 page https://www.suse.com/security/cve/CVE-2019-5809/ SUSE CVE CVE-2019-5809 page https://www.suse.com/security/cve/CVE-2019-5810/ SUSE CVE CVE-2019-5810 page https://www.suse.com/security/cve/CVE-2019-5811/ SUSE CVE CVE-2019-5811 page https://www.suse.com/security/cve/CVE-2019-5812/ SUSE CVE CVE-2019-5812 page https://www.suse.com/security/cve/CVE-2019-5813/ SUSE CVE CVE-2019-5813 page https://www.suse.com/security/cve/CVE-2019-5814/ SUSE CVE CVE-2019-5814 page https://www.suse.com/security/cve/CVE-2019-5815/ SUSE CVE CVE-2019-5815 page https://www.suse.com/security/cve/CVE-2019-5816/ SUSE CVE CVE-2019-5816 page https://www.suse.com/security/cve/CVE-2019-5817/ SUSE CVE CVE-2019-5817 page https://www.suse.com/security/cve/CVE-2019-5818/ SUSE CVE CVE-2019-5818 page https://www.suse.com/security/cve/CVE-2019-5819/ SUSE CVE CVE-2019-5819 page https://www.suse.com/security/cve/CVE-2019-5820/ SUSE CVE CVE-2019-5820 page https://www.suse.com/security/cve/CVE-2019-5821/ SUSE CVE CVE-2019-5821 page https://www.suse.com/security/cve/CVE-2019-5822/ SUSE CVE CVE-2019-5822 page https://www.suse.com/security/cve/CVE-2019-5823/ SUSE CVE CVE-2019-5823 page https://www.suse.com/security/cve/CVE-2019-5824/ SUSE CVE CVE-2019-5824 page https://www.suse.com/security/cve/CVE-2019-5827/ SUSE CVE CVE-2019-5827 page https://www.suse.com/security/cve/CVE-2019-5828/ SUSE CVE CVE-2019-5828 page https://www.suse.com/security/cve/CVE-2019-5829/ SUSE CVE CVE-2019-5829 page https://www.suse.com/security/cve/CVE-2019-5830/ SUSE CVE CVE-2019-5830 page https://www.suse.com/security/cve/CVE-2019-5831/ SUSE CVE CVE-2019-5831 page https://www.suse.com/security/cve/CVE-2019-5832/ SUSE CVE CVE-2019-5832 page https://www.suse.com/security/cve/CVE-2019-5833/ SUSE CVE CVE-2019-5833 page https://www.suse.com/security/cve/CVE-2019-5834/ SUSE CVE CVE-2019-5834 page https://www.suse.com/security/cve/CVE-2019-5835/ SUSE CVE CVE-2019-5835 page https://www.suse.com/security/cve/CVE-2019-5836/ SUSE CVE CVE-2019-5836 page https://www.suse.com/security/cve/CVE-2019-5837/ SUSE CVE CVE-2019-5837 page https://www.suse.com/security/cve/CVE-2019-5838/ SUSE CVE CVE-2019-5838 page https://www.suse.com/security/cve/CVE-2019-5839/ SUSE CVE CVE-2019-5839 page https://www.suse.com/security/cve/CVE-2019-5840/ SUSE CVE CVE-2019-5840 page https://www.suse.com/security/cve/CVE-2019-5842/ SUSE CVE CVE-2019-5842 page https://www.suse.com/security/cve/CVE-2019-5844/ SUSE CVE CVE-2019-5844 page https://www.suse.com/security/cve/CVE-2019-5847/ SUSE CVE CVE-2019-5847 page https://www.suse.com/security/cve/CVE-2019-5848/ SUSE CVE CVE-2019-5848 page https://www.suse.com/security/cve/CVE-2019-5850/ SUSE CVE CVE-2019-5850 page https://www.suse.com/security/cve/CVE-2019-5851/ SUSE CVE CVE-2019-5851 page https://www.suse.com/security/cve/CVE-2019-5852/ SUSE CVE CVE-2019-5852 page https://www.suse.com/security/cve/CVE-2019-5853/ SUSE CVE CVE-2019-5853 page https://www.suse.com/security/cve/CVE-2019-5854/ SUSE CVE CVE-2019-5854 page https://www.suse.com/security/cve/CVE-2019-5855/ SUSE CVE CVE-2019-5855 page https://www.suse.com/security/cve/CVE-2019-5856/ SUSE CVE CVE-2019-5856 page https://www.suse.com/security/cve/CVE-2019-5857/ SUSE CVE CVE-2019-5857 page https://www.suse.com/security/cve/CVE-2019-5858/ SUSE CVE CVE-2019-5858 page https://www.suse.com/security/cve/CVE-2019-5859/ SUSE CVE CVE-2019-5859 page https://www.suse.com/security/cve/CVE-2019-5860/ SUSE CVE CVE-2019-5860 page https://www.suse.com/security/cve/CVE-2019-5861/ SUSE CVE CVE-2019-5861 page https://www.suse.com/security/cve/CVE-2019-5862/ SUSE CVE CVE-2019-5862 page https://www.suse.com/security/cve/CVE-2019-5863/ SUSE CVE CVE-2019-5863 page https://www.suse.com/security/cve/CVE-2019-5864/ SUSE CVE CVE-2019-5864 page https://www.suse.com/security/cve/CVE-2019-5865/ SUSE CVE CVE-2019-5865 page https://www.suse.com/security/cve/CVE-2019-5867/ SUSE CVE CVE-2019-5867 page https://www.suse.com/security/cve/CVE-2019-5868/ SUSE CVE CVE-2019-5868 page https://www.suse.com/security/cve/CVE-2019-5869/ SUSE CVE CVE-2019-5869 page https://www.suse.com/security/cve/CVE-2019-5870/ SUSE CVE CVE-2019-5870 page https://www.suse.com/security/cve/CVE-2019-5871/ SUSE CVE CVE-2019-5871 page https://www.suse.com/security/cve/CVE-2019-5872/ SUSE CVE CVE-2019-5872 page https://www.suse.com/security/cve/CVE-2019-5874/ SUSE CVE CVE-2019-5874 page https://www.suse.com/security/cve/CVE-2019-5875/ SUSE CVE CVE-2019-5875 page https://www.suse.com/security/cve/CVE-2019-5876/ SUSE CVE CVE-2019-5876 page https://www.suse.com/security/cve/CVE-2019-5877/ SUSE CVE CVE-2019-5877 page https://www.suse.com/security/cve/CVE-2019-5878/ SUSE CVE CVE-2019-5878 page https://www.suse.com/security/cve/CVE-2019-5879/ SUSE CVE CVE-2019-5879 page https://www.suse.com/security/cve/CVE-2019-5880/ SUSE CVE CVE-2019-5880 page https://www.suse.com/security/cve/CVE-2019-5881/ SUSE CVE CVE-2019-5881 page https://www.suse.com/security/cve/CVE-2019-8075/ SUSE CVE CVE-2019-8075 page https://www.suse.com/security/cve/CVE-2020-0561/ SUSE CVE CVE-2020-0561 page https://www.suse.com/security/cve/CVE-2020-15959/ SUSE CVE CVE-2020-15959 page https://www.suse.com/security/cve/CVE-2020-15960/ SUSE CVE CVE-2020-15960 page https://www.suse.com/security/cve/CVE-2020-15961/ SUSE CVE CVE-2020-15961 page https://www.suse.com/security/cve/CVE-2020-15962/ SUSE CVE CVE-2020-15962 page https://www.suse.com/security/cve/CVE-2020-15963/ SUSE CVE CVE-2020-15963 page https://www.suse.com/security/cve/CVE-2020-15964/ SUSE CVE CVE-2020-15964 page https://www.suse.com/security/cve/CVE-2020-15965/ SUSE CVE CVE-2020-15965 page https://www.suse.com/security/cve/CVE-2020-15966/ SUSE CVE CVE-2020-15966 page https://www.suse.com/security/cve/CVE-2020-15967/ SUSE CVE CVE-2020-15967 page https://www.suse.com/security/cve/CVE-2020-15968/ SUSE CVE CVE-2020-15968 page https://www.suse.com/security/cve/CVE-2020-15969/ SUSE CVE CVE-2020-15969 page https://www.suse.com/security/cve/CVE-2020-15970/ SUSE CVE CVE-2020-15970 page https://www.suse.com/security/cve/CVE-2020-15971/ SUSE CVE CVE-2020-15971 page https://www.suse.com/security/cve/CVE-2020-15972/ SUSE CVE CVE-2020-15972 page https://www.suse.com/security/cve/CVE-2020-15973/ SUSE CVE CVE-2020-15973 page https://www.suse.com/security/cve/CVE-2020-15974/ SUSE CVE CVE-2020-15974 page https://www.suse.com/security/cve/CVE-2020-15975/ SUSE CVE CVE-2020-15975 page https://www.suse.com/security/cve/CVE-2020-15976/ SUSE CVE CVE-2020-15976 page https://www.suse.com/security/cve/CVE-2020-15977/ SUSE CVE CVE-2020-15977 page https://www.suse.com/security/cve/CVE-2020-15978/ SUSE CVE CVE-2020-15978 page https://www.suse.com/security/cve/CVE-2020-15979/ SUSE CVE CVE-2020-15979 page https://www.suse.com/security/cve/CVE-2020-15980/ SUSE CVE CVE-2020-15980 page https://www.suse.com/security/cve/CVE-2020-15981/ SUSE CVE CVE-2020-15981 page https://www.suse.com/security/cve/CVE-2020-15982/ SUSE CVE CVE-2020-15982 page https://www.suse.com/security/cve/CVE-2020-15983/ SUSE CVE CVE-2020-15983 page https://www.suse.com/security/cve/CVE-2020-15984/ SUSE CVE CVE-2020-15984 page https://www.suse.com/security/cve/CVE-2020-15985/ SUSE CVE CVE-2020-15985 page https://www.suse.com/security/cve/CVE-2020-15986/ SUSE CVE CVE-2020-15986 page https://www.suse.com/security/cve/CVE-2020-15987/ SUSE CVE CVE-2020-15987 page https://www.suse.com/security/cve/CVE-2020-15988/ SUSE CVE CVE-2020-15988 page https://www.suse.com/security/cve/CVE-2020-15989/ SUSE CVE CVE-2020-15989 page https://www.suse.com/security/cve/CVE-2020-15990/ SUSE CVE CVE-2020-15990 page https://www.suse.com/security/cve/CVE-2020-15991/ SUSE CVE CVE-2020-15991 page https://www.suse.com/security/cve/CVE-2020-15992/ SUSE CVE CVE-2020-15992 page https://www.suse.com/security/cve/CVE-2020-15995/ SUSE CVE CVE-2020-15995 page https://www.suse.com/security/cve/CVE-2020-15999/ SUSE CVE CVE-2020-15999 page https://www.suse.com/security/cve/CVE-2020-16000/ SUSE CVE CVE-2020-16000 page https://www.suse.com/security/cve/CVE-2020-16001/ SUSE CVE CVE-2020-16001 page https://www.suse.com/security/cve/CVE-2020-16002/ SUSE CVE CVE-2020-16002 page https://www.suse.com/security/cve/CVE-2020-16003/ SUSE CVE CVE-2020-16003 page https://www.suse.com/security/cve/CVE-2020-16004/ SUSE CVE CVE-2020-16004 page https://www.suse.com/security/cve/CVE-2020-16005/ SUSE CVE CVE-2020-16005 page https://www.suse.com/security/cve/CVE-2020-16006/ SUSE CVE CVE-2020-16006 page https://www.suse.com/security/cve/CVE-2020-16007/ SUSE CVE CVE-2020-16007 page https://www.suse.com/security/cve/CVE-2020-16008/ SUSE CVE CVE-2020-16008 page https://www.suse.com/security/cve/CVE-2020-16009/ SUSE CVE CVE-2020-16009 page https://www.suse.com/security/cve/CVE-2020-16011/ SUSE CVE CVE-2020-16011 page https://www.suse.com/security/cve/CVE-2020-16012/ SUSE CVE CVE-2020-16012 page https://www.suse.com/security/cve/CVE-2020-16013/ SUSE CVE CVE-2020-16013 page https://www.suse.com/security/cve/CVE-2020-16014/ SUSE CVE CVE-2020-16014 page https://www.suse.com/security/cve/CVE-2020-16015/ SUSE CVE CVE-2020-16015 page https://www.suse.com/security/cve/CVE-2020-16016/ SUSE CVE CVE-2020-16016 page https://www.suse.com/security/cve/CVE-2020-16017/ SUSE CVE CVE-2020-16017 page https://www.suse.com/security/cve/CVE-2020-16018/ SUSE CVE CVE-2020-16018 page https://www.suse.com/security/cve/CVE-2020-16019/ SUSE CVE CVE-2020-16019 page https://www.suse.com/security/cve/CVE-2020-16020/ SUSE CVE CVE-2020-16020 page https://www.suse.com/security/cve/CVE-2020-16021/ SUSE CVE CVE-2020-16021 page https://www.suse.com/security/cve/CVE-2020-16022/ SUSE CVE CVE-2020-16022 page https://www.suse.com/security/cve/CVE-2020-16023/ SUSE CVE CVE-2020-16023 page https://www.suse.com/security/cve/CVE-2020-16024/ SUSE CVE CVE-2020-16024 page https://www.suse.com/security/cve/CVE-2020-16025/ SUSE CVE CVE-2020-16025 page https://www.suse.com/security/cve/CVE-2020-16026/ SUSE CVE CVE-2020-16026 page https://www.suse.com/security/cve/CVE-2020-16027/ SUSE CVE CVE-2020-16027 page https://www.suse.com/security/cve/CVE-2020-16028/ SUSE CVE CVE-2020-16028 page https://www.suse.com/security/cve/CVE-2020-16029/ SUSE CVE CVE-2020-16029 page https://www.suse.com/security/cve/CVE-2020-16030/ SUSE CVE CVE-2020-16030 page https://www.suse.com/security/cve/CVE-2020-16031/ SUSE CVE CVE-2020-16031 page https://www.suse.com/security/cve/CVE-2020-16032/ SUSE CVE CVE-2020-16032 page https://www.suse.com/security/cve/CVE-2020-16033/ SUSE CVE CVE-2020-16033 page https://www.suse.com/security/cve/CVE-2020-16034/ SUSE CVE CVE-2020-16034 page https://www.suse.com/security/cve/CVE-2020-16035/ SUSE CVE CVE-2020-16035 page https://www.suse.com/security/cve/CVE-2020-16036/ SUSE CVE CVE-2020-16036 page https://www.suse.com/security/cve/CVE-2020-16037/ SUSE CVE CVE-2020-16037 page https://www.suse.com/security/cve/CVE-2020-16038/ SUSE CVE CVE-2020-16038 page https://www.suse.com/security/cve/CVE-2020-16039/ SUSE CVE CVE-2020-16039 page https://www.suse.com/security/cve/CVE-2020-16040/ SUSE CVE CVE-2020-16040 page https://www.suse.com/security/cve/CVE-2020-16041/ SUSE CVE CVE-2020-16041 page https://www.suse.com/security/cve/CVE-2020-16042/ SUSE CVE CVE-2020-16042 page https://www.suse.com/security/cve/CVE-2020-16043/ SUSE CVE CVE-2020-16043 page https://www.suse.com/security/cve/CVE-2020-16044/ SUSE CVE CVE-2020-16044 page https://www.suse.com/security/cve/CVE-2020-27844/ SUSE CVE CVE-2020-27844 page https://www.suse.com/security/cve/CVE-2020-6377/ SUSE CVE CVE-2020-6377 page https://www.suse.com/security/cve/CVE-2020-6378/ SUSE CVE CVE-2020-6378 page https://www.suse.com/security/cve/CVE-2020-6379/ SUSE CVE CVE-2020-6379 page https://www.suse.com/security/cve/CVE-2020-6380/ SUSE CVE CVE-2020-6380 page https://www.suse.com/security/cve/CVE-2020-6381/ SUSE CVE CVE-2020-6381 page https://www.suse.com/security/cve/CVE-2020-6382/ SUSE CVE CVE-2020-6382 page https://www.suse.com/security/cve/CVE-2020-6385/ SUSE CVE CVE-2020-6385 page https://www.suse.com/security/cve/CVE-2020-6387/ SUSE CVE CVE-2020-6387 page https://www.suse.com/security/cve/CVE-2020-6388/ SUSE CVE CVE-2020-6388 page https://www.suse.com/security/cve/CVE-2020-6389/ SUSE CVE CVE-2020-6389 page https://www.suse.com/security/cve/CVE-2020-6390/ SUSE CVE CVE-2020-6390 page https://www.suse.com/security/cve/CVE-2020-6391/ SUSE CVE CVE-2020-6391 page https://www.suse.com/security/cve/CVE-2020-6392/ SUSE CVE CVE-2020-6392 page https://www.suse.com/security/cve/CVE-2020-6393/ SUSE CVE CVE-2020-6393 page https://www.suse.com/security/cve/CVE-2020-6394/ SUSE CVE CVE-2020-6394 page https://www.suse.com/security/cve/CVE-2020-6395/ SUSE CVE CVE-2020-6395 page https://www.suse.com/security/cve/CVE-2020-6396/ SUSE CVE CVE-2020-6396 page https://www.suse.com/security/cve/CVE-2020-6397/ SUSE CVE CVE-2020-6397 page https://www.suse.com/security/cve/CVE-2020-6398/ SUSE CVE CVE-2020-6398 page https://www.suse.com/security/cve/CVE-2020-6399/ SUSE CVE CVE-2020-6399 page https://www.suse.com/security/cve/CVE-2020-6400/ SUSE CVE CVE-2020-6400 page https://www.suse.com/security/cve/CVE-2020-6401/ SUSE CVE CVE-2020-6401 page https://www.suse.com/security/cve/CVE-2020-6402/ SUSE CVE CVE-2020-6402 page https://www.suse.com/security/cve/CVE-2020-6403/ SUSE CVE CVE-2020-6403 page https://www.suse.com/security/cve/CVE-2020-6404/ SUSE CVE CVE-2020-6404 page https://www.suse.com/security/cve/CVE-2020-6405/ SUSE CVE CVE-2020-6405 page https://www.suse.com/security/cve/CVE-2020-6406/ SUSE CVE CVE-2020-6406 page https://www.suse.com/security/cve/CVE-2020-6407/ SUSE CVE CVE-2020-6407 page https://www.suse.com/security/cve/CVE-2020-6408/ SUSE CVE CVE-2020-6408 page https://www.suse.com/security/cve/CVE-2020-6409/ SUSE CVE CVE-2020-6409 page https://www.suse.com/security/cve/CVE-2020-6410/ SUSE CVE CVE-2020-6410 page https://www.suse.com/security/cve/CVE-2020-6411/ SUSE CVE CVE-2020-6411 page https://www.suse.com/security/cve/CVE-2020-6412/ SUSE CVE CVE-2020-6412 page https://www.suse.com/security/cve/CVE-2020-6413/ SUSE CVE CVE-2020-6413 page https://www.suse.com/security/cve/CVE-2020-6414/ SUSE CVE CVE-2020-6414 page https://www.suse.com/security/cve/CVE-2020-6415/ SUSE CVE CVE-2020-6415 page https://www.suse.com/security/cve/CVE-2020-6416/ SUSE CVE CVE-2020-6416 page https://www.suse.com/security/cve/CVE-2020-6417/ SUSE CVE CVE-2020-6417 page https://www.suse.com/security/cve/CVE-2020-6418/ SUSE CVE CVE-2020-6418 page https://www.suse.com/security/cve/CVE-2020-6420/ SUSE CVE CVE-2020-6420 page https://www.suse.com/security/cve/CVE-2020-6422/ SUSE CVE CVE-2020-6422 page https://www.suse.com/security/cve/CVE-2020-6423/ SUSE CVE CVE-2020-6423 page https://www.suse.com/security/cve/CVE-2020-6424/ SUSE CVE CVE-2020-6424 page https://www.suse.com/security/cve/CVE-2020-6425/ SUSE CVE CVE-2020-6425 page https://www.suse.com/security/cve/CVE-2020-6426/ SUSE CVE CVE-2020-6426 page https://www.suse.com/security/cve/CVE-2020-6427/ SUSE CVE CVE-2020-6427 page https://www.suse.com/security/cve/CVE-2020-6428/ SUSE CVE CVE-2020-6428 page https://www.suse.com/security/cve/CVE-2020-6429/ SUSE CVE CVE-2020-6429 page https://www.suse.com/security/cve/CVE-2020-6430/ SUSE CVE CVE-2020-6430 page https://www.suse.com/security/cve/CVE-2020-6431/ SUSE CVE CVE-2020-6431 page https://www.suse.com/security/cve/CVE-2020-6432/ SUSE CVE CVE-2020-6432 page https://www.suse.com/security/cve/CVE-2020-6433/ SUSE CVE CVE-2020-6433 page https://www.suse.com/security/cve/CVE-2020-6434/ SUSE CVE CVE-2020-6434 page https://www.suse.com/security/cve/CVE-2020-6435/ SUSE CVE CVE-2020-6435 page https://www.suse.com/security/cve/CVE-2020-6436/ SUSE CVE CVE-2020-6436 page https://www.suse.com/security/cve/CVE-2020-6437/ SUSE CVE CVE-2020-6437 page https://www.suse.com/security/cve/CVE-2020-6438/ SUSE CVE CVE-2020-6438 page https://www.suse.com/security/cve/CVE-2020-6439/ SUSE CVE CVE-2020-6439 page https://www.suse.com/security/cve/CVE-2020-6440/ SUSE CVE CVE-2020-6440 page https://www.suse.com/security/cve/CVE-2020-6441/ SUSE CVE CVE-2020-6441 page https://www.suse.com/security/cve/CVE-2020-6442/ SUSE CVE CVE-2020-6442 page https://www.suse.com/security/cve/CVE-2020-6443/ SUSE CVE CVE-2020-6443 page https://www.suse.com/security/cve/CVE-2020-6444/ SUSE CVE CVE-2020-6444 page https://www.suse.com/security/cve/CVE-2020-6445/ SUSE CVE CVE-2020-6445 page https://www.suse.com/security/cve/CVE-2020-6446/ SUSE CVE CVE-2020-6446 page https://www.suse.com/security/cve/CVE-2020-6447/ SUSE CVE CVE-2020-6447 page https://www.suse.com/security/cve/CVE-2020-6448/ SUSE CVE CVE-2020-6448 page https://www.suse.com/security/cve/CVE-2020-6449/ SUSE CVE CVE-2020-6449 page https://www.suse.com/security/cve/CVE-2020-6450/ SUSE CVE CVE-2020-6450 page https://www.suse.com/security/cve/CVE-2020-6451/ SUSE CVE CVE-2020-6451 page https://www.suse.com/security/cve/CVE-2020-6452/ SUSE CVE CVE-2020-6452 page https://www.suse.com/security/cve/CVE-2020-6454/ SUSE CVE CVE-2020-6454 page https://www.suse.com/security/cve/CVE-2020-6455/ SUSE CVE CVE-2020-6455 page https://www.suse.com/security/cve/CVE-2020-6456/ SUSE CVE CVE-2020-6456 page https://www.suse.com/security/cve/CVE-2020-6457/ SUSE CVE CVE-2020-6457 page https://www.suse.com/security/cve/CVE-2020-6458/ SUSE CVE CVE-2020-6458 page https://www.suse.com/security/cve/CVE-2020-6459/ SUSE CVE CVE-2020-6459 page https://www.suse.com/security/cve/CVE-2020-6460/ SUSE CVE CVE-2020-6460 page https://www.suse.com/security/cve/CVE-2020-6462/ SUSE CVE CVE-2020-6462 page https://www.suse.com/security/cve/CVE-2020-6463/ SUSE CVE CVE-2020-6463 page https://www.suse.com/security/cve/CVE-2020-6464/ SUSE CVE CVE-2020-6464 page https://www.suse.com/security/cve/CVE-2020-6465/ SUSE CVE CVE-2020-6465 page https://www.suse.com/security/cve/CVE-2020-6466/ SUSE CVE CVE-2020-6466 page https://www.suse.com/security/cve/CVE-2020-6467/ SUSE CVE CVE-2020-6467 page https://www.suse.com/security/cve/CVE-2020-6468/ SUSE CVE CVE-2020-6468 page https://www.suse.com/security/cve/CVE-2020-6469/ SUSE CVE CVE-2020-6469 page https://www.suse.com/security/cve/CVE-2020-6470/ SUSE CVE CVE-2020-6470 page https://www.suse.com/security/cve/CVE-2020-6471/ SUSE CVE CVE-2020-6471 page https://www.suse.com/security/cve/CVE-2020-6472/ SUSE CVE CVE-2020-6472 page https://www.suse.com/security/cve/CVE-2020-6473/ SUSE CVE CVE-2020-6473 page https://www.suse.com/security/cve/CVE-2020-6474/ SUSE CVE CVE-2020-6474 page https://www.suse.com/security/cve/CVE-2020-6475/ SUSE CVE CVE-2020-6475 page https://www.suse.com/security/cve/CVE-2020-6476/ SUSE CVE CVE-2020-6476 page https://www.suse.com/security/cve/CVE-2020-6477/ SUSE CVE CVE-2020-6477 page https://www.suse.com/security/cve/CVE-2020-6478/ SUSE CVE CVE-2020-6478 page https://www.suse.com/security/cve/CVE-2020-6479/ SUSE CVE CVE-2020-6479 page https://www.suse.com/security/cve/CVE-2020-6480/ SUSE CVE CVE-2020-6480 page https://www.suse.com/security/cve/CVE-2020-6481/ SUSE CVE CVE-2020-6481 page https://www.suse.com/security/cve/CVE-2020-6482/ SUSE CVE CVE-2020-6482 page https://www.suse.com/security/cve/CVE-2020-6483/ SUSE CVE CVE-2020-6483 page https://www.suse.com/security/cve/CVE-2020-6484/ SUSE CVE CVE-2020-6484 page https://www.suse.com/security/cve/CVE-2020-6485/ SUSE CVE CVE-2020-6485 page https://www.suse.com/security/cve/CVE-2020-6486/ SUSE CVE CVE-2020-6486 page https://www.suse.com/security/cve/CVE-2020-6487/ SUSE CVE CVE-2020-6487 page https://www.suse.com/security/cve/CVE-2020-6488/ SUSE CVE CVE-2020-6488 page https://www.suse.com/security/cve/CVE-2020-6489/ SUSE CVE CVE-2020-6489 page https://www.suse.com/security/cve/CVE-2020-6490/ SUSE CVE CVE-2020-6490 page https://www.suse.com/security/cve/CVE-2020-6491/ SUSE CVE CVE-2020-6491 page https://www.suse.com/security/cve/CVE-2020-6493/ SUSE CVE CVE-2020-6493 page https://www.suse.com/security/cve/CVE-2020-6494/ SUSE CVE CVE-2020-6494 page https://www.suse.com/security/cve/CVE-2020-6495/ SUSE CVE CVE-2020-6495 page https://www.suse.com/security/cve/CVE-2020-6496/ SUSE CVE CVE-2020-6496 page https://www.suse.com/security/cve/CVE-2020-6505/ SUSE CVE CVE-2020-6505 page https://www.suse.com/security/cve/CVE-2020-6506/ SUSE CVE CVE-2020-6506 page https://www.suse.com/security/cve/CVE-2020-6507/ SUSE CVE CVE-2020-6507 page https://www.suse.com/security/cve/CVE-2020-6509/ SUSE CVE CVE-2020-6509 page https://www.suse.com/security/cve/CVE-2020-6510/ SUSE CVE CVE-2020-6510 page https://www.suse.com/security/cve/CVE-2020-6511/ SUSE CVE CVE-2020-6511 page https://www.suse.com/security/cve/CVE-2020-6512/ SUSE CVE CVE-2020-6512 page https://www.suse.com/security/cve/CVE-2020-6513/ SUSE CVE CVE-2020-6513 page https://www.suse.com/security/cve/CVE-2020-6514/ SUSE CVE CVE-2020-6514 page https://www.suse.com/security/cve/CVE-2020-6515/ SUSE CVE CVE-2020-6515 page https://www.suse.com/security/cve/CVE-2020-6516/ SUSE CVE CVE-2020-6516 page https://www.suse.com/security/cve/CVE-2020-6517/ SUSE CVE CVE-2020-6517 page https://www.suse.com/security/cve/CVE-2020-6518/ SUSE CVE CVE-2020-6518 page https://www.suse.com/security/cve/CVE-2020-6519/ SUSE CVE CVE-2020-6519 page https://www.suse.com/security/cve/CVE-2020-6520/ SUSE CVE CVE-2020-6520 page https://www.suse.com/security/cve/CVE-2020-6521/ SUSE CVE CVE-2020-6521 page https://www.suse.com/security/cve/CVE-2020-6522/ SUSE CVE CVE-2020-6522 page https://www.suse.com/security/cve/CVE-2020-6523/ SUSE CVE CVE-2020-6523 page https://www.suse.com/security/cve/CVE-2020-6524/ SUSE CVE CVE-2020-6524 page https://www.suse.com/security/cve/CVE-2020-6525/ SUSE CVE CVE-2020-6525 page https://www.suse.com/security/cve/CVE-2020-6526/ SUSE CVE CVE-2020-6526 page https://www.suse.com/security/cve/CVE-2020-6527/ SUSE CVE CVE-2020-6527 page https://www.suse.com/security/cve/CVE-2020-6528/ SUSE CVE CVE-2020-6528 page https://www.suse.com/security/cve/CVE-2020-6529/ SUSE CVE CVE-2020-6529 page https://www.suse.com/security/cve/CVE-2020-6530/ SUSE CVE CVE-2020-6530 page https://www.suse.com/security/cve/CVE-2020-6531/ SUSE CVE CVE-2020-6531 page https://www.suse.com/security/cve/CVE-2020-6532/ SUSE CVE CVE-2020-6532 page https://www.suse.com/security/cve/CVE-2020-6533/ SUSE CVE CVE-2020-6533 page https://www.suse.com/security/cve/CVE-2020-6534/ SUSE CVE CVE-2020-6534 page https://www.suse.com/security/cve/CVE-2020-6535/ SUSE CVE CVE-2020-6535 page https://www.suse.com/security/cve/CVE-2020-6536/ SUSE CVE CVE-2020-6536 page https://www.suse.com/security/cve/CVE-2020-6537/ SUSE CVE CVE-2020-6537 page https://www.suse.com/security/cve/CVE-2020-6538/ SUSE CVE CVE-2020-6538 page https://www.suse.com/security/cve/CVE-2020-6539/ SUSE CVE CVE-2020-6539 page https://www.suse.com/security/cve/CVE-2020-6540/ SUSE CVE CVE-2020-6540 page https://www.suse.com/security/cve/CVE-2020-6541/ SUSE CVE CVE-2020-6541 page https://www.suse.com/security/cve/CVE-2020-6542/ SUSE CVE CVE-2020-6542 page https://www.suse.com/security/cve/CVE-2020-6543/ SUSE CVE CVE-2020-6543 page https://www.suse.com/security/cve/CVE-2020-6544/ SUSE CVE CVE-2020-6544 page https://www.suse.com/security/cve/CVE-2020-6545/ SUSE CVE CVE-2020-6545 page https://www.suse.com/security/cve/CVE-2020-6546/ SUSE CVE CVE-2020-6546 page https://www.suse.com/security/cve/CVE-2020-6547/ SUSE CVE CVE-2020-6547 page https://www.suse.com/security/cve/CVE-2020-6548/ SUSE CVE CVE-2020-6548 page https://www.suse.com/security/cve/CVE-2020-6549/ SUSE CVE CVE-2020-6549 page https://www.suse.com/security/cve/CVE-2020-6550/ SUSE CVE CVE-2020-6550 page https://www.suse.com/security/cve/CVE-2020-6551/ SUSE CVE CVE-2020-6551 page https://www.suse.com/security/cve/CVE-2020-6552/ SUSE CVE CVE-2020-6552 page https://www.suse.com/security/cve/CVE-2020-6553/ SUSE CVE CVE-2020-6553 page https://www.suse.com/security/cve/CVE-2020-6554/ SUSE CVE CVE-2020-6554 page https://www.suse.com/security/cve/CVE-2020-6555/ SUSE CVE CVE-2020-6555 page https://www.suse.com/security/cve/CVE-2020-6556/ SUSE CVE CVE-2020-6556 page https://www.suse.com/security/cve/CVE-2020-6557/ SUSE CVE CVE-2020-6557 page https://www.suse.com/security/cve/CVE-2020-6558/ SUSE CVE CVE-2020-6558 page https://www.suse.com/security/cve/CVE-2020-6559/ SUSE CVE CVE-2020-6559 page https://www.suse.com/security/cve/CVE-2020-6560/ SUSE CVE CVE-2020-6560 page https://www.suse.com/security/cve/CVE-2020-6561/ SUSE CVE CVE-2020-6561 page https://www.suse.com/security/cve/CVE-2020-6562/ SUSE CVE CVE-2020-6562 page https://www.suse.com/security/cve/CVE-2020-6563/ SUSE CVE CVE-2020-6563 page https://www.suse.com/security/cve/CVE-2020-6564/ SUSE CVE CVE-2020-6564 page https://www.suse.com/security/cve/CVE-2020-6565/ SUSE CVE CVE-2020-6565 page https://www.suse.com/security/cve/CVE-2020-6566/ SUSE CVE CVE-2020-6566 page https://www.suse.com/security/cve/CVE-2020-6567/ SUSE CVE CVE-2020-6567 page https://www.suse.com/security/cve/CVE-2020-6568/ SUSE CVE CVE-2020-6568 page https://www.suse.com/security/cve/CVE-2020-6569/ SUSE CVE CVE-2020-6569 page https://www.suse.com/security/cve/CVE-2020-6570/ SUSE CVE CVE-2020-6570 page https://www.suse.com/security/cve/CVE-2020-6571/ SUSE CVE CVE-2020-6571 page https://www.suse.com/security/cve/CVE-2020-6573/ SUSE CVE CVE-2020-6573 page https://www.suse.com/security/cve/CVE-2020-6574/ SUSE CVE CVE-2020-6574 page https://www.suse.com/security/cve/CVE-2020-6575/ SUSE CVE CVE-2020-6575 page https://www.suse.com/security/cve/CVE-2020-6576/ SUSE CVE CVE-2020-6576 page https://www.suse.com/security/cve/CVE-2020-6831/ SUSE CVE CVE-2020-6831 page https://www.suse.com/security/cve/CVE-2021-21106/ SUSE CVE CVE-2021-21106 page https://www.suse.com/security/cve/CVE-2021-21107/ SUSE CVE CVE-2021-21107 page https://www.suse.com/security/cve/CVE-2021-21108/ SUSE CVE CVE-2021-21108 page https://www.suse.com/security/cve/CVE-2021-21109/ SUSE CVE CVE-2021-21109 page https://www.suse.com/security/cve/CVE-2021-21110/ SUSE CVE CVE-2021-21110 page https://www.suse.com/security/cve/CVE-2021-21111/ SUSE CVE CVE-2021-21111 page https://www.suse.com/security/cve/CVE-2021-21112/ SUSE CVE CVE-2021-21112 page https://www.suse.com/security/cve/CVE-2021-21113/ SUSE CVE CVE-2021-21113 page https://www.suse.com/security/cve/CVE-2021-21114/ SUSE CVE CVE-2021-21114 page https://www.suse.com/security/cve/CVE-2021-21115/ SUSE CVE CVE-2021-21115 page https://www.suse.com/security/cve/CVE-2021-21116/ SUSE CVE CVE-2021-21116 page https://www.suse.com/security/cve/CVE-2021-21117/ SUSE CVE CVE-2021-21117 page https://www.suse.com/security/cve/CVE-2021-21118/ SUSE CVE CVE-2021-21118 page https://www.suse.com/security/cve/CVE-2021-21119/ SUSE CVE CVE-2021-21119 page https://www.suse.com/security/cve/CVE-2021-21120/ SUSE CVE CVE-2021-21120 page https://www.suse.com/security/cve/CVE-2021-21121/ SUSE CVE CVE-2021-21121 page https://www.suse.com/security/cve/CVE-2021-21122/ SUSE CVE CVE-2021-21122 page https://www.suse.com/security/cve/CVE-2021-21123/ SUSE CVE CVE-2021-21123 page https://www.suse.com/security/cve/CVE-2021-21124/ SUSE CVE CVE-2021-21124 page https://www.suse.com/security/cve/CVE-2021-21125/ SUSE CVE CVE-2021-21125 page https://www.suse.com/security/cve/CVE-2021-21126/ SUSE CVE CVE-2021-21126 page https://www.suse.com/security/cve/CVE-2021-21127/ SUSE CVE CVE-2021-21127 page https://www.suse.com/security/cve/CVE-2021-21128/ SUSE CVE CVE-2021-21128 page https://www.suse.com/security/cve/CVE-2021-21129/ SUSE CVE CVE-2021-21129 page https://www.suse.com/security/cve/CVE-2021-21130/ SUSE CVE CVE-2021-21130 page https://www.suse.com/security/cve/CVE-2021-21131/ SUSE CVE CVE-2021-21131 page https://www.suse.com/security/cve/CVE-2021-21132/ SUSE CVE CVE-2021-21132 page https://www.suse.com/security/cve/CVE-2021-21133/ SUSE CVE CVE-2021-21133 page https://www.suse.com/security/cve/CVE-2021-21134/ SUSE CVE CVE-2021-21134 page https://www.suse.com/security/cve/CVE-2021-21135/ SUSE CVE CVE-2021-21135 page https://www.suse.com/security/cve/CVE-2021-21136/ SUSE CVE CVE-2021-21136 page https://www.suse.com/security/cve/CVE-2021-21137/ SUSE CVE CVE-2021-21137 page https://www.suse.com/security/cve/CVE-2021-21138/ SUSE CVE CVE-2021-21138 page https://www.suse.com/security/cve/CVE-2021-21139/ SUSE CVE CVE-2021-21139 page https://www.suse.com/security/cve/CVE-2021-21140/ SUSE CVE CVE-2021-21140 page https://www.suse.com/security/cve/CVE-2021-21141/ SUSE CVE CVE-2021-21141 page https://www.suse.com/security/cve/CVE-2021-21142/ SUSE CVE CVE-2021-21142 page https://www.suse.com/security/cve/CVE-2021-21143/ SUSE CVE CVE-2021-21143 page https://www.suse.com/security/cve/CVE-2021-21144/ SUSE CVE CVE-2021-21144 page https://www.suse.com/security/cve/CVE-2021-21145/ SUSE CVE CVE-2021-21145 page https://www.suse.com/security/cve/CVE-2021-21146/ SUSE CVE CVE-2021-21146 page https://www.suse.com/security/cve/CVE-2021-21147/ SUSE CVE CVE-2021-21147 page https://www.suse.com/security/cve/CVE-2021-21148/ SUSE CVE CVE-2021-21148 page https://www.suse.com/security/cve/CVE-2021-21149/ SUSE CVE CVE-2021-21149 page https://www.suse.com/security/cve/CVE-2021-21150/ SUSE CVE CVE-2021-21150 page https://www.suse.com/security/cve/CVE-2021-21151/ SUSE CVE CVE-2021-21151 page https://www.suse.com/security/cve/CVE-2021-21152/ SUSE CVE CVE-2021-21152 page https://www.suse.com/security/cve/CVE-2021-21153/ SUSE CVE CVE-2021-21153 page https://www.suse.com/security/cve/CVE-2021-21154/ SUSE CVE CVE-2021-21154 page https://www.suse.com/security/cve/CVE-2021-21155/ SUSE CVE CVE-2021-21155 page https://www.suse.com/security/cve/CVE-2021-21156/ SUSE CVE CVE-2021-21156 page https://www.suse.com/security/cve/CVE-2021-21157/ SUSE CVE CVE-2021-21157 page https://www.suse.com/security/cve/CVE-2021-21159/ SUSE CVE CVE-2021-21159 page https://www.suse.com/security/cve/CVE-2021-21160/ SUSE CVE CVE-2021-21160 page https://www.suse.com/security/cve/CVE-2021-21161/ SUSE CVE CVE-2021-21161 page https://www.suse.com/security/cve/CVE-2021-21162/ SUSE CVE CVE-2021-21162 page https://www.suse.com/security/cve/CVE-2021-21163/ SUSE CVE CVE-2021-21163 page https://www.suse.com/security/cve/CVE-2021-21164/ SUSE CVE CVE-2021-21164 page https://www.suse.com/security/cve/CVE-2021-21165/ SUSE CVE CVE-2021-21165 page https://www.suse.com/security/cve/CVE-2021-21166/ SUSE CVE CVE-2021-21166 page https://www.suse.com/security/cve/CVE-2021-21167/ SUSE CVE CVE-2021-21167 page https://www.suse.com/security/cve/CVE-2021-21168/ SUSE CVE CVE-2021-21168 page https://www.suse.com/security/cve/CVE-2021-21169/ SUSE CVE CVE-2021-21169 page https://www.suse.com/security/cve/CVE-2021-21170/ SUSE CVE CVE-2021-21170 page https://www.suse.com/security/cve/CVE-2021-21171/ SUSE CVE CVE-2021-21171 page https://www.suse.com/security/cve/CVE-2021-21172/ SUSE CVE CVE-2021-21172 page https://www.suse.com/security/cve/CVE-2021-21173/ SUSE CVE CVE-2021-21173 page https://www.suse.com/security/cve/CVE-2021-21174/ SUSE CVE CVE-2021-21174 page https://www.suse.com/security/cve/CVE-2021-21175/ SUSE CVE CVE-2021-21175 page https://www.suse.com/security/cve/CVE-2021-21176/ SUSE CVE CVE-2021-21176 page https://www.suse.com/security/cve/CVE-2021-21177/ SUSE CVE CVE-2021-21177 page https://www.suse.com/security/cve/CVE-2021-21178/ SUSE CVE CVE-2021-21178 page https://www.suse.com/security/cve/CVE-2021-21179/ SUSE CVE CVE-2021-21179 page https://www.suse.com/security/cve/CVE-2021-21180/ SUSE CVE CVE-2021-21180 page https://www.suse.com/security/cve/CVE-2021-21181/ SUSE CVE CVE-2021-21181 page https://www.suse.com/security/cve/CVE-2021-21182/ SUSE CVE CVE-2021-21182 page https://www.suse.com/security/cve/CVE-2021-21183/ SUSE CVE CVE-2021-21183 page https://www.suse.com/security/cve/CVE-2021-21184/ SUSE CVE CVE-2021-21184 page https://www.suse.com/security/cve/CVE-2021-21185/ SUSE CVE CVE-2021-21185 page https://www.suse.com/security/cve/CVE-2021-21186/ SUSE CVE CVE-2021-21186 page https://www.suse.com/security/cve/CVE-2021-21187/ SUSE CVE CVE-2021-21187 page https://www.suse.com/security/cve/CVE-2021-21188/ SUSE CVE CVE-2021-21188 page https://www.suse.com/security/cve/CVE-2021-21189/ SUSE CVE CVE-2021-21189 page https://www.suse.com/security/cve/CVE-2021-21190/ SUSE CVE CVE-2021-21190 page https://www.suse.com/security/cve/CVE-2021-21191/ SUSE CVE CVE-2021-21191 page https://www.suse.com/security/cve/CVE-2021-21192/ SUSE CVE CVE-2021-21192 page https://www.suse.com/security/cve/CVE-2021-21193/ SUSE CVE CVE-2021-21193 page https://www.suse.com/security/cve/CVE-2021-21194/ SUSE CVE CVE-2021-21194 page https://www.suse.com/security/cve/CVE-2021-21195/ SUSE CVE CVE-2021-21195 page https://www.suse.com/security/cve/CVE-2021-21196/ SUSE CVE CVE-2021-21196 page https://www.suse.com/security/cve/CVE-2021-21197/ SUSE CVE CVE-2021-21197 page https://www.suse.com/security/cve/CVE-2021-21198/ SUSE CVE CVE-2021-21198 page https://www.suse.com/security/cve/CVE-2021-21199/ SUSE CVE CVE-2021-21199 page https://www.suse.com/security/cve/CVE-2021-21201/ SUSE CVE CVE-2021-21201 page https://www.suse.com/security/cve/CVE-2021-21202/ SUSE CVE CVE-2021-21202 page https://www.suse.com/security/cve/CVE-2021-21203/ SUSE CVE CVE-2021-21203 page https://www.suse.com/security/cve/CVE-2021-21204/ SUSE CVE CVE-2021-21204 page https://www.suse.com/security/cve/CVE-2021-21205/ SUSE CVE CVE-2021-21205 page https://www.suse.com/security/cve/CVE-2021-21206/ SUSE CVE CVE-2021-21206 page https://www.suse.com/security/cve/CVE-2021-21207/ SUSE CVE CVE-2021-21207 page https://www.suse.com/security/cve/CVE-2021-21208/ SUSE CVE CVE-2021-21208 page https://www.suse.com/security/cve/CVE-2021-21209/ SUSE CVE CVE-2021-21209 page https://www.suse.com/security/cve/CVE-2021-21210/ SUSE CVE CVE-2021-21210 page https://www.suse.com/security/cve/CVE-2021-21211/ SUSE CVE CVE-2021-21211 page https://www.suse.com/security/cve/CVE-2021-21212/ SUSE CVE CVE-2021-21212 page https://www.suse.com/security/cve/CVE-2021-21213/ SUSE CVE CVE-2021-21213 page https://www.suse.com/security/cve/CVE-2021-21214/ SUSE CVE CVE-2021-21214 page https://www.suse.com/security/cve/CVE-2021-21215/ SUSE CVE CVE-2021-21215 page https://www.suse.com/security/cve/CVE-2021-21216/ SUSE CVE CVE-2021-21216 page https://www.suse.com/security/cve/CVE-2021-21217/ SUSE CVE CVE-2021-21217 page https://www.suse.com/security/cve/CVE-2021-21218/ SUSE CVE CVE-2021-21218 page https://www.suse.com/security/cve/CVE-2021-21219/ SUSE CVE CVE-2021-21219 page https://www.suse.com/security/cve/CVE-2021-21220/ SUSE CVE CVE-2021-21220 page https://www.suse.com/security/cve/CVE-2021-21221/ SUSE CVE CVE-2021-21221 page https://www.suse.com/security/cve/CVE-2021-21222/ SUSE CVE CVE-2021-21222 page https://www.suse.com/security/cve/CVE-2021-21223/ SUSE CVE CVE-2021-21223 page https://www.suse.com/security/cve/CVE-2021-21224/ SUSE CVE CVE-2021-21224 page https://www.suse.com/security/cve/CVE-2021-21225/ SUSE CVE CVE-2021-21225 page https://www.suse.com/security/cve/CVE-2021-21226/ SUSE CVE CVE-2021-21226 page https://www.suse.com/security/cve/CVE-2021-21227/ SUSE CVE CVE-2021-21227 page https://www.suse.com/security/cve/CVE-2021-21228/ SUSE CVE CVE-2021-21228 page https://www.suse.com/security/cve/CVE-2021-21229/ SUSE CVE CVE-2021-21229 page https://www.suse.com/security/cve/CVE-2021-21230/ SUSE CVE CVE-2021-21230 page https://www.suse.com/security/cve/CVE-2021-21231/ SUSE CVE CVE-2021-21231 page https://www.suse.com/security/cve/CVE-2021-21232/ SUSE CVE CVE-2021-21232 page https://www.suse.com/security/cve/CVE-2021-21233/ SUSE CVE CVE-2021-21233 page https://www.suse.com/security/cve/CVE-2021-30506/ SUSE CVE CVE-2021-30506 page https://www.suse.com/security/cve/CVE-2021-30507/ SUSE CVE CVE-2021-30507 page https://www.suse.com/security/cve/CVE-2021-30508/ SUSE CVE CVE-2021-30508 page https://www.suse.com/security/cve/CVE-2021-30509/ SUSE CVE CVE-2021-30509 page https://www.suse.com/security/cve/CVE-2021-30510/ SUSE CVE CVE-2021-30510 page https://www.suse.com/security/cve/CVE-2021-30511/ SUSE CVE CVE-2021-30511 page https://www.suse.com/security/cve/CVE-2021-30512/ SUSE CVE CVE-2021-30512 page https://www.suse.com/security/cve/CVE-2021-30513/ SUSE CVE CVE-2021-30513 page https://www.suse.com/security/cve/CVE-2021-30514/ SUSE CVE CVE-2021-30514 page https://www.suse.com/security/cve/CVE-2021-30515/ SUSE CVE CVE-2021-30515 page https://www.suse.com/security/cve/CVE-2021-30516/ SUSE CVE CVE-2021-30516 page https://www.suse.com/security/cve/CVE-2021-30517/ SUSE CVE CVE-2021-30517 page https://www.suse.com/security/cve/CVE-2021-30518/ SUSE CVE CVE-2021-30518 page https://www.suse.com/security/cve/CVE-2021-30519/ SUSE CVE CVE-2021-30519 page https://www.suse.com/security/cve/CVE-2021-30520/ SUSE CVE CVE-2021-30520 page https://www.suse.com/security/cve/CVE-2021-30521/ SUSE CVE CVE-2021-30521 page https://www.suse.com/security/cve/CVE-2021-30522/ SUSE CVE CVE-2021-30522 page https://www.suse.com/security/cve/CVE-2021-30523/ SUSE CVE CVE-2021-30523 page https://www.suse.com/security/cve/CVE-2021-30524/ SUSE CVE CVE-2021-30524 page https://www.suse.com/security/cve/CVE-2021-30525/ SUSE CVE CVE-2021-30525 page https://www.suse.com/security/cve/CVE-2021-30526/ SUSE CVE CVE-2021-30526 page https://www.suse.com/security/cve/CVE-2021-30527/ SUSE CVE CVE-2021-30527 page https://www.suse.com/security/cve/CVE-2021-30528/ SUSE CVE CVE-2021-30528 page https://www.suse.com/security/cve/CVE-2021-30529/ SUSE CVE CVE-2021-30529 page https://www.suse.com/security/cve/CVE-2021-30530/ SUSE CVE CVE-2021-30530 page https://www.suse.com/security/cve/CVE-2021-30531/ SUSE CVE CVE-2021-30531 page https://www.suse.com/security/cve/CVE-2021-30532/ SUSE CVE CVE-2021-30532 page https://www.suse.com/security/cve/CVE-2021-30533/ SUSE CVE CVE-2021-30533 page https://www.suse.com/security/cve/CVE-2021-30534/ SUSE CVE CVE-2021-30534 page https://www.suse.com/security/cve/CVE-2021-30535/ SUSE CVE CVE-2021-30535 page https://www.suse.com/security/cve/CVE-2021-30536/ SUSE CVE CVE-2021-30536 page https://www.suse.com/security/cve/CVE-2021-30537/ SUSE CVE CVE-2021-30537 page https://www.suse.com/security/cve/CVE-2021-30538/ SUSE CVE CVE-2021-30538 page https://www.suse.com/security/cve/CVE-2021-30539/ SUSE CVE CVE-2021-30539 page https://www.suse.com/security/cve/CVE-2021-30540/ SUSE CVE CVE-2021-30540 page https://www.suse.com/security/cve/CVE-2021-30541/ SUSE CVE CVE-2021-30541 page https://www.suse.com/security/cve/CVE-2021-30544/ SUSE CVE CVE-2021-30544 page https://www.suse.com/security/cve/CVE-2021-30545/ SUSE CVE CVE-2021-30545 page https://www.suse.com/security/cve/CVE-2021-30546/ SUSE CVE CVE-2021-30546 page https://www.suse.com/security/cve/CVE-2021-30547/ SUSE CVE CVE-2021-30547 page https://www.suse.com/security/cve/CVE-2021-30548/ SUSE CVE CVE-2021-30548 page https://www.suse.com/security/cve/CVE-2021-30549/ SUSE CVE CVE-2021-30549 page https://www.suse.com/security/cve/CVE-2021-30550/ SUSE CVE CVE-2021-30550 page https://www.suse.com/security/cve/CVE-2021-30551/ SUSE CVE CVE-2021-30551 page https://www.suse.com/security/cve/CVE-2021-30552/ SUSE CVE CVE-2021-30552 page https://www.suse.com/security/cve/CVE-2021-30553/ SUSE CVE CVE-2021-30553 page https://www.suse.com/security/cve/CVE-2021-30554/ SUSE CVE CVE-2021-30554 page https://www.suse.com/security/cve/CVE-2021-30555/ SUSE CVE CVE-2021-30555 page https://www.suse.com/security/cve/CVE-2021-30556/ SUSE CVE CVE-2021-30556 page https://www.suse.com/security/cve/CVE-2021-30557/ SUSE CVE CVE-2021-30557 page https://www.suse.com/security/cve/CVE-2021-30559/ SUSE CVE CVE-2021-30559 page https://www.suse.com/security/cve/CVE-2021-30560/ SUSE CVE CVE-2021-30560 page https://www.suse.com/security/cve/CVE-2021-30561/ SUSE CVE CVE-2021-30561 page https://www.suse.com/security/cve/CVE-2021-30562/ SUSE CVE CVE-2021-30562 page https://www.suse.com/security/cve/CVE-2021-30563/ SUSE CVE CVE-2021-30563 page https://www.suse.com/security/cve/CVE-2021-30564/ SUSE CVE CVE-2021-30564 page https://www.suse.com/security/cve/CVE-2021-30565/ SUSE CVE CVE-2021-30565 page https://www.suse.com/security/cve/CVE-2021-30566/ SUSE CVE CVE-2021-30566 page https://www.suse.com/security/cve/CVE-2021-30567/ SUSE CVE CVE-2021-30567 page https://www.suse.com/security/cve/CVE-2021-30568/ SUSE CVE CVE-2021-30568 page https://www.suse.com/security/cve/CVE-2021-30569/ SUSE CVE CVE-2021-30569 page https://www.suse.com/security/cve/CVE-2021-30571/ SUSE CVE CVE-2021-30571 page https://www.suse.com/security/cve/CVE-2021-30572/ SUSE CVE CVE-2021-30572 page https://www.suse.com/security/cve/CVE-2021-30573/ SUSE CVE CVE-2021-30573 page https://www.suse.com/security/cve/CVE-2021-30574/ SUSE CVE CVE-2021-30574 page https://www.suse.com/security/cve/CVE-2021-30575/ SUSE CVE CVE-2021-30575 page https://www.suse.com/security/cve/CVE-2021-30576/ SUSE CVE CVE-2021-30576 page https://www.suse.com/security/cve/CVE-2021-30577/ SUSE CVE CVE-2021-30577 page https://www.suse.com/security/cve/CVE-2021-30578/ SUSE CVE CVE-2021-30578 page https://www.suse.com/security/cve/CVE-2021-30579/ SUSE CVE CVE-2021-30579 page https://www.suse.com/security/cve/CVE-2021-30581/ SUSE CVE CVE-2021-30581 page https://www.suse.com/security/cve/CVE-2021-30582/ SUSE CVE CVE-2021-30582 page https://www.suse.com/security/cve/CVE-2021-30584/ SUSE CVE CVE-2021-30584 page https://www.suse.com/security/cve/CVE-2021-30585/ SUSE CVE CVE-2021-30585 page https://www.suse.com/security/cve/CVE-2021-30588/ SUSE CVE CVE-2021-30588 page https://www.suse.com/security/cve/CVE-2021-30589/ SUSE CVE CVE-2021-30589 page https://www.suse.com/security/cve/CVE-2021-30590/ SUSE CVE CVE-2021-30590 page https://www.suse.com/security/cve/CVE-2021-30591/ SUSE CVE CVE-2021-30591 page https://www.suse.com/security/cve/CVE-2021-30592/ SUSE CVE CVE-2021-30592 page https://www.suse.com/security/cve/CVE-2021-30593/ SUSE CVE CVE-2021-30593 page https://www.suse.com/security/cve/CVE-2021-30594/ SUSE CVE CVE-2021-30594 page https://www.suse.com/security/cve/CVE-2021-30596/ SUSE CVE CVE-2021-30596 page https://www.suse.com/security/cve/CVE-2021-30597/ SUSE CVE CVE-2021-30597 page https://www.suse.com/security/cve/CVE-2021-30598/ SUSE CVE CVE-2021-30598 page https://www.suse.com/security/cve/CVE-2021-30599/ SUSE CVE CVE-2021-30599 page https://www.suse.com/security/cve/CVE-2021-30600/ SUSE CVE CVE-2021-30600 page https://www.suse.com/security/cve/CVE-2021-30601/ SUSE CVE CVE-2021-30601 page https://www.suse.com/security/cve/CVE-2021-30602/ SUSE CVE CVE-2021-30602 page https://www.suse.com/security/cve/CVE-2021-30603/ SUSE CVE CVE-2021-30603 page https://www.suse.com/security/cve/CVE-2021-30604/ SUSE CVE CVE-2021-30604 page https://www.suse.com/security/cve/CVE-2021-30606/ SUSE CVE CVE-2021-30606 page https://www.suse.com/security/cve/CVE-2021-30607/ SUSE CVE CVE-2021-30607 page https://www.suse.com/security/cve/CVE-2021-30608/ SUSE CVE CVE-2021-30608 page https://www.suse.com/security/cve/CVE-2021-30609/ SUSE CVE CVE-2021-30609 page https://www.suse.com/security/cve/CVE-2021-30610/ SUSE CVE CVE-2021-30610 page https://www.suse.com/security/cve/CVE-2021-30611/ SUSE CVE CVE-2021-30611 page https://www.suse.com/security/cve/CVE-2021-30612/ SUSE CVE CVE-2021-30612 page https://www.suse.com/security/cve/CVE-2021-30613/ SUSE CVE CVE-2021-30613 page https://www.suse.com/security/cve/CVE-2021-30614/ SUSE CVE CVE-2021-30614 page https://www.suse.com/security/cve/CVE-2021-30615/ SUSE CVE CVE-2021-30615 page https://www.suse.com/security/cve/CVE-2021-30616/ SUSE CVE CVE-2021-30616 page https://www.suse.com/security/cve/CVE-2021-30617/ SUSE CVE CVE-2021-30617 page https://www.suse.com/security/cve/CVE-2021-30618/ SUSE CVE CVE-2021-30618 page https://www.suse.com/security/cve/CVE-2021-30619/ SUSE CVE CVE-2021-30619 page https://www.suse.com/security/cve/CVE-2021-30620/ SUSE CVE CVE-2021-30620 page https://www.suse.com/security/cve/CVE-2021-30621/ SUSE CVE CVE-2021-30621 page https://www.suse.com/security/cve/CVE-2021-30622/ SUSE CVE CVE-2021-30622 page https://www.suse.com/security/cve/CVE-2021-30623/ SUSE CVE CVE-2021-30623 page https://www.suse.com/security/cve/CVE-2021-30624/ SUSE CVE CVE-2021-30624 page https://www.suse.com/security/cve/CVE-2021-30625/ SUSE CVE CVE-2021-30625 page https://www.suse.com/security/cve/CVE-2021-30626/ SUSE CVE CVE-2021-30626 page https://www.suse.com/security/cve/CVE-2021-30627/ SUSE CVE CVE-2021-30627 page https://www.suse.com/security/cve/CVE-2021-30628/ SUSE CVE CVE-2021-30628 page https://www.suse.com/security/cve/CVE-2021-30629/ SUSE CVE CVE-2021-30629 page https://www.suse.com/security/cve/CVE-2021-30630/ SUSE CVE CVE-2021-30630 page https://www.suse.com/security/cve/CVE-2021-30631/ SUSE CVE CVE-2021-30631 page https://www.suse.com/security/cve/CVE-2021-30632/ SUSE CVE CVE-2021-30632 page https://www.suse.com/security/cve/CVE-2021-30633/ SUSE CVE CVE-2021-30633 page https://www.suse.com/security/cve/CVE-2021-37956/ SUSE CVE CVE-2021-37956 page https://www.suse.com/security/cve/CVE-2021-37957/ SUSE CVE CVE-2021-37957 page https://www.suse.com/security/cve/CVE-2021-37958/ SUSE CVE CVE-2021-37958 page https://www.suse.com/security/cve/CVE-2021-37959/ SUSE CVE CVE-2021-37959 page https://www.suse.com/security/cve/CVE-2021-37960/ SUSE CVE CVE-2021-37960 page https://www.suse.com/security/cve/CVE-2021-37961/ SUSE CVE CVE-2021-37961 page https://www.suse.com/security/cve/CVE-2021-37962/ SUSE CVE CVE-2021-37962 page https://www.suse.com/security/cve/CVE-2021-37963/ SUSE CVE CVE-2021-37963 page https://www.suse.com/security/cve/CVE-2021-37964/ SUSE CVE CVE-2021-37964 page https://www.suse.com/security/cve/CVE-2021-37965/ SUSE CVE CVE-2021-37965 page https://www.suse.com/security/cve/CVE-2021-37966/ SUSE CVE CVE-2021-37966 page https://www.suse.com/security/cve/CVE-2021-37967/ SUSE CVE CVE-2021-37967 page https://www.suse.com/security/cve/CVE-2021-37968/ SUSE CVE CVE-2021-37968 page https://www.suse.com/security/cve/CVE-2021-37969/ SUSE CVE CVE-2021-37969 page https://www.suse.com/security/cve/CVE-2021-37970/ SUSE CVE CVE-2021-37970 page https://www.suse.com/security/cve/CVE-2021-37971/ SUSE CVE CVE-2021-37971 page https://www.suse.com/security/cve/CVE-2021-37972/ SUSE CVE CVE-2021-37972 page https://www.suse.com/security/cve/CVE-2021-37973/ SUSE CVE CVE-2021-37973 page https://www.suse.com/security/cve/CVE-2021-37974/ SUSE CVE CVE-2021-37974 page https://www.suse.com/security/cve/CVE-2021-37975/ SUSE CVE CVE-2021-37975 page https://www.suse.com/security/cve/CVE-2021-37976/ SUSE CVE CVE-2021-37976 page https://www.suse.com/security/cve/CVE-2021-37977/ SUSE CVE CVE-2021-37977 page https://www.suse.com/security/cve/CVE-2021-37978/ SUSE CVE CVE-2021-37978 page https://www.suse.com/security/cve/CVE-2021-37979/ SUSE CVE CVE-2021-37979 page https://www.suse.com/security/cve/CVE-2021-37980/ SUSE CVE CVE-2021-37980 page https://www.suse.com/security/cve/CVE-2021-37981/ SUSE CVE CVE-2021-37981 page https://www.suse.com/security/cve/CVE-2021-37982/ SUSE CVE CVE-2021-37982 page https://www.suse.com/security/cve/CVE-2021-37983/ SUSE CVE CVE-2021-37983 page https://www.suse.com/security/cve/CVE-2021-37984/ SUSE CVE CVE-2021-37984 page https://www.suse.com/security/cve/CVE-2021-37985/ SUSE CVE CVE-2021-37985 page https://www.suse.com/security/cve/CVE-2021-37986/ SUSE CVE CVE-2021-37986 page https://www.suse.com/security/cve/CVE-2021-37987/ SUSE CVE CVE-2021-37987 page https://www.suse.com/security/cve/CVE-2021-37988/ SUSE CVE CVE-2021-37988 page https://www.suse.com/security/cve/CVE-2021-37989/ SUSE CVE CVE-2021-37989 page https://www.suse.com/security/cve/CVE-2021-37990/ SUSE CVE CVE-2021-37990 page https://www.suse.com/security/cve/CVE-2021-37991/ SUSE CVE CVE-2021-37991 page https://www.suse.com/security/cve/CVE-2021-37992/ SUSE CVE CVE-2021-37992 page https://www.suse.com/security/cve/CVE-2021-37993/ SUSE CVE CVE-2021-37993 page https://www.suse.com/security/cve/CVE-2021-37994/ SUSE CVE CVE-2021-37994 page https://www.suse.com/security/cve/CVE-2021-37995/ SUSE CVE CVE-2021-37995 page https://www.suse.com/security/cve/CVE-2021-37996/ SUSE CVE CVE-2021-37996 page https://www.suse.com/security/cve/CVE-2021-37997/ SUSE CVE CVE-2021-37997 page https://www.suse.com/security/cve/CVE-2021-37998/ SUSE CVE CVE-2021-37998 page https://www.suse.com/security/cve/CVE-2021-37999/ SUSE CVE CVE-2021-37999 page https://www.suse.com/security/cve/CVE-2021-38000/ SUSE CVE CVE-2021-38000 page https://www.suse.com/security/cve/CVE-2021-38001/ SUSE CVE CVE-2021-38001 page https://www.suse.com/security/cve/CVE-2021-38002/ SUSE CVE CVE-2021-38002 page https://www.suse.com/security/cve/CVE-2021-38003/ SUSE CVE CVE-2021-38003 page https://www.suse.com/security/cve/CVE-2021-38005/ SUSE CVE CVE-2021-38005 page https://www.suse.com/security/cve/CVE-2021-38006/ SUSE CVE CVE-2021-38006 page https://www.suse.com/security/cve/CVE-2021-38007/ SUSE CVE CVE-2021-38007 page https://www.suse.com/security/cve/CVE-2021-38008/ SUSE CVE CVE-2021-38008 page https://www.suse.com/security/cve/CVE-2021-38009/ SUSE CVE CVE-2021-38009 page https://www.suse.com/security/cve/CVE-2021-38010/ SUSE CVE CVE-2021-38010 page https://www.suse.com/security/cve/CVE-2021-38011/ SUSE CVE CVE-2021-38011 page https://www.suse.com/security/cve/CVE-2021-38012/ SUSE CVE CVE-2021-38012 page https://www.suse.com/security/cve/CVE-2021-38013/ SUSE CVE CVE-2021-38013 page https://www.suse.com/security/cve/CVE-2021-38014/ SUSE CVE CVE-2021-38014 page https://www.suse.com/security/cve/CVE-2021-38015/ SUSE CVE CVE-2021-38015 page https://www.suse.com/security/cve/CVE-2021-38016/ SUSE CVE CVE-2021-38016 page https://www.suse.com/security/cve/CVE-2021-38017/ SUSE CVE CVE-2021-38017 page https://www.suse.com/security/cve/CVE-2021-38018/ SUSE CVE CVE-2021-38018 page https://www.suse.com/security/cve/CVE-2021-38019/ SUSE CVE CVE-2021-38019 page https://www.suse.com/security/cve/CVE-2021-38020/ SUSE CVE CVE-2021-38020 page https://www.suse.com/security/cve/CVE-2021-38021/ SUSE CVE CVE-2021-38021 page https://www.suse.com/security/cve/CVE-2021-38022/ SUSE CVE CVE-2021-38022 page https://www.suse.com/security/cve/CVE-2021-4052/ SUSE CVE CVE-2021-4052 page https://www.suse.com/security/cve/CVE-2021-4053/ SUSE CVE CVE-2021-4053 page https://www.suse.com/security/cve/CVE-2021-4054/ SUSE CVE CVE-2021-4054 page https://www.suse.com/security/cve/CVE-2021-4055/ SUSE CVE CVE-2021-4055 page https://www.suse.com/security/cve/CVE-2021-4056/ SUSE CVE CVE-2021-4056 page https://www.suse.com/security/cve/CVE-2021-4057/ SUSE CVE CVE-2021-4057 page https://www.suse.com/security/cve/CVE-2021-4058/ SUSE CVE CVE-2021-4058 page https://www.suse.com/security/cve/CVE-2021-4059/ SUSE CVE CVE-2021-4059 page https://www.suse.com/security/cve/CVE-2021-4061/ SUSE CVE CVE-2021-4061 page https://www.suse.com/security/cve/CVE-2021-4062/ SUSE CVE CVE-2021-4062 page https://www.suse.com/security/cve/CVE-2021-4063/ SUSE CVE CVE-2021-4063 page https://www.suse.com/security/cve/CVE-2021-4064/ SUSE CVE CVE-2021-4064 page https://www.suse.com/security/cve/CVE-2021-4065/ SUSE CVE CVE-2021-4065 page https://www.suse.com/security/cve/CVE-2021-4066/ SUSE CVE CVE-2021-4066 page https://www.suse.com/security/cve/CVE-2021-4067/ SUSE CVE CVE-2021-4067 page https://www.suse.com/security/cve/CVE-2021-4068/ SUSE CVE CVE-2021-4068 page https://www.suse.com/security/cve/CVE-2021-4078/ SUSE CVE CVE-2021-4078 page https://www.suse.com/security/cve/CVE-2021-4079/ SUSE CVE CVE-2021-4079 page https://www.suse.com/security/cve/CVE-2021-4098/ SUSE CVE CVE-2021-4098 page https://www.suse.com/security/cve/CVE-2021-4099/ SUSE CVE CVE-2021-4099 page https://www.suse.com/security/cve/CVE-2021-4100/ SUSE CVE CVE-2021-4100 page https://www.suse.com/security/cve/CVE-2021-4101/ SUSE CVE CVE-2021-4101 page https://www.suse.com/security/cve/CVE-2021-4102/ SUSE CVE CVE-2021-4102 page https://www.suse.com/security/cve/CVE-2022-0096/ SUSE CVE CVE-2022-0096 page https://www.suse.com/security/cve/CVE-2022-0097/ SUSE CVE CVE-2022-0097 page https://www.suse.com/security/cve/CVE-2022-0098/ SUSE CVE CVE-2022-0098 page https://www.suse.com/security/cve/CVE-2022-0099/ SUSE CVE CVE-2022-0099 page https://www.suse.com/security/cve/CVE-2022-0100/ SUSE CVE CVE-2022-0100 page https://www.suse.com/security/cve/CVE-2022-0101/ SUSE CVE CVE-2022-0101 page https://www.suse.com/security/cve/CVE-2022-0102/ SUSE CVE CVE-2022-0102 page https://www.suse.com/security/cve/CVE-2022-0103/ SUSE CVE CVE-2022-0103 page https://www.suse.com/security/cve/CVE-2022-0104/ SUSE CVE CVE-2022-0104 page https://www.suse.com/security/cve/CVE-2022-0105/ SUSE CVE CVE-2022-0105 page https://www.suse.com/security/cve/CVE-2022-0106/ SUSE CVE CVE-2022-0106 page https://www.suse.com/security/cve/CVE-2022-0107/ SUSE CVE CVE-2022-0107 page https://www.suse.com/security/cve/CVE-2022-0108/ SUSE CVE CVE-2022-0108 page https://www.suse.com/security/cve/CVE-2022-0109/ SUSE CVE CVE-2022-0109 page https://www.suse.com/security/cve/CVE-2022-0110/ SUSE CVE CVE-2022-0110 page https://www.suse.com/security/cve/CVE-2022-0111/ SUSE CVE CVE-2022-0111 page https://www.suse.com/security/cve/CVE-2022-0112/ SUSE CVE CVE-2022-0112 page https://www.suse.com/security/cve/CVE-2022-0113/ SUSE CVE CVE-2022-0113 page https://www.suse.com/security/cve/CVE-2022-0114/ SUSE CVE CVE-2022-0114 page https://www.suse.com/security/cve/CVE-2022-0115/ SUSE CVE CVE-2022-0115 page https://www.suse.com/security/cve/CVE-2022-0116/ SUSE CVE CVE-2022-0116 page https://www.suse.com/security/cve/CVE-2022-0117/ SUSE CVE CVE-2022-0117 page https://www.suse.com/security/cve/CVE-2022-0118/ SUSE CVE CVE-2022-0118 page https://www.suse.com/security/cve/CVE-2022-0120/ SUSE CVE CVE-2022-0120 page https://www.suse.com/security/cve/CVE-2022-0289/ SUSE CVE CVE-2022-0289 page https://www.suse.com/security/cve/CVE-2022-0290/ SUSE CVE CVE-2022-0290 page https://www.suse.com/security/cve/CVE-2022-0291/ SUSE CVE CVE-2022-0291 page https://www.suse.com/security/cve/CVE-2022-0292/ SUSE CVE CVE-2022-0292 page https://www.suse.com/security/cve/CVE-2022-0293/ SUSE CVE CVE-2022-0293 page https://www.suse.com/security/cve/CVE-2022-0294/ SUSE CVE CVE-2022-0294 page https://www.suse.com/security/cve/CVE-2022-0295/ SUSE CVE CVE-2022-0295 page https://www.suse.com/security/cve/CVE-2022-0296/ SUSE CVE CVE-2022-0296 page https://www.suse.com/security/cve/CVE-2022-0297/ SUSE CVE CVE-2022-0297 page https://www.suse.com/security/cve/CVE-2022-0298/ SUSE CVE CVE-2022-0298 page https://www.suse.com/security/cve/CVE-2022-0300/ SUSE CVE CVE-2022-0300 page https://www.suse.com/security/cve/CVE-2022-0301/ SUSE CVE CVE-2022-0301 page https://www.suse.com/security/cve/CVE-2022-0302/ SUSE CVE CVE-2022-0302 page https://www.suse.com/security/cve/CVE-2022-0303/ SUSE CVE CVE-2022-0303 page https://www.suse.com/security/cve/CVE-2022-0304/ SUSE CVE CVE-2022-0304 page https://www.suse.com/security/cve/CVE-2022-0305/ SUSE CVE CVE-2022-0305 page https://www.suse.com/security/cve/CVE-2022-0306/ SUSE CVE CVE-2022-0306 page https://www.suse.com/security/cve/CVE-2022-0307/ SUSE CVE CVE-2022-0307 page https://www.suse.com/security/cve/CVE-2022-0308/ SUSE CVE CVE-2022-0308 page https://www.suse.com/security/cve/CVE-2022-0309/ SUSE CVE CVE-2022-0309 page https://www.suse.com/security/cve/CVE-2022-0310/ SUSE CVE CVE-2022-0310 page https://www.suse.com/security/cve/CVE-2022-0311/ SUSE CVE CVE-2022-0311 page https://www.suse.com/security/cve/CVE-2022-0452/ SUSE CVE CVE-2022-0452 page https://www.suse.com/security/cve/CVE-2022-0453/ SUSE CVE CVE-2022-0453 page https://www.suse.com/security/cve/CVE-2022-0454/ SUSE CVE CVE-2022-0454 page https://www.suse.com/security/cve/CVE-2022-0455/ SUSE CVE CVE-2022-0455 page https://www.suse.com/security/cve/CVE-2022-0456/ SUSE CVE CVE-2022-0456 page https://www.suse.com/security/cve/CVE-2022-0457/ SUSE CVE CVE-2022-0457 page https://www.suse.com/security/cve/CVE-2022-0459/ SUSE CVE CVE-2022-0459 page https://www.suse.com/security/cve/CVE-2022-0460/ SUSE CVE CVE-2022-0460 page https://www.suse.com/security/cve/CVE-2022-0461/ SUSE CVE CVE-2022-0461 page https://www.suse.com/security/cve/CVE-2022-0462/ SUSE CVE CVE-2022-0462 page https://www.suse.com/security/cve/CVE-2022-0463/ SUSE CVE CVE-2022-0463 page https://www.suse.com/security/cve/CVE-2022-0464/ SUSE CVE CVE-2022-0464 page https://www.suse.com/security/cve/CVE-2022-0465/ SUSE CVE CVE-2022-0465 page https://www.suse.com/security/cve/CVE-2022-0466/ SUSE CVE CVE-2022-0466 page https://www.suse.com/security/cve/CVE-2022-0467/ SUSE CVE CVE-2022-0467 page https://www.suse.com/security/cve/CVE-2022-0468/ SUSE CVE CVE-2022-0468 page https://www.suse.com/security/cve/CVE-2022-0469/ SUSE CVE CVE-2022-0469 page https://www.suse.com/security/cve/CVE-2022-0470/ SUSE CVE CVE-2022-0470 page https://www.suse.com/security/cve/CVE-2022-0603/ SUSE CVE CVE-2022-0603 page https://www.suse.com/security/cve/CVE-2022-0604/ SUSE CVE CVE-2022-0604 page https://www.suse.com/security/cve/CVE-2022-0605/ SUSE CVE CVE-2022-0605 page https://www.suse.com/security/cve/CVE-2022-0606/ SUSE CVE CVE-2022-0606 page https://www.suse.com/security/cve/CVE-2022-0607/ SUSE CVE CVE-2022-0607 page https://www.suse.com/security/cve/CVE-2022-0608/ SUSE CVE CVE-2022-0608 page https://www.suse.com/security/cve/CVE-2022-0609/ SUSE CVE CVE-2022-0609 page https://www.suse.com/security/cve/CVE-2022-0610/ SUSE CVE CVE-2022-0610 page https://www.suse.com/security/cve/CVE-2022-0789/ SUSE CVE CVE-2022-0789 page https://www.suse.com/security/cve/CVE-2022-0790/ SUSE CVE CVE-2022-0790 page https://www.suse.com/security/cve/CVE-2022-0791/ SUSE CVE CVE-2022-0791 page https://www.suse.com/security/cve/CVE-2022-0792/ SUSE CVE CVE-2022-0792 page https://www.suse.com/security/cve/CVE-2022-0793/ SUSE CVE CVE-2022-0793 page https://www.suse.com/security/cve/CVE-2022-0794/ SUSE CVE CVE-2022-0794 page https://www.suse.com/security/cve/CVE-2022-0795/ SUSE CVE CVE-2022-0795 page https://www.suse.com/security/cve/CVE-2022-0796/ SUSE CVE CVE-2022-0796 page https://www.suse.com/security/cve/CVE-2022-0797/ SUSE CVE CVE-2022-0797 page https://www.suse.com/security/cve/CVE-2022-0798/ SUSE CVE CVE-2022-0798 page https://www.suse.com/security/cve/CVE-2022-0799/ SUSE CVE CVE-2022-0799 page https://www.suse.com/security/cve/CVE-2022-0800/ SUSE CVE CVE-2022-0800 page https://www.suse.com/security/cve/CVE-2022-0801/ SUSE CVE CVE-2022-0801 page https://www.suse.com/security/cve/CVE-2022-0802/ SUSE CVE CVE-2022-0802 page https://www.suse.com/security/cve/CVE-2022-0803/ SUSE CVE CVE-2022-0803 page https://www.suse.com/security/cve/CVE-2022-0804/ SUSE CVE CVE-2022-0804 page https://www.suse.com/security/cve/CVE-2022-0805/ SUSE CVE CVE-2022-0805 page https://www.suse.com/security/cve/CVE-2022-0806/ SUSE CVE CVE-2022-0806 page https://www.suse.com/security/cve/CVE-2022-0807/ SUSE CVE CVE-2022-0807 page https://www.suse.com/security/cve/CVE-2022-0808/ SUSE CVE CVE-2022-0808 page https://www.suse.com/security/cve/CVE-2022-0809/ SUSE CVE CVE-2022-0809 page https://www.suse.com/security/cve/CVE-2022-0971/ SUSE CVE CVE-2022-0971 page https://www.suse.com/security/cve/CVE-2022-0972/ SUSE CVE CVE-2022-0972 page https://www.suse.com/security/cve/CVE-2022-0973/ SUSE CVE CVE-2022-0973 page https://www.suse.com/security/cve/CVE-2022-0974/ SUSE CVE CVE-2022-0974 page https://www.suse.com/security/cve/CVE-2022-0975/ SUSE CVE CVE-2022-0975 page https://www.suse.com/security/cve/CVE-2022-0976/ SUSE CVE CVE-2022-0976 page https://www.suse.com/security/cve/CVE-2022-0977/ SUSE CVE CVE-2022-0977 page https://www.suse.com/security/cve/CVE-2022-0978/ SUSE CVE CVE-2022-0978 page https://www.suse.com/security/cve/CVE-2022-0979/ SUSE CVE CVE-2022-0979 page https://www.suse.com/security/cve/CVE-2022-0980/ SUSE CVE CVE-2022-0980 page https://www.suse.com/security/cve/CVE-2022-1096/ SUSE CVE CVE-2022-1096 page https://www.suse.com/security/cve/CVE-2022-1125/ SUSE CVE CVE-2022-1125 page https://www.suse.com/security/cve/CVE-2022-1127/ SUSE CVE CVE-2022-1127 page https://www.suse.com/security/cve/CVE-2022-1128/ SUSE CVE CVE-2022-1128 page https://www.suse.com/security/cve/CVE-2022-1129/ SUSE CVE CVE-2022-1129 page https://www.suse.com/security/cve/CVE-2022-1130/ SUSE CVE CVE-2022-1130 page https://www.suse.com/security/cve/CVE-2022-1131/ SUSE CVE CVE-2022-1131 page https://www.suse.com/security/cve/CVE-2022-1132/ SUSE CVE CVE-2022-1132 page https://www.suse.com/security/cve/CVE-2022-1133/ SUSE CVE CVE-2022-1133 page https://www.suse.com/security/cve/CVE-2022-1134/ SUSE CVE CVE-2022-1134 page https://www.suse.com/security/cve/CVE-2022-1135/ SUSE CVE CVE-2022-1135 page https://www.suse.com/security/cve/CVE-2022-1136/ SUSE CVE CVE-2022-1136 page https://www.suse.com/security/cve/CVE-2022-1137/ SUSE CVE CVE-2022-1137 page https://www.suse.com/security/cve/CVE-2022-1138/ SUSE CVE CVE-2022-1138 page https://www.suse.com/security/cve/CVE-2022-1139/ SUSE CVE CVE-2022-1139 page https://www.suse.com/security/cve/CVE-2022-1141/ SUSE CVE CVE-2022-1141 page https://www.suse.com/security/cve/CVE-2022-1142/ SUSE CVE CVE-2022-1142 page https://www.suse.com/security/cve/CVE-2022-1143/ SUSE CVE CVE-2022-1143 page https://www.suse.com/security/cve/CVE-2022-1144/ SUSE CVE CVE-2022-1144 page https://www.suse.com/security/cve/CVE-2022-1145/ SUSE CVE CVE-2022-1145 page https://www.suse.com/security/cve/CVE-2022-1146/ SUSE CVE CVE-2022-1146 page https://www.suse.com/security/cve/CVE-2022-1232/ SUSE CVE CVE-2022-1232 page https://www.suse.com/security/cve/CVE-2022-1305/ SUSE CVE CVE-2022-1305 page https://www.suse.com/security/cve/CVE-2022-1306/ SUSE CVE CVE-2022-1306 page https://www.suse.com/security/cve/CVE-2022-1307/ SUSE CVE CVE-2022-1307 page https://www.suse.com/security/cve/CVE-2022-1308/ SUSE CVE CVE-2022-1308 page https://www.suse.com/security/cve/CVE-2022-1309/ SUSE CVE CVE-2022-1309 page https://www.suse.com/security/cve/CVE-2022-1310/ SUSE CVE CVE-2022-1310 page https://www.suse.com/security/cve/CVE-2022-1311/ SUSE CVE CVE-2022-1311 page https://www.suse.com/security/cve/CVE-2022-1312/ SUSE CVE CVE-2022-1312 page https://www.suse.com/security/cve/CVE-2022-1313/ SUSE CVE CVE-2022-1313 page https://www.suse.com/security/cve/CVE-2022-1314/ SUSE CVE CVE-2022-1314 page https://www.suse.com/security/cve/CVE-2022-1364/ SUSE CVE CVE-2022-1364 page https://www.suse.com/security/cve/CVE-2022-1477/ SUSE CVE CVE-2022-1477 page https://www.suse.com/security/cve/CVE-2022-1478/ SUSE CVE CVE-2022-1478 page https://www.suse.com/security/cve/CVE-2022-1479/ SUSE CVE CVE-2022-1479 page https://www.suse.com/security/cve/CVE-2022-1480/ SUSE CVE CVE-2022-1480 page https://www.suse.com/security/cve/CVE-2022-1481/ SUSE CVE CVE-2022-1481 page https://www.suse.com/security/cve/CVE-2022-1482/ SUSE CVE CVE-2022-1482 page https://www.suse.com/security/cve/CVE-2022-1483/ SUSE CVE CVE-2022-1483 page https://www.suse.com/security/cve/CVE-2022-1484/ SUSE CVE CVE-2022-1484 page https://www.suse.com/security/cve/CVE-2022-1485/ SUSE CVE CVE-2022-1485 page https://www.suse.com/security/cve/CVE-2022-1486/ SUSE CVE CVE-2022-1486 page https://www.suse.com/security/cve/CVE-2022-1487/ SUSE CVE CVE-2022-1487 page https://www.suse.com/security/cve/CVE-2022-1488/ SUSE CVE CVE-2022-1488 page https://www.suse.com/security/cve/CVE-2022-1489/ SUSE CVE CVE-2022-1489 page https://www.suse.com/security/cve/CVE-2022-1490/ SUSE CVE CVE-2022-1490 page https://www.suse.com/security/cve/CVE-2022-1491/ SUSE CVE CVE-2022-1491 page https://www.suse.com/security/cve/CVE-2022-1492/ SUSE CVE CVE-2022-1492 page https://www.suse.com/security/cve/CVE-2022-1493/ SUSE CVE CVE-2022-1493 page https://www.suse.com/security/cve/CVE-2022-1494/ SUSE CVE CVE-2022-1494 page https://www.suse.com/security/cve/CVE-2022-1495/ SUSE CVE CVE-2022-1495 page https://www.suse.com/security/cve/CVE-2022-1496/ SUSE CVE CVE-2022-1496 page https://www.suse.com/security/cve/CVE-2022-1497/ SUSE CVE CVE-2022-1497 page https://www.suse.com/security/cve/CVE-2022-1498/ SUSE CVE CVE-2022-1498 page https://www.suse.com/security/cve/CVE-2022-1499/ SUSE CVE CVE-2022-1499 page https://www.suse.com/security/cve/CVE-2022-1500/ SUSE CVE CVE-2022-1500 page https://www.suse.com/security/cve/CVE-2022-1501/ SUSE CVE CVE-2022-1501 page https://www.suse.com/security/cve/CVE-2022-1633/ SUSE CVE CVE-2022-1633 page https://www.suse.com/security/cve/CVE-2022-1634/ SUSE CVE CVE-2022-1634 page https://www.suse.com/security/cve/CVE-2022-1635/ SUSE CVE CVE-2022-1635 page https://www.suse.com/security/cve/CVE-2022-1636/ SUSE CVE CVE-2022-1636 page https://www.suse.com/security/cve/CVE-2022-1637/ SUSE CVE CVE-2022-1637 page https://www.suse.com/security/cve/CVE-2022-1638/ SUSE CVE CVE-2022-1638 page https://www.suse.com/security/cve/CVE-2022-1639/ SUSE CVE CVE-2022-1639 page https://www.suse.com/security/cve/CVE-2022-1640/ SUSE CVE CVE-2022-1640 page https://www.suse.com/security/cve/CVE-2022-1641/ SUSE CVE CVE-2022-1641 page https://www.suse.com/security/cve/CVE-2022-1853/ SUSE CVE CVE-2022-1853 page https://www.suse.com/security/cve/CVE-2022-1854/ SUSE CVE CVE-2022-1854 page https://www.suse.com/security/cve/CVE-2022-1855/ SUSE CVE CVE-2022-1855 page https://www.suse.com/security/cve/CVE-2022-1856/ SUSE CVE CVE-2022-1856 page https://www.suse.com/security/cve/CVE-2022-1857/ SUSE CVE CVE-2022-1857 page https://www.suse.com/security/cve/CVE-2022-1858/ SUSE CVE CVE-2022-1858 page https://www.suse.com/security/cve/CVE-2022-1859/ SUSE CVE CVE-2022-1859 page https://www.suse.com/security/cve/CVE-2022-1860/ SUSE CVE CVE-2022-1860 page https://www.suse.com/security/cve/CVE-2022-1861/ SUSE CVE CVE-2022-1861 page https://www.suse.com/security/cve/CVE-2022-1862/ SUSE CVE CVE-2022-1862 page https://www.suse.com/security/cve/CVE-2022-1863/ SUSE CVE CVE-2022-1863 page https://www.suse.com/security/cve/CVE-2022-1864/ SUSE CVE CVE-2022-1864 page https://www.suse.com/security/cve/CVE-2022-1865/ SUSE CVE CVE-2022-1865 page https://www.suse.com/security/cve/CVE-2022-1866/ SUSE CVE CVE-2022-1866 page https://www.suse.com/security/cve/CVE-2022-1867/ SUSE CVE CVE-2022-1867 page https://www.suse.com/security/cve/CVE-2022-1868/ SUSE CVE CVE-2022-1868 page https://www.suse.com/security/cve/CVE-2022-1869/ SUSE CVE CVE-2022-1869 page https://www.suse.com/security/cve/CVE-2022-1870/ SUSE CVE CVE-2022-1870 page https://www.suse.com/security/cve/CVE-2022-1871/ SUSE CVE CVE-2022-1871 page https://www.suse.com/security/cve/CVE-2022-1872/ SUSE CVE CVE-2022-1872 page https://www.suse.com/security/cve/CVE-2022-1873/ SUSE CVE CVE-2022-1873 page https://www.suse.com/security/cve/CVE-2022-1874/ SUSE CVE CVE-2022-1874 page https://www.suse.com/security/cve/CVE-2022-1875/ SUSE CVE CVE-2022-1875 page https://www.suse.com/security/cve/CVE-2022-1876/ SUSE CVE CVE-2022-1876 page https://www.suse.com/security/cve/CVE-2022-2007/ SUSE CVE CVE-2022-2007 page https://www.suse.com/security/cve/CVE-2022-2008/ SUSE CVE CVE-2022-2008 page https://www.suse.com/security/cve/CVE-2022-2010/ SUSE CVE CVE-2022-2010 page https://www.suse.com/security/cve/CVE-2022-2011/ SUSE CVE CVE-2022-2011 page https://www.suse.com/security/cve/CVE-2022-2156/ SUSE CVE CVE-2022-2156 page https://www.suse.com/security/cve/CVE-2022-2157/ SUSE CVE CVE-2022-2157 page https://www.suse.com/security/cve/CVE-2022-2158/ SUSE CVE CVE-2022-2158 page https://www.suse.com/security/cve/CVE-2022-2160/ SUSE CVE CVE-2022-2160 page https://www.suse.com/security/cve/CVE-2022-2161/ SUSE CVE CVE-2022-2161 page https://www.suse.com/security/cve/CVE-2022-2162/ SUSE CVE CVE-2022-2162 page https://www.suse.com/security/cve/CVE-2022-2163/ SUSE CVE CVE-2022-2163 page https://www.suse.com/security/cve/CVE-2022-2164/ SUSE CVE CVE-2022-2164 page https://www.suse.com/security/cve/CVE-2022-2165/ SUSE CVE CVE-2022-2165 page https://www.suse.com/security/cve/CVE-2022-2294/ SUSE CVE CVE-2022-2294 page https://www.suse.com/security/cve/CVE-2022-2295/ SUSE CVE CVE-2022-2295 page https://www.suse.com/security/cve/CVE-2022-2296/ SUSE CVE CVE-2022-2296 page https://www.suse.com/security/cve/CVE-2022-2477/ SUSE CVE CVE-2022-2477 page https://www.suse.com/security/cve/CVE-2022-2478/ SUSE CVE CVE-2022-2478 page https://www.suse.com/security/cve/CVE-2022-2479/ SUSE CVE CVE-2022-2479 page https://www.suse.com/security/cve/CVE-2022-2480/ SUSE CVE CVE-2022-2480 page https://www.suse.com/security/cve/CVE-2022-2481/ SUSE CVE CVE-2022-2481 page https://www.suse.com/security/cve/CVE-2022-2603/ SUSE CVE CVE-2022-2603 page https://www.suse.com/security/cve/CVE-2022-2604/ SUSE CVE CVE-2022-2604 page https://www.suse.com/security/cve/CVE-2022-2605/ SUSE CVE CVE-2022-2605 page https://www.suse.com/security/cve/CVE-2022-2606/ SUSE CVE CVE-2022-2606 page https://www.suse.com/security/cve/CVE-2022-2607/ SUSE CVE CVE-2022-2607 page https://www.suse.com/security/cve/CVE-2022-2608/ SUSE CVE CVE-2022-2608 page https://www.suse.com/security/cve/CVE-2022-2609/ SUSE CVE CVE-2022-2609 page https://www.suse.com/security/cve/CVE-2022-2610/ SUSE CVE CVE-2022-2610 page https://www.suse.com/security/cve/CVE-2022-2611/ SUSE CVE CVE-2022-2611 page https://www.suse.com/security/cve/CVE-2022-2612/ SUSE CVE CVE-2022-2612 page https://www.suse.com/security/cve/CVE-2022-2613/ SUSE CVE CVE-2022-2613 page https://www.suse.com/security/cve/CVE-2022-2614/ SUSE CVE CVE-2022-2614 page https://www.suse.com/security/cve/CVE-2022-2615/ SUSE CVE CVE-2022-2615 page https://www.suse.com/security/cve/CVE-2022-2616/ SUSE CVE CVE-2022-2616 page https://www.suse.com/security/cve/CVE-2022-2617/ SUSE CVE CVE-2022-2617 page https://www.suse.com/security/cve/CVE-2022-2618/ SUSE CVE CVE-2022-2618 page https://www.suse.com/security/cve/CVE-2022-2619/ SUSE CVE CVE-2022-2619 page https://www.suse.com/security/cve/CVE-2022-2620/ SUSE CVE CVE-2022-2620 page https://www.suse.com/security/cve/CVE-2022-2621/ SUSE CVE CVE-2022-2621 page https://www.suse.com/security/cve/CVE-2022-2622/ SUSE CVE CVE-2022-2622 page https://www.suse.com/security/cve/CVE-2022-2623/ SUSE CVE CVE-2022-2623 page https://www.suse.com/security/cve/CVE-2022-2624/ SUSE CVE CVE-2022-2624 page https://www.suse.com/security/cve/CVE-2022-2852/ SUSE CVE CVE-2022-2852 page https://www.suse.com/security/cve/CVE-2022-2853/ SUSE CVE CVE-2022-2853 page https://www.suse.com/security/cve/CVE-2022-2854/ SUSE CVE CVE-2022-2854 page https://www.suse.com/security/cve/CVE-2022-2855/ SUSE CVE CVE-2022-2855 page https://www.suse.com/security/cve/CVE-2022-2856/ SUSE CVE CVE-2022-2856 page https://www.suse.com/security/cve/CVE-2022-2857/ SUSE CVE CVE-2022-2857 page https://www.suse.com/security/cve/CVE-2022-2858/ SUSE CVE CVE-2022-2858 page https://www.suse.com/security/cve/CVE-2022-2859/ SUSE CVE CVE-2022-2859 page https://www.suse.com/security/cve/CVE-2022-2860/ SUSE CVE CVE-2022-2860 page https://www.suse.com/security/cve/CVE-2022-2861/ SUSE CVE CVE-2022-2861 page https://www.suse.com/security/cve/CVE-2022-3038/ SUSE CVE CVE-2022-3038 page https://www.suse.com/security/cve/CVE-2022-3039/ SUSE CVE CVE-2022-3039 page https://www.suse.com/security/cve/CVE-2022-3040/ SUSE CVE CVE-2022-3040 page https://www.suse.com/security/cve/CVE-2022-3041/ SUSE CVE CVE-2022-3041 page https://www.suse.com/security/cve/CVE-2022-3042/ SUSE CVE CVE-2022-3042 page https://www.suse.com/security/cve/CVE-2022-3043/ SUSE CVE CVE-2022-3043 page https://www.suse.com/security/cve/CVE-2022-3044/ SUSE CVE CVE-2022-3044 page https://www.suse.com/security/cve/CVE-2022-3045/ SUSE CVE CVE-2022-3045 page https://www.suse.com/security/cve/CVE-2022-3046/ SUSE CVE CVE-2022-3046 page https://www.suse.com/security/cve/CVE-2022-3047/ SUSE CVE CVE-2022-3047 page https://www.suse.com/security/cve/CVE-2022-3048/ SUSE CVE CVE-2022-3048 page https://www.suse.com/security/cve/CVE-2022-3049/ SUSE CVE CVE-2022-3049 page https://www.suse.com/security/cve/CVE-2022-3050/ SUSE CVE CVE-2022-3050 page https://www.suse.com/security/cve/CVE-2022-3051/ SUSE CVE CVE-2022-3051 page https://www.suse.com/security/cve/CVE-2022-3052/ SUSE CVE CVE-2022-3052 page https://www.suse.com/security/cve/CVE-2022-3053/ SUSE CVE CVE-2022-3053 page https://www.suse.com/security/cve/CVE-2022-3054/ SUSE CVE CVE-2022-3054 page https://www.suse.com/security/cve/CVE-2022-3055/ SUSE CVE CVE-2022-3055 page https://www.suse.com/security/cve/CVE-2022-3056/ SUSE CVE CVE-2022-3056 page https://www.suse.com/security/cve/CVE-2022-3057/ SUSE CVE CVE-2022-3057 page https://www.suse.com/security/cve/CVE-2022-3058/ SUSE CVE CVE-2022-3058 page https://www.suse.com/security/cve/CVE-2022-3071/ SUSE CVE CVE-2022-3071 page https://www.suse.com/security/cve/CVE-2022-3075/ SUSE CVE CVE-2022-3075 page https://www.suse.com/security/cve/CVE-2022-3195/ SUSE CVE CVE-2022-3195 page https://www.suse.com/security/cve/CVE-2022-3196/ SUSE CVE CVE-2022-3196 page https://www.suse.com/security/cve/CVE-2022-3197/ SUSE CVE CVE-2022-3197 page https://www.suse.com/security/cve/CVE-2022-3198/ SUSE CVE CVE-2022-3198 page https://www.suse.com/security/cve/CVE-2022-3199/ SUSE CVE CVE-2022-3199 page https://www.suse.com/security/cve/CVE-2022-3200/ SUSE CVE CVE-2022-3200 page https://www.suse.com/security/cve/CVE-2022-3201/ SUSE CVE CVE-2022-3201 page https://www.suse.com/security/cve/CVE-2022-3304/ SUSE CVE CVE-2022-3304 page https://www.suse.com/security/cve/CVE-2022-3305/ SUSE CVE CVE-2022-3305 page https://www.suse.com/security/cve/CVE-2022-3306/ SUSE CVE CVE-2022-3306 page https://www.suse.com/security/cve/CVE-2022-3307/ SUSE CVE CVE-2022-3307 page https://www.suse.com/security/cve/CVE-2022-3308/ SUSE CVE CVE-2022-3308 page https://www.suse.com/security/cve/CVE-2022-3309/ SUSE CVE CVE-2022-3309 page https://www.suse.com/security/cve/CVE-2022-3310/ SUSE CVE CVE-2022-3310 page https://www.suse.com/security/cve/CVE-2022-3311/ SUSE CVE CVE-2022-3311 page https://www.suse.com/security/cve/CVE-2022-3312/ SUSE CVE CVE-2022-3312 page https://www.suse.com/security/cve/CVE-2022-3313/ SUSE CVE CVE-2022-3313 page https://www.suse.com/security/cve/CVE-2022-3314/ SUSE CVE CVE-2022-3314 page https://www.suse.com/security/cve/CVE-2022-3315/ SUSE CVE CVE-2022-3315 page https://www.suse.com/security/cve/CVE-2022-3316/ SUSE CVE CVE-2022-3316 page https://www.suse.com/security/cve/CVE-2022-3317/ SUSE CVE CVE-2022-3317 page https://www.suse.com/security/cve/CVE-2022-3318/ SUSE CVE CVE-2022-3318 page https://www.suse.com/security/cve/CVE-2022-3370/ SUSE CVE CVE-2022-3370 page https://www.suse.com/security/cve/CVE-2022-3373/ SUSE CVE CVE-2022-3373 page https://www.suse.com/security/cve/CVE-2022-3445/ SUSE CVE CVE-2022-3445 page https://www.suse.com/security/cve/CVE-2022-3446/ SUSE CVE CVE-2022-3446 page https://www.suse.com/security/cve/CVE-2022-3447/ SUSE CVE CVE-2022-3447 page https://www.suse.com/security/cve/CVE-2022-3448/ SUSE CVE CVE-2022-3448 page https://www.suse.com/security/cve/CVE-2022-3449/ SUSE CVE CVE-2022-3449 page https://www.suse.com/security/cve/CVE-2022-3450/ SUSE CVE CVE-2022-3450 page https://www.suse.com/security/cve/CVE-2022-3652/ SUSE CVE CVE-2022-3652 page https://www.suse.com/security/cve/CVE-2022-3653/ SUSE CVE CVE-2022-3653 page https://www.suse.com/security/cve/CVE-2022-3654/ SUSE CVE CVE-2022-3654 page https://www.suse.com/security/cve/CVE-2022-3655/ SUSE CVE CVE-2022-3655 page https://www.suse.com/security/cve/CVE-2022-3656/ SUSE CVE CVE-2022-3656 page https://www.suse.com/security/cve/CVE-2022-3657/ SUSE CVE CVE-2022-3657 page https://www.suse.com/security/cve/CVE-2022-3658/ SUSE CVE CVE-2022-3658 page https://www.suse.com/security/cve/CVE-2022-3659/ SUSE CVE CVE-2022-3659 page https://www.suse.com/security/cve/CVE-2022-3660/ SUSE CVE CVE-2022-3660 page https://www.suse.com/security/cve/CVE-2022-3661/ SUSE CVE CVE-2022-3661 page https://www.suse.com/security/cve/CVE-2022-3723/ SUSE CVE CVE-2022-3723 page https://www.suse.com/security/cve/CVE-2022-3885/ SUSE CVE CVE-2022-3885 page https://www.suse.com/security/cve/CVE-2022-3886/ SUSE CVE CVE-2022-3886 page https://www.suse.com/security/cve/CVE-2022-3887/ SUSE CVE CVE-2022-3887 page https://www.suse.com/security/cve/CVE-2022-3888/ SUSE CVE CVE-2022-3888 page https://www.suse.com/security/cve/CVE-2022-3889/ SUSE CVE CVE-2022-3889 page https://www.suse.com/security/cve/CVE-2022-3890/ SUSE CVE CVE-2022-3890 page https://www.suse.com/security/cve/CVE-2022-4135/ SUSE CVE CVE-2022-4135 page https://www.suse.com/security/cve/CVE-2022-4174/ SUSE CVE CVE-2022-4174 page https://www.suse.com/security/cve/CVE-2022-4175/ SUSE CVE CVE-2022-4175 page https://www.suse.com/security/cve/CVE-2022-4176/ SUSE CVE CVE-2022-4176 page https://www.suse.com/security/cve/CVE-2022-4177/ SUSE CVE CVE-2022-4177 page https://www.suse.com/security/cve/CVE-2022-4178/ SUSE CVE CVE-2022-4178 page https://www.suse.com/security/cve/CVE-2022-4179/ SUSE CVE CVE-2022-4179 page https://www.suse.com/security/cve/CVE-2022-4180/ SUSE CVE CVE-2022-4180 page https://www.suse.com/security/cve/CVE-2022-4181/ SUSE CVE CVE-2022-4181 page https://www.suse.com/security/cve/CVE-2022-4182/ SUSE CVE CVE-2022-4182 page https://www.suse.com/security/cve/CVE-2022-4183/ SUSE CVE CVE-2022-4183 page https://www.suse.com/security/cve/CVE-2022-4184/ SUSE CVE CVE-2022-4184 page https://www.suse.com/security/cve/CVE-2022-4185/ SUSE CVE CVE-2022-4185 page https://www.suse.com/security/cve/CVE-2022-4186/ SUSE CVE CVE-2022-4186 page https://www.suse.com/security/cve/CVE-2022-4187/ SUSE CVE CVE-2022-4187 page https://www.suse.com/security/cve/CVE-2022-4188/ SUSE CVE CVE-2022-4188 page https://www.suse.com/security/cve/CVE-2022-4189/ SUSE CVE CVE-2022-4189 page https://www.suse.com/security/cve/CVE-2022-4190/ SUSE CVE CVE-2022-4190 page https://www.suse.com/security/cve/CVE-2022-4191/ SUSE CVE CVE-2022-4191 page https://www.suse.com/security/cve/CVE-2022-4192/ SUSE CVE CVE-2022-4192 page https://www.suse.com/security/cve/CVE-2022-4193/ SUSE CVE CVE-2022-4193 page https://www.suse.com/security/cve/CVE-2022-4194/ SUSE CVE CVE-2022-4194 page https://www.suse.com/security/cve/CVE-2022-4195/ SUSE CVE CVE-2022-4195 page https://www.suse.com/security/cve/CVE-2022-4262/ SUSE CVE CVE-2022-4262 page https://www.suse.com/security/cve/CVE-2022-4436/ SUSE CVE CVE-2022-4436 page https://www.suse.com/security/cve/CVE-2022-4437/ SUSE CVE CVE-2022-4437 page https://www.suse.com/security/cve/CVE-2022-4438/ SUSE CVE CVE-2022-4438 page https://www.suse.com/security/cve/CVE-2022-4439/ SUSE CVE CVE-2022-4439 page https://www.suse.com/security/cve/CVE-2022-4440/ SUSE CVE CVE-2022-4440 page https://www.suse.com/security/cve/CVE-2023-0128/ SUSE CVE CVE-2023-0128 page https://www.suse.com/security/cve/CVE-2023-0129/ SUSE CVE CVE-2023-0129 page https://www.suse.com/security/cve/CVE-2023-0130/ SUSE CVE CVE-2023-0130 page https://www.suse.com/security/cve/CVE-2023-0131/ SUSE CVE CVE-2023-0131 page https://www.suse.com/security/cve/CVE-2023-0132/ SUSE CVE CVE-2023-0132 page https://www.suse.com/security/cve/CVE-2023-0133/ SUSE CVE CVE-2023-0133 page https://www.suse.com/security/cve/CVE-2023-0134/ SUSE CVE CVE-2023-0134 page https://www.suse.com/security/cve/CVE-2023-0135/ SUSE CVE CVE-2023-0135 page https://www.suse.com/security/cve/CVE-2023-0136/ SUSE CVE CVE-2023-0136 page https://www.suse.com/security/cve/CVE-2023-0137/ SUSE CVE CVE-2023-0137 page https://www.suse.com/security/cve/CVE-2023-0138/ SUSE CVE CVE-2023-0138 page https://www.suse.com/security/cve/CVE-2023-0139/ SUSE CVE CVE-2023-0139 page https://www.suse.com/security/cve/CVE-2023-0140/ SUSE CVE CVE-2023-0140 page https://www.suse.com/security/cve/CVE-2023-0141/ SUSE CVE CVE-2023-0141 page https://www.suse.com/security/cve/CVE-2023-0471/ SUSE CVE CVE-2023-0471 page https://www.suse.com/security/cve/CVE-2023-0472/ SUSE CVE CVE-2023-0472 page https://www.suse.com/security/cve/CVE-2023-0473/ SUSE CVE CVE-2023-0473 page https://www.suse.com/security/cve/CVE-2023-0474/ SUSE CVE CVE-2023-0474 page https://www.suse.com/security/cve/CVE-2023-0696/ SUSE CVE CVE-2023-0696 page https://www.suse.com/security/cve/CVE-2023-0697/ SUSE CVE CVE-2023-0697 page https://www.suse.com/security/cve/CVE-2023-0698/ SUSE CVE CVE-2023-0698 page https://www.suse.com/security/cve/CVE-2023-0699/ SUSE CVE CVE-2023-0699 page https://www.suse.com/security/cve/CVE-2023-0700/ SUSE CVE CVE-2023-0700 page https://www.suse.com/security/cve/CVE-2023-0701/ SUSE CVE CVE-2023-0701 page https://www.suse.com/security/cve/CVE-2023-0702/ SUSE CVE CVE-2023-0702 page https://www.suse.com/security/cve/CVE-2023-0703/ SUSE CVE CVE-2023-0703 page https://www.suse.com/security/cve/CVE-2023-0704/ SUSE CVE CVE-2023-0704 page https://www.suse.com/security/cve/CVE-2023-0705/ SUSE CVE CVE-2023-0705 page https://www.suse.com/security/cve/CVE-2023-0927/ SUSE CVE CVE-2023-0927 page https://www.suse.com/security/cve/CVE-2023-0928/ SUSE CVE CVE-2023-0928 page https://www.suse.com/security/cve/CVE-2023-0929/ SUSE CVE CVE-2023-0929 page https://www.suse.com/security/cve/CVE-2023-0930/ SUSE CVE CVE-2023-0930 page https://www.suse.com/security/cve/CVE-2023-0931/ SUSE CVE CVE-2023-0931 page https://www.suse.com/security/cve/CVE-2023-0932/ SUSE CVE CVE-2023-0932 page https://www.suse.com/security/cve/CVE-2023-0933/ SUSE CVE CVE-2023-0933 page https://www.suse.com/security/cve/CVE-2023-0941/ SUSE CVE CVE-2023-0941 page https://www.suse.com/security/cve/CVE-2023-1213/ SUSE CVE CVE-2023-1213 page https://www.suse.com/security/cve/CVE-2023-1214/ SUSE CVE CVE-2023-1214 page https://www.suse.com/security/cve/CVE-2023-1215/ SUSE CVE CVE-2023-1215 page https://www.suse.com/security/cve/CVE-2023-1216/ SUSE CVE CVE-2023-1216 page https://www.suse.com/security/cve/CVE-2023-1217/ SUSE CVE CVE-2023-1217 page https://www.suse.com/security/cve/CVE-2023-1218/ SUSE CVE CVE-2023-1218 page https://www.suse.com/security/cve/CVE-2023-1219/ SUSE CVE CVE-2023-1219 page https://www.suse.com/security/cve/CVE-2023-1220/ SUSE CVE CVE-2023-1220 page https://www.suse.com/security/cve/CVE-2023-1221/ SUSE CVE CVE-2023-1221 page https://www.suse.com/security/cve/CVE-2023-1222/ SUSE CVE CVE-2023-1222 page https://www.suse.com/security/cve/CVE-2023-1223/ SUSE CVE CVE-2023-1223 page https://www.suse.com/security/cve/CVE-2023-1224/ SUSE CVE CVE-2023-1224 page https://www.suse.com/security/cve/CVE-2023-1225/ SUSE CVE CVE-2023-1225 page https://www.suse.com/security/cve/CVE-2023-1226/ SUSE CVE CVE-2023-1226 page https://www.suse.com/security/cve/CVE-2023-1227/ SUSE CVE CVE-2023-1227 page https://www.suse.com/security/cve/CVE-2023-1228/ SUSE CVE CVE-2023-1228 page https://www.suse.com/security/cve/CVE-2023-1229/ SUSE CVE CVE-2023-1229 page https://www.suse.com/security/cve/CVE-2023-1230/ SUSE CVE CVE-2023-1230 page https://www.suse.com/security/cve/CVE-2023-1231/ SUSE CVE CVE-2023-1231 page https://www.suse.com/security/cve/CVE-2023-1232/ SUSE CVE CVE-2023-1232 page https://www.suse.com/security/cve/CVE-2023-1233/ SUSE CVE CVE-2023-1233 page https://www.suse.com/security/cve/CVE-2023-1234/ SUSE CVE CVE-2023-1234 page https://www.suse.com/security/cve/CVE-2023-1235/ SUSE CVE CVE-2023-1235 page https://www.suse.com/security/cve/CVE-2023-1236/ SUSE CVE CVE-2023-1236 page https://www.suse.com/security/cve/CVE-2023-1528/ SUSE CVE CVE-2023-1528 page https://www.suse.com/security/cve/CVE-2023-1529/ SUSE CVE CVE-2023-1529 page https://www.suse.com/security/cve/CVE-2023-1530/ SUSE CVE CVE-2023-1530 page https://www.suse.com/security/cve/CVE-2023-1531/ SUSE CVE CVE-2023-1531 page https://www.suse.com/security/cve/CVE-2023-1532/ SUSE CVE CVE-2023-1532 page https://www.suse.com/security/cve/CVE-2023-1533/ SUSE CVE CVE-2023-1533 page https://www.suse.com/security/cve/CVE-2023-1534/ SUSE CVE CVE-2023-1534 page https://www.suse.com/security/cve/CVE-2023-1810/ SUSE CVE CVE-2023-1810 page https://www.suse.com/security/cve/CVE-2023-1811/ SUSE CVE CVE-2023-1811 page https://www.suse.com/security/cve/CVE-2023-1812/ SUSE CVE CVE-2023-1812 page https://www.suse.com/security/cve/CVE-2023-1813/ SUSE CVE CVE-2023-1813 page https://www.suse.com/security/cve/CVE-2023-1814/ SUSE CVE CVE-2023-1814 page https://www.suse.com/security/cve/CVE-2023-1815/ SUSE CVE CVE-2023-1815 page https://www.suse.com/security/cve/CVE-2023-1816/ SUSE CVE CVE-2023-1816 page https://www.suse.com/security/cve/CVE-2023-1817/ SUSE CVE CVE-2023-1817 page https://www.suse.com/security/cve/CVE-2023-1818/ SUSE CVE CVE-2023-1818 page https://www.suse.com/security/cve/CVE-2023-1819/ SUSE CVE CVE-2023-1819 page https://www.suse.com/security/cve/CVE-2023-1820/ SUSE CVE CVE-2023-1820 page https://www.suse.com/security/cve/CVE-2023-1821/ SUSE CVE CVE-2023-1821 page https://www.suse.com/security/cve/CVE-2023-1822/ SUSE CVE CVE-2023-1822 page https://www.suse.com/security/cve/CVE-2023-1823/ SUSE CVE CVE-2023-1823 page https://www.suse.com/security/cve/CVE-2023-2033/ SUSE CVE CVE-2023-2033 page https://www.suse.com/security/cve/CVE-2023-2133/ SUSE CVE CVE-2023-2133 page https://www.suse.com/security/cve/CVE-2023-2134/ SUSE CVE CVE-2023-2134 page https://www.suse.com/security/cve/CVE-2023-2135/ SUSE CVE CVE-2023-2135 page https://www.suse.com/security/cve/CVE-2023-2136/ SUSE CVE CVE-2023-2136 page https://www.suse.com/security/cve/CVE-2023-2137/ SUSE CVE CVE-2023-2137 page https://www.suse.com/security/cve/CVE-2023-2459/ SUSE CVE CVE-2023-2459 page https://www.suse.com/security/cve/CVE-2023-2460/ SUSE CVE CVE-2023-2460 page https://www.suse.com/security/cve/CVE-2023-2461/ SUSE CVE CVE-2023-2461 page https://www.suse.com/security/cve/CVE-2023-2462/ SUSE CVE CVE-2023-2462 page https://www.suse.com/security/cve/CVE-2023-2463/ SUSE CVE CVE-2023-2463 page https://www.suse.com/security/cve/CVE-2023-2464/ SUSE CVE CVE-2023-2464 page https://www.suse.com/security/cve/CVE-2023-2465/ SUSE CVE CVE-2023-2465 page https://www.suse.com/security/cve/CVE-2023-2466/ SUSE CVE CVE-2023-2466 page https://www.suse.com/security/cve/CVE-2023-2467/ SUSE CVE CVE-2023-2467 page https://www.suse.com/security/cve/CVE-2023-2468/ SUSE CVE CVE-2023-2468 page openSUSE Tumbleweed ungoogled-chromium-113.0.5672.92-1.1 ungoogled-chromium-chromedriver-113.0.5672.92-1.1 ungoogled-chromium-113.0.5672.92-1.1 as a component of openSUSE Tumbleweed ungoogled-chromium-chromedriver-113.0.5672.92-1.1 as a component of openSUSE Tumbleweed Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-3015 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3015.html CVE-2011-3015 https://bugzilla.suse.com/747327 SUSE Bug 747327 Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, related to a "read-after-free" issue. CVE-2011-3016 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3016.html CVE-2011-3016 https://bugzilla.suse.com/747327 SUSE Bug 747327 Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling. CVE-2011-3017 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3017.html CVE-2011-3017 https://bugzilla.suse.com/747327 SUSE Bug 747327 Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering. CVE-2011-3018 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3018.html CVE-2011-3018 https://bugzilla.suse.com/747327 SUSE Bug 747327 Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) file. CVE-2011-3019 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3019.html CVE-2011-3019 https://bugzilla.suse.com/747327 SUSE Bug 747327 Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0.963.56 has unknown impact and remote attack vectors. CVE-2011-3020 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3020.html CVE-2011-3020 https://bugzilla.suse.com/747327 SUSE Bug 747327 Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading. CVE-2011-3021 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3021.html CVE-2011-3021 https://bugzilla.suse.com/747327 SUSE Bug 747327 translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network. CVE-2011-3022 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3022.html CVE-2011-3022 https://bugzilla.suse.com/747327 SUSE Bug 747327 Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to drag-and-drop operations. CVE-2011-3023 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3023.html CVE-2011-3023 https://bugzilla.suse.com/747327 SUSE Bug 747327 Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service (application crash) via an empty X.509 certificate. CVE-2011-3024 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3024.html CVE-2011-3024 https://bugzilla.suse.com/747327 SUSE Bug 747327 Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3025 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3025.html CVE-2011-3025 https://bugzilla.suse.com/747327 SUSE Bug 747327 Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. CVE-2011-3026 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3026.html CVE-2011-3026 https://bugzilla.suse.com/747311 SUSE Bug 747311 https://bugzilla.suse.com/747327 SUSE Bug 747327 https://bugzilla.suse.com/747328 SUSE Bug 747328 https://bugzilla.suse.com/773612 SUSE Bug 773612 https://bugzilla.suse.com/854395 SUSE Bug 854395 Google Chrome before 17.0.963.56 does not properly perform a cast of an unspecified variable during handling of columns, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. CVE-2011-3027 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3027.html CVE-2011-3027 https://bugzilla.suse.com/747327 SUSE Bug 747327 Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-3031 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3031.html CVE-2011-3031 https://bugzilla.suse.com/750407 SUSE Bug 750407 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG values. CVE-2011-3032 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3032.html CVE-2011-3032 https://bugzilla.suse.com/750407 SUSE Bug 750407 Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-3033 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3033.html CVE-2011-3033 https://bugzilla.suse.com/750407 SUSE Bug 750407 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document. CVE-2011-3034 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3034.html CVE-2011-3034 https://bugzilla.suse.com/750407 SUSE Bug 750407 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements. CVE-2011-3035 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3035.html CVE-2011-3035 https://bugzilla.suse.com/750407 SUSE Bug 750407 Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. CVE-2011-3036 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3036.html CVE-2011-3036 https://bugzilla.suse.com/750407 SUSE Bug 750407 Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. CVE-2011-3037 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3037.html CVE-2011-3037 https://bugzilla.suse.com/750407 SUSE Bug 750407 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling. CVE-2011-3038 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3038.html CVE-2011-3038 https://bugzilla.suse.com/750407 SUSE Bug 750407 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling. CVE-2011-3039 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3039.html CVE-2011-3039 https://bugzilla.suse.com/750407 SUSE Bug 750407 Google Chrome before 17.0.963.65 does not properly handle text, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. CVE-2011-3040 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3040.html CVE-2011-3040 https://bugzilla.suse.com/750407 SUSE Bug 750407 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of class attributes. CVE-2011-3041 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3041.html CVE-2011-3041 https://bugzilla.suse.com/750407 SUSE Bug 750407 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections. CVE-2011-3042 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3042.html CVE-2011-3042 https://bugzilla.suse.com/750407 SUSE Bug 750407 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox (aka flexible box) in conjunction with the floating of elements. CVE-2011-3043 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3043.html CVE-2011-3043 https://bugzilla.suse.com/750407 SUSE Bug 750407 Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements. CVE-2011-3044 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3044.html CVE-2011-3044 https://bugzilla.suse.com/750407 SUSE Bug 750407 Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. CVE-2011-3045 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3045.html CVE-2011-3045 https://bugzilla.suse.com/752008 SUSE Bug 752008 https://bugzilla.suse.com/754456 SUSE Bug 754456 The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue. CVE-2011-3046 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3046.html CVE-2011-3046 https://bugzilla.suse.com/751466 SUSE Bug 751466 The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an error in the plug-in loading mechanism. CVE-2011-3047 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3047.html CVE-2011-3047 https://bugzilla.suse.com/751738 SUSE Bug 751738 Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which allows remote attackers to cause a denial of service (disrupted system requests) via a crafted extension. CVE-2011-3049 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3049.html CVE-2011-3049 https://bugzilla.suse.com/754456 SUSE Bug 754456 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. CVE-2011-3050 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3050.html CVE-2011-3050 https://bugzilla.suse.com/754456 SUSE Bug 754456 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function. CVE-2011-3051 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3051.html CVE-2011-3051 https://bugzilla.suse.com/754456 SUSE Bug 754456 The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. CVE-2011-3052 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3052.html CVE-2011-3052 https://bugzilla.suse.com/754456 SUSE Bug 754456 Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting. CVE-2011-3053 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3053.html CVE-2011-3053 https://bugzilla.suse.com/754456 SUSE Bug 754456 The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors. CVE-2011-3054 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3054.html CVE-2011-3054 https://bugzilla.suse.com/754456 SUSE Bug 754456 The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension. CVE-2011-3055 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3055.html CVE-2011-3055 https://bugzilla.suse.com/754456 SUSE Bug 754456 Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe." CVE-2011-3056 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3056.html CVE-2011-3056 https://bugzilla.suse.com/754456 SUSE Bug 754456 Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation. CVE-2011-3057 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3057.html CVE-2011-3057 https://bugzilla.suse.com/754456 SUSE Bug 754456 https://bugzilla.suse.com/754458 SUSE Bug 754458 Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors. CVE-2011-3058 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3058.html CVE-2011-3058 https://bugzilla.suse.com/754458 SUSE Bug 754458 Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3059 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3059.html CVE-2011-3059 https://bugzilla.suse.com/754458 SUSE Bug 754458 Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3060 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3060.html CVE-2011-3060 https://bugzilla.suse.com/754458 SUSE Bug 754458 Google Chrome before 18.0.1025.142 does not properly check X.509 certificates before use of a SPDY proxy, which might allow man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate. CVE-2011-3061 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3061.html CVE-2011-3061 https://bugzilla.suse.com/754458 SUSE Bug 754458 Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file. CVE-2011-3062 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3062.html CVE-2011-3062 https://bugzilla.suse.com/754458 SUSE Bug 754458 https://bugzilla.suse.com/758408 SUSE Bug 758408 Google Chrome before 18.0.1025.142 does not properly validate the renderer's navigation requests, which has unspecified impact and remote attack vectors. CVE-2011-3063 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3063.html CVE-2011-3063 https://bugzilla.suse.com/754458 SUSE Bug 754458 Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping. CVE-2011-3064 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3064.html CVE-2011-3064 https://bugzilla.suse.com/754458 SUSE Bug 754458 Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. CVE-2011-3065 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3065.html CVE-2011-3065 https://bugzilla.suse.com/754458 SUSE Bug 754458 Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3066 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3066.html CVE-2011-3066 Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements. CVE-2011-3067 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3067.html CVE-2011-3067 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes. CVE-2011-3068 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3068.html CVE-2011-3068 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to line boxes. CVE-2011-3069 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3069.html CVE-2011-3069 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Google V8 bindings. CVE-2011-3070 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3070.html CVE-2011-3070 Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-3071 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3071.html CVE-2011-3071 Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows. CVE-2011-3072 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3072.html CVE-2011-3072 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources. CVE-2011-3073 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3073.html CVE-2011-3073 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media. CVE-2011-3074 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3074.html CVE-2011-3074 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands. CVE-2011-3075 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3075.html CVE-2011-3075 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling. CVE-2011-3076 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3076.html CVE-2011-3076 Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the script bindings, related to a "read-after-free" issue. CVE-2011-3077 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3077.html CVE-2011-3077 Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081. CVE-2011-3078 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3078.html CVE-2011-3078 https://bugzilla.suse.com/760264 SUSE Bug 760264 The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors. CVE-2011-3079 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3079.html CVE-2011-3079 https://bugzilla.suse.com/1122983 SUSE Bug 1122983 https://bugzilla.suse.com/760264 SUSE Bug 760264 https://bugzilla.suse.com/930622 SUSE Bug 930622 https://bugzilla.suse.com/986639 SUSE Bug 986639 Race condition in the Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168 allows attackers to bypass intended sandbox restrictions via unspecified vectors. CVE-2011-3080 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3080.html CVE-2011-3080 https://bugzilla.suse.com/760264 SUSE Bug 760264 Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078. CVE-2011-3081 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3081.html CVE-2011-3081 https://bugzilla.suse.com/760264 SUSE Bug 760264 browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0.1084.46 does not properly handle a malformed ftp URL in the SRC attribute of a VIDEO element, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted web page. CVE-2011-3083 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3083.html CVE-2011-3083 https://bugzilla.suse.com/762481 SUSE Bug 762481 Google Chrome before 19.0.1084.46 does not use a dedicated process for the loading of links found on an internal page, which might allow attackers to bypass intended sandbox restrictions via a crafted page. CVE-2011-3084 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3084.html CVE-2011-3084 https://bugzilla.suse.com/762481 SUSE Bug 762481 The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, which allows remote attackers to cause a denial of service (UI corruption) and possibly conduct spoofing attacks via vectors involving long values. CVE-2011-3085 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3085.html CVE-2011-3085 https://bugzilla.suse.com/762481 SUSE Bug 762481 Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a STYLE element. CVE-2011-3086 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3086.html CVE-2011-3086 https://bugzilla.suse.com/762481 SUSE Bug 762481 Google Chrome before 19.0.1084.46 does not properly perform window navigation, which has unspecified impact and remote attack vectors. CVE-2011-3087 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3087.html CVE-2011-3087 https://bugzilla.suse.com/762481 SUSE Bug 762481 Google Chrome before 19.0.1084.46 does not properly draw hairlines, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3088 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3088.html CVE-2011-3088 https://bugzilla.suse.com/762481 SUSE Bug 762481 Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving tables. CVE-2011-3089 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3089.html CVE-2011-3089 https://bugzilla.suse.com/762481 SUSE Bug 762481 Race condition in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker processes. CVE-2011-3090 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3090.html CVE-2011-3090 https://bugzilla.suse.com/762481 SUSE Bug 762481 Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-3091 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3091.html CVE-2011-3091 https://bugzilla.suse.com/762481 SUSE Bug 762481 The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service (invalid write operation) or possibly have unspecified other impact via unknown vectors. CVE-2011-3092 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3092.html CVE-2011-3092 https://bugzilla.suse.com/762481 SUSE Bug 762481 Google Chrome before 19.0.1084.46 does not properly handle glyphs, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3093 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3093.html CVE-2011-3093 https://bugzilla.suse.com/762481 SUSE Bug 762481 Google Chrome before 19.0.1084.46 does not properly handle Tibetan text, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3094 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3094.html CVE-2011-3094 https://bugzilla.suse.com/762481 SUSE Bug 762481 The OGG container in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. CVE-2011-3095 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3095.html CVE-2011-3095 https://bugzilla.suse.com/762481 SUSE Bug 762481 Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an error in the GTK implementation of the omnibox. CVE-2011-3096 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3096.html CVE-2011-3096 https://bugzilla.suse.com/762481 SUSE Bug 762481 Google Chrome before 19.0.1084.46 on Windows uses an incorrect search path for the Windows Media Player plug-in, which might allow local users to gain privileges via a Trojan horse plug-in in an unspecified directory. CVE-2011-3098 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3098.html CVE-2011-3098 https://bugzilla.suse.com/762481 SUSE Bug 762481 Google Chrome before 19.0.1084.46 does not properly draw dash paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3100 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3100.html CVE-2011-3100 https://bugzilla.suse.com/762481 SUSE Bug 762481 Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products. CVE-2011-3101 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3101.html CVE-2011-3101 https://bugzilla.suse.com/762481 SUSE Bug 762481 https://bugzilla.suse.com/765204 SUSE Bug 765204 Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. CVE-2011-3102 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3102.html CVE-2011-3102 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/762481 SUSE Bug 762481 https://bugzilla.suse.com/764538 SUSE Bug 764538 Google Chrome before 16.0.912.63 does not properly perform regex matching, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3903 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3903.html CVE-2011-3903 https://bugzilla.suse.com/736716 SUSE Bug 736716 Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to bidirectional text (aka bidi) handling. CVE-2011-3904 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3904.html CVE-2011-3904 https://bugzilla.suse.com/736716 SUSE Bug 736716 libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3905 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3905.html CVE-2011-3905 https://bugzilla.suse.com/736716 SUSE Bug 736716 The PDF parser in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3906 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3906.html CVE-2011-3906 https://bugzilla.suse.com/736716 SUSE Bug 736716 The view-source feature in Google Chrome before 16.0.912.63 allows remote attackers to spoof the URL bar via unspecified vectors. CVE-2011-3907 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3907.html CVE-2011-3907 https://bugzilla.suse.com/736716 SUSE Bug 736716 Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3908 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3908.html CVE-2011-3908 https://bugzilla.suse.com/736716 SUSE Bug 736716 The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors. CVE-2011-3909 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3909.html CVE-2011-3909 https://bugzilla.suse.com/736716 SUSE Bug 736716 Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3910 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3910.html CVE-2011-3910 https://bugzilla.suse.com/736716 SUSE Bug 736716 Google Chrome before 16.0.912.63 does not properly handle PDF documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3911 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3911.html CVE-2011-3911 https://bugzilla.suse.com/736716 SUSE Bug 736716 Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters. CVE-2011-3912 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3912.html CVE-2011-3912 https://bugzilla.suse.com/736716 SUSE Bug 736716 The internationalization (aka i18n) functionality in Google V8, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. CVE-2011-3914 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3914.html CVE-2011-3914 https://bugzilla.suse.com/736716 SUSE Bug 736716 Buffer overflow in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF fonts. CVE-2011-3915 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3915.html CVE-2011-3915 https://bugzilla.suse.com/736716 SUSE Bug 736716 Google Chrome before 16.0.912.63 does not properly handle PDF cross references, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3916 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3916.html CVE-2011-3916 https://bugzilla.suse.com/736716 SUSE Bug 736716 Stack-based buffer overflow in FileWatcher in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-3917 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3917.html CVE-2011-3917 https://bugzilla.suse.com/736716 SUSE Bug 736716 Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-3919 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3919.html CVE-2011-3919 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/739894 SUSE Bug 739894 https://bugzilla.suse.com/740493 SUSE Bug 740493 Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving animation frames. CVE-2011-3921 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3921.html CVE-2011-3921 https://bugzilla.suse.com/740493 SUSE Bug 740493 Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to glyph handling. CVE-2011-3922 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3922.html CVE-2011-3922 https://bugzilla.suse.com/739904 SUSE Bug 739904 https://bugzilla.suse.com/740493 SUSE Bug 740493 Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections. CVE-2011-3924 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3924.html CVE-2011-3924 https://bugzilla.suse.com/743319 SUSE Bug 743319 Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to a navigation entry and an interstitial page. CVE-2011-3925 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3925.html CVE-2011-3925 https://bugzilla.suse.com/743319 SUSE Bug 743319 Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-3926 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3926.html CVE-2011-3926 https://bugzilla.suse.com/743319 SUSE Bug 743319 Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-3927 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3927.html CVE-2011-3927 https://bugzilla.suse.com/743319 SUSE Bug 743319 Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. CVE-2011-3928 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3928.html CVE-2011-3928 https://bugzilla.suse.com/743319 SUSE Bug 743319 Google Chrome before 17.0.963.46 does not prevent monitoring of the clipboard after a paste event, which has unspecified impact and remote attack vectors. CVE-2011-3953 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3953.html CVE-2011-3953 https://bugzilla.suse.com/747327 SUSE Bug 747327 Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via vectors that trigger a large amount of database usage. CVE-2011-3954 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3954.html CVE-2011-3954 https://bugzilla.suse.com/747327 SUSE Bug 747327 Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that trigger the aborting of an IndexedDB transaction. CVE-2011-3955 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3955.html CVE-2011-3955 https://bugzilla.suse.com/747327 SUSE Bug 747327 The extension implementation in Google Chrome before 17.0.963.46 does not properly handle sandboxed origins, which might allow remote attackers to bypass the Same Origin Policy via a crafted extension. CVE-2011-3956 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3956.html CVE-2011-3956 https://bugzilla.suse.com/747327 SUSE Bug 747327 Use-after-free vulnerability in the garbage-collection functionality in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving PDF documents. CVE-2011-3957 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3957.html CVE-2011-3957 https://bugzilla.suse.com/747327 SUSE Bug 747327 Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. CVE-2011-3958 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3958.html CVE-2011-3958 https://bugzilla.suse.com/747327 SUSE Bug 747327 Buffer overflow in the locale implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2011-3959 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3959.html CVE-2011-3959 https://bugzilla.suse.com/747327 SUSE Bug 747327 Google Chrome before 17.0.963.46 does not properly decode audio data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3960 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3960.html CVE-2011-3960 https://bugzilla.suse.com/747327 SUSE Bug 747327 Race condition in Google Chrome before 17.0.963.46 allows remote attackers to execute arbitrary code via vectors that trigger a crash of a utility process. CVE-2011-3961 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3961.html CVE-2011-3961 https://bugzilla.suse.com/747327 SUSE Bug 747327 Google Chrome before 17.0.963.46 does not properly perform path clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3962 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3962.html CVE-2011-3962 https://bugzilla.suse.com/747327 SUSE Bug 747327 Google Chrome before 17.0.963.46 does not properly handle PDF FAX images, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3963 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3963.html CVE-2011-3963 https://bugzilla.suse.com/747327 SUSE Bug 747327 Google Chrome before 17.0.963.46 does not properly implement the drag-and-drop feature, which makes it easier for remote attackers to spoof the URL bar via unspecified vectors. CVE-2011-3964 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3964.html CVE-2011-3964 https://bugzilla.suse.com/747327 SUSE Bug 747327 Google Chrome before 17.0.963.46 does not properly check signatures, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. CVE-2011-3965 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3965.html CVE-2011-3965 https://bugzilla.suse.com/747327 SUSE Bug 747327 Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data. CVE-2011-3966 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3966.html CVE-2011-3966 https://bugzilla.suse.com/747327 SUSE Bug 747327 Unspecified vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via a crafted certificate. CVE-2011-3967 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3967.html CVE-2011-3967 https://bugzilla.suse.com/747327 SUSE Bug 747327 Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences. CVE-2011-3968 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3968.html CVE-2011-3968 https://bugzilla.suse.com/747327 SUSE Bug 747327 Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents. CVE-2011-3969 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3969.html CVE-2011-3969 https://bugzilla.suse.com/747327 SUSE Bug 747327 libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3970 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3970.html CVE-2011-3970 https://bugzilla.suse.com/746039 SUSE Bug 746039 https://bugzilla.suse.com/747327 SUSE Bug 747327 Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. CVE-2011-3971 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3971.html CVE-2011-3971 https://bugzilla.suse.com/747327 SUSE Bug 747327 The shader translator implementation in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-3972 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2011-3972.html CVE-2011-3972 https://bugzilla.suse.com/747327 SUSE Bug 747327 Use-after-free vulnerability in the XML parser in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2012-1521 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-1521.html CVE-2012-1521 https://bugzilla.suse.com/760264 SUSE Bug 760264 Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2012-2807 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2807.html CVE-2012-2807 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/769181 SUSE Bug 769181 https://bugzilla.suse.com/769184 SUSE Bug 769184 Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain. CVE-2012-2815 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2815.html CVE-2012-2815 https://bugzilla.suse.com/769181 SUSE Bug 769181 Google Chrome before 20.0.1132.43 on Windows does not properly isolate sandboxed processes, which might allow remote attackers to cause a denial of service (process interference) via unspecified vectors. CVE-2012-2816 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2816.html CVE-2012-2816 https://bugzilla.suse.com/769181 SUSE Bug 769181 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to tables that have sections. CVE-2012-2817 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2817.html CVE-2012-2817 https://bugzilla.suse.com/769181 SUSE Bug 769181 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the layout of documents that use the Cascading Style Sheets (CSS) counters feature. CVE-2012-2818 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2818.html CVE-2012-2818 https://bugzilla.suse.com/769181 SUSE Bug 769181 The texSubImage2D implementation in the WebGL subsystem in Google Chrome before 20.0.1132.43 does not properly handle uploads to floating-point textures, which allows remote attackers to cause a denial of service (assertion failure and application crash) or possibly have unspecified other impact via a crafted web page, as demonstrated by certain WebGL performance tests, aka rdar problem 11520387. CVE-2012-2819 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2819.html CVE-2012-2819 https://bugzilla.suse.com/769181 SUSE Bug 769181 Google Chrome before 20.0.1132.43 does not properly implement SVG filters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2012-2820 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2820.html CVE-2012-2820 https://bugzilla.suse.com/769181 SUSE Bug 769181 The autofill implementation in Google Chrome before 20.0.1132.43 does not properly display text, which has unspecified impact and remote attack vectors. CVE-2012-2821 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2821.html CVE-2012-2821 https://bugzilla.suse.com/769181 SUSE Bug 769181 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG resources. CVE-2012-2823 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2823.html CVE-2012-2823 https://bugzilla.suse.com/769181 SUSE Bug 769181 The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors. CVE-2012-2825 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2825.html CVE-2012-2825 https://bugzilla.suse.com/769181 SUSE Bug 769181 https://bugzilla.suse.com/769182 SUSE Bug 769182 https://bugzilla.suse.com/849019 SUSE Bug 849019 Google Chrome before 20.0.1132.43 does not properly implement texture conversion, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2012-2826 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2826.html CVE-2012-2826 https://bugzilla.suse.com/769181 SUSE Bug 769181 Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. CVE-2012-2829 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2829.html CVE-2012-2829 https://bugzilla.suse.com/769181 SUSE Bug 769181 Google Chrome before 20.0.1132.43 does not properly set array values, which allows remote attackers to cause a denial of service (incorrect pointer use) or possibly have unspecified other impact via unknown vectors. CVE-2012-2830 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2830.html CVE-2012-2830 https://bugzilla.suse.com/769181 SUSE Bug 769181 Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG references. CVE-2012-2831 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2831.html CVE-2012-2831 https://bugzilla.suse.com/769181 SUSE Bug 769181 Integer overflow in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted data in the Matroska container format. CVE-2012-2834 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2834.html CVE-2012-2834 https://bugzilla.suse.com/769181 SUSE Bug 769181 Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counter handling. CVE-2012-2842 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2842.html CVE-2012-2842 https://bugzilla.suse.com/770821 SUSE Bug 770821 Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking. CVE-2012-2843 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2843.html CVE-2012-2843 https://bugzilla.suse.com/770821 SUSE Bug 770821 Google Chrome before 21.0.1180.89 does not properly perform line breaking, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. CVE-2012-2865 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2865.html CVE-2012-2865 https://bugzilla.suse.com/778005 SUSE Bug 778005 Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. CVE-2012-2866 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2866.html CVE-2012-2866 https://bugzilla.suse.com/778005 SUSE Bug 778005 The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. CVE-2012-2867 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2867.html CVE-2012-2867 https://bugzilla.suse.com/778005 SUSE Bug 778005 Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object. CVE-2012-2868 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2868.html CVE-2012-2868 https://bugzilla.suse.com/778005 SUSE Bug 778005 Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer." CVE-2012-2869 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2869.html CVE-2012-2869 https://bugzilla.suse.com/778005 SUSE Bug 778005 libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c. CVE-2012-2870 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2870.html CVE-2012-2870 https://bugzilla.suse.com/778005 SUSE Bug 778005 libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. CVE-2012-2871 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2871.html CVE-2012-2871 https://bugzilla.suse.com/1078828 SUSE Bug 1078828 https://bugzilla.suse.com/778005 SUSE Bug 778005 Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CVE-2012-2872 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2872.html CVE-2012-2872 https://bugzilla.suse.com/778005 SUSE Bug 778005 Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2883. CVE-2012-2874 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2874.html CVE-2012-2874 https://bugzilla.suse.com/782257 SUSE Bug 782257 Buffer overflow in the SSE2 optimization functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2012-2876 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2876.html CVE-2012-2876 https://bugzilla.suse.com/782257 SUSE Bug 782257 The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. CVE-2012-2877 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2877.html CVE-2012-2877 https://bugzilla.suse.com/782257 SUSE Bug 782257 Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling. CVE-2012-2878 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2878.html CVE-2012-2878 https://bugzilla.suse.com/782257 SUSE Bug 782257 Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service (DOM topology corruption) via a crafted document. CVE-2012-2879 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2879.html CVE-2012-2879 https://bugzilla.suse.com/782257 SUSE Bug 782257 Race condition in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the plug-in paint buffer. CVE-2012-2880 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2880.html CVE-2012-2880 https://bugzilla.suse.com/782257 SUSE Bug 782257 Google Chrome before 22.0.1229.79 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via unknown vectors. CVE-2012-2881 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2881.html CVE-2012-2881 https://bugzilla.suse.com/782257 SUSE Bug 782257 FFmpeg, as used in Google Chrome before 22.0.1229.79, does not properly handle OGG containers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "wild pointer" issue. CVE-2012-2882 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2882.html CVE-2012-2882 https://bugzilla.suse.com/782257 SUSE Bug 782257 Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation, a different vulnerability than CVE-2012-2874. CVE-2012-2883 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2883.html CVE-2012-2883 https://bugzilla.suse.com/782257 SUSE Bug 782257 Skia, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2012-2884 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2884.html CVE-2012-2884 https://bugzilla.suse.com/782257 SUSE Bug 782257 Double free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to application exit. CVE-2012-2885 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2885.html CVE-2012-2885 https://bugzilla.suse.com/782257 SUSE Bug 782257 Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Google V8 bindings, aka "Universal XSS (UXSS)." CVE-2012-2886 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2886.html CVE-2012-2886 https://bugzilla.suse.com/782257 SUSE Bug 782257 Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving onclick events. CVE-2012-2887 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2887.html CVE-2012-2887 https://bugzilla.suse.com/782257 SUSE Bug 782257 Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG text references. CVE-2012-2888 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2888.html CVE-2012-2888 https://bugzilla.suse.com/782257 SUSE Bug 782257 Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors involving frames, aka "Universal XSS (UXSS)." CVE-2012-2889 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2889.html CVE-2012-2889 https://bugzilla.suse.com/782257 SUSE Bug 782257 The IPC implementation in Google Chrome before 22.0.1229.79 allows attackers to obtain potentially sensitive information about memory addresses via unspecified vectors. CVE-2012-2891 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2891.html CVE-2012-2891 https://bugzilla.suse.com/782257 SUSE Bug 782257 Unspecified vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to bypass the pop-up blocker via unknown vectors. CVE-2012-2892 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2892.html CVE-2012-2892 https://bugzilla.suse.com/782257 SUSE Bug 782257 Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms. CVE-2012-2893 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2893.html CVE-2012-2893 https://bugzilla.suse.com/782257 SUSE Bug 782257 Google Chrome before 22.0.1229.79 does not properly handle graphics-context data structures, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. CVE-2012-2894 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2894.html CVE-2012-2894 https://bugzilla.suse.com/782257 SUSE Bug 782257 Integer overflow in the WebGL implementation in Google Chrome before 22.0.1229.79 on Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2012-2896 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-2896.html CVE-2012-2896 https://bugzilla.suse.com/782257 SUSE Bug 782257 Skia, as used in Google Chrome before 23.0.1271.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2012-5130 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5130.html CVE-2012-5130 https://bugzilla.suse.com/791234 SUSE Bug 791234 Google Chrome before 23.0.1271.91 on Mac OS X does not properly mitigate improper rendering behavior in the Intel GPU driver, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2012-5131 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5131.html CVE-2012-5131 https://bugzilla.suse.com/791234 SUSE Bug 791234 Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service (application crash) via a response with chunked transfer coding. CVE-2012-5132 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5132.html CVE-2012-5132 https://bugzilla.suse.com/791234 SUSE Bug 791234 Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters. CVE-2012-5133 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5133.html CVE-2012-5133 https://bugzilla.suse.com/791234 SUSE Bug 791234 Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document. CVE-2012-5134 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5134.html CVE-2012-5134 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/791234 SUSE Bug 791234 https://bugzilla.suse.com/793334 SUSE Bug 793334 https://bugzilla.suse.com/795039 SUSE Bug 795039 https://bugzilla.suse.com/804033 SUSE Bug 804033 Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing. CVE-2012-5135 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5135.html CVE-2012-5135 https://bugzilla.suse.com/791234 SUSE Bug 791234 Google Chrome before 23.0.1271.91 does not properly perform a cast of an unspecified variable during handling of the INPUT element, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted HTML document. CVE-2012-5136 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5136.html CVE-2012-5136 https://bugzilla.suse.com/791234 SUSE Bug 791234 Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Source API. CVE-2012-5137 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5137.html CVE-2012-5137 Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors. CVE-2012-5138 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5138.html CVE-2012-5138 Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events. CVE-2012-5139 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5139.html CVE-2012-5139 https://bugzilla.suse.com/794075 SUSE Bug 794075 Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader. CVE-2012-5140 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5140.html CVE-2012-5140 https://bugzilla.suse.com/794075 SUSE Bug 794075 Google Chrome before 23.0.1271.97 does not properly restrict instantiation of the Chromoting client plug-in, which has unspecified impact and attack vectors. CVE-2012-5141 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5141.html CVE-2012-5141 https://bugzilla.suse.com/794075 SUSE Bug 794075 Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. CVE-2012-5142 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5142.html CVE-2012-5142 https://bugzilla.suse.com/794075 SUSE Bug 794075 Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers. CVE-2012-5143 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5143.html CVE-2012-5143 https://bugzilla.suse.com/794075 SUSE Bug 794075 Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN." CVE-2012-5144 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5144.html CVE-2012-5144 https://bugzilla.suse.com/794075 SUSE Bug 794075 Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG layout. CVE-2012-5145 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5145.html CVE-2012-5145 https://bugzilla.suse.com/798326 SUSE Bug 798326 Google Chrome before 24.0.1312.52 allows remote attackers to bypass the Same Origin Policy via a malformed URL. CVE-2012-5146 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5146.html CVE-2012-5146 https://bugzilla.suse.com/798326 SUSE Bug 798326 Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. CVE-2012-5147 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5147.html CVE-2012-5147 https://bugzilla.suse.com/798326 SUSE Bug 798326 The hyphenation functionality in Google Chrome before 24.0.1312.52 does not properly validate file names, which has unspecified impact and attack vectors. CVE-2012-5148 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5148.html CVE-2012-5148 https://bugzilla.suse.com/798326 SUSE Bug 798326 Integer overflow in the audio IPC layer in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2012-5149 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5149.html CVE-2012-5149 https://bugzilla.suse.com/798326 SUSE Bug 798326 Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving seek operations on video data. CVE-2012-5150 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5150.html CVE-2012-5150 https://bugzilla.suse.com/798326 SUSE Bug 798326 Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving seek operations on video data. CVE-2012-5152 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5152.html CVE-2012-5152 https://bugzilla.suse.com/798326 SUSE Bug 798326 Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to stack memory. CVE-2012-5153 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5153.html CVE-2012-5153 https://bugzilla.suse.com/798326 SUSE Bug 798326 Integer overflow in Google Chrome before 24.0.1312.52 on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to allocation of shared memory. CVE-2012-5154 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2012-5154.html CVE-2012-5154 https://bugzilla.suse.com/798326 SUSE Bug 798326 The IPC layer in Google Chrome before 24.0.1312.52 on Windows omits a NUL character required for termination of an unspecified data structure, which has unknown impact and attack vectors. CVE-2013-0830 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0830.html CVE-2013-0830 https://bugzilla.suse.com/798326 SUSE Bug 798326 Directory traversal vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to have an unspecified impact by leveraging access to an extension process. CVE-2013-0831 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0831.html CVE-2013-0831 https://bugzilla.suse.com/798326 SUSE Bug 798326 Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to printing. CVE-2013-0832 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0832.html CVE-2013-0832 https://bugzilla.suse.com/798326 SUSE Bug 798326 Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to printing. CVE-2013-0833 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0833.html CVE-2013-0833 https://bugzilla.suse.com/798326 SUSE Bug 798326 Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving glyphs. CVE-2013-0834 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0834.html CVE-2013-0834 https://bugzilla.suse.com/798326 SUSE Bug 798326 Unspecified vulnerability in the Geolocation implementation in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (application crash) via unknown vectors. CVE-2013-0835 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0835.html CVE-2013-0835 https://bugzilla.suse.com/798326 SUSE Bug 798326 Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, does not properly implement garbage collection, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code. CVE-2013-0836 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0836.html CVE-2013-0836 https://bugzilla.suse.com/798326 SUSE Bug 798326 Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of extension tabs. CVE-2013-0837 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0837.html CVE-2013-0837 https://bugzilla.suse.com/798326 SUSE Bug 798326 Google Chrome before 24.0.1312.52 on Linux uses weak permissions for shared memory segments, which has unspecified impact and attack vectors. CVE-2013-0838 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0838.html CVE-2013-0838 https://bugzilla.suse.com/798326 SUSE Bug 798326 Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly implement web audio nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. CVE-2013-0879 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0879.html CVE-2013-0879 https://bugzilla.suse.com/804986 SUSE Bug 804986 Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to databases. CVE-2013-0880 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0880.html CVE-2013-0880 https://bugzilla.suse.com/804986 SUSE Bug 804986 Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect read operation) via crafted data in the Matroska container format. CVE-2013-0881 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0881.html CVE-2013-0881 https://bugzilla.suse.com/804986 SUSE Bug 804986 Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via a large number of SVG parameters. CVE-2013-0882 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0882.html CVE-2013-0882 https://bugzilla.suse.com/804986 SUSE Bug 804986 Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors. CVE-2013-0883 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0883.html CVE-2013-0883 https://bugzilla.suse.com/804986 SUSE Bug 804986 Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly load Native Client (aka NaCl) code, which has unspecified impact and attack vectors. CVE-2013-0884 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0884.html CVE-2013-0884 https://bugzilla.suse.com/804986 SUSE Bug 804986 Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict API privileges during interaction with the Chrome Web Store, which has unspecified impact and attack vectors. CVE-2013-0885 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0885.html CVE-2013-0885 https://bugzilla.suse.com/804986 SUSE Bug 804986 Google Chrome before 25.0.1364.99 on Mac OS X does not properly implement signal handling for Native Client (aka NaCl) code, which has unspecified impact and attack vectors. CVE-2013-0886 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0886.html CVE-2013-0886 https://bugzilla.suse.com/804986 SUSE Bug 804986 The developer-tools process in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict privileges during interaction with a connected server, which has unspecified impact and attack vectors. CVE-2013-0887 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0887.html CVE-2013-0887 https://bugzilla.suse.com/804986 SUSE Bug 804986 Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a "user gesture check for dangerous file downloads." CVE-2013-0888 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0888.html CVE-2013-0888 https://bugzilla.suse.com/804986 SUSE Bug 804986 Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly enforce a user gesture requirement before proceeding with a file download, which might make it easier for remote attackers to execute arbitrary code via a crafted file. CVE-2013-0889 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0889.html CVE-2013-0889 https://bugzilla.suse.com/804986 SUSE Bug 804986 Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors. CVE-2013-0890 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0890.html CVE-2013-0890 https://bugzilla.suse.com/804986 SUSE Bug 804986 Integer overflow in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a blob. CVE-2013-0891 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0891.html CVE-2013-0891 https://bugzilla.suse.com/804986 SUSE Bug 804986 Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2013-0892 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0892.html CVE-2013-0892 https://bugzilla.suse.com/804986 SUSE Bug 804986 Race condition in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to media. CVE-2013-0893 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0893.html CVE-2013-0893 https://bugzilla.suse.com/804986 SUSE Bug 804986 Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size. CVE-2013-0894 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0894.html CVE-2013-0894 https://bugzilla.suse.com/804986 SUSE Bug 804986 Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly handle pathnames during copy operations, which might make it easier for remote attackers to execute arbitrary programs via unspecified vectors. CVE-2013-0895 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0895.html CVE-2013-0895 https://bugzilla.suse.com/804986 SUSE Bug 804986 Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly manage memory during message handling for plug-ins, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2013-0896 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0896.html CVE-2013-0896 https://bugzilla.suse.com/804986 SUSE Bug 804986 Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service via a crafted document. CVE-2013-0897 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0897.html CVE-2013-0897 https://bugzilla.suse.com/804986 SUSE Bug 804986 Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a URL. CVE-2013-0898 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0898.html CVE-2013-0898 https://bugzilla.suse.com/804986 SUSE Bug 804986 Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet. CVE-2013-0899 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0899.html CVE-2013-0899 https://bugzilla.suse.com/804986 SUSE Bug 804986 https://bugzilla.suse.com/830356 SUSE Bug 830356 Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2013-0900 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-0900.html CVE-2013-0900 https://bugzilla.suse.com/804986 SUSE Bug 804986 Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2013-2838 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2838.html CVE-2013-2838 https://bugzilla.suse.com/821601 SUSE Bug 821601 Multiple race conditions in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to threading in core/html/HTMLMediaElement.cpp, core/platform/audio/AudioDSPKernelProcessor.cpp, core/platform/audio/HRTFElevation.cpp, and modules/webaudio/ConvolverNode.cpp. CVE-2013-2906 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2906.html CVE-2013-2906 https://bugzilla.suse.com/844084 SUSE Bug 844084 The Window.prototype object implementation in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2013-2907 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2907.html CVE-2013-2907 https://bugzilla.suse.com/844084 SUSE Bug 844084 Google Chrome before 30.0.1599.66 uses incorrect function calls to determine the values of NavigationEntry objects, which allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code. CVE-2013-2908 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2908.html CVE-2013-2908 https://bugzilla.suse.com/844084 SUSE Bug 844084 Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to inline-block rendering for bidirectional Unicode text in an element isolated from its siblings. CVE-2013-2909 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2909.html CVE-2013-2909 https://bugzilla.suse.com/844084 SUSE Bug 844084 Use-after-free vulnerability in modules/webaudio/AudioScheduledSourceNode.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2013-2910 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2910.html CVE-2013-2910 https://bugzilla.suse.com/844084 SUSE Bug 844084 Use-after-free vulnerability in the XSLStyleSheet::compileStyleSheet function in core/xml/XSLStyleSheetLibxslt.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of post-failure recompilation in unspecified libxslt versions. CVE-2013-2911 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2911.html CVE-2013-2911 https://bugzilla.suse.com/844084 SUSE Bug 844084 Use-after-free vulnerability in the PepperInProcessRouter::SendToHost function in content/renderer/pepper/pepper_in_process_router.cc in the Pepper Plug-in API (PPAPI) in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a resource-destruction message. CVE-2013-2912 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2912.html CVE-2013-2912 https://bugzilla.suse.com/844084 SUSE Bug 844084 Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumentParser.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an XML document. CVE-2013-2913 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2913.html CVE-2013-2913 https://bugzilla.suse.com/844084 SUSE Bug 844084 Use-after-free vulnerability in the color-chooser dialog in Google Chrome before 30.0.1599.66 on Windows allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to color_chooser_dialog.cc and color_chooser_win.cc in browser/ui/views/. CVE-2013-2914 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2914.html CVE-2013-2914 https://bugzilla.suse.com/844084 SUSE Bug 844084 Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote attackers to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL. CVE-2013-2915 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2915.html CVE-2013-2915 https://bugzilla.suse.com/844084 SUSE Bug 844084 Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code, in conjunction with a delay in notifying the user of an attempted spoof. CVE-2013-2916 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2916.html CVE-2013-2916 https://bugzilla.suse.com/844084 SUSE Bug 844084 The ReverbConvolverStage::ReverbConvolverStage function in core/platform/audio/ReverbConvolverStage.cpp in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the impulseResponse array. CVE-2013-2917 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2917.html CVE-2013-2917 https://bugzilla.suse.com/844084 SUSE Bug 844084 Use-after-free vulnerability in the RenderBlock::collapseAnonymousBlockChild function in core/rendering/RenderBlock.cpp in the DOM implementation in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect handling of parent-child relationships for anonymous blocks. CVE-2013-2918 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2918.html CVE-2013-2918 https://bugzilla.suse.com/844084 SUSE Bug 844084 Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. CVE-2013-2919 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2919.html CVE-2013-2919 https://bugzilla.suse.com/844084 SUSE Bug 844084 The DoResolveRelativeHost function in url/url_canon_relative.cc in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via a relative URL containing a hostname, as demonstrated by a protocol-relative URL beginning with a //www.google.com/ substring. CVE-2013-2920 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2920.html CVE-2013-2920 https://bugzilla.suse.com/844084 SUSE Bug 844084 Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFetcher.cpp in the resource loader in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering certain callback processing during the reporting of a resource entry. CVE-2013-2921 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2921.html CVE-2013-2921 https://bugzilla.suse.com/844084 SUSE Bug 844084 Use-after-free vulnerability in core/html/HTMLTemplateElement.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that operates on a TEMPLATE element. CVE-2013-2922 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2922.html CVE-2013-2922 https://bugzilla.suse.com/844084 SUSE Bug 844084 Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.66 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2013-2923 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2923.html CVE-2013-2923 https://bugzilla.suse.com/844084 SUSE Bug 844084 Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2013-2924 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2924.html CVE-2013-2924 https://bugzilla.suse.com/844084 SUSE Bug 844084 Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger multiple conflicting uses of the same XMLHttpRequest object. CVE-2013-2925 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2925.html CVE-2013-2925 https://bugzilla.suse.com/846444 SUSE Bug 846444 Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to list elements. CVE-2013-2926 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2926.html CVE-2013-2926 https://bugzilla.suse.com/846444 SUSE Bug 846444 https://bugzilla.suse.com/871792 SUSE Bug 871792 Use-after-free vulnerability in the HTMLFormElement::prepareForSubmission function in core/html/HTMLFormElement.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to submission for FORM elements. CVE-2013-2927 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2927.html CVE-2013-2927 https://bugzilla.suse.com/846444 SUSE Bug 846444 https://bugzilla.suse.com/879607 SUSE Bug 879607 Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2013-2928 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2928.html CVE-2013-2928 https://bugzilla.suse.com/846444 SUSE Bug 846444 https://bugzilla.suse.com/871792 SUSE Bug 871792 Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.48 allow attackers to execute arbitrary code or possibly have other impact via unknown vectors. CVE-2013-2931 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2931.html CVE-2013-2931 https://bugzilla.suse.com/850430 SUSE Bug 850430 Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element. CVE-2013-6621 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6621.html CVE-2013-6621 https://bugzilla.suse.com/850430 SUSE Bug 850430 Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the movement of a media element between documents. CVE-2013-6622 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6622.html CVE-2013-6622 https://bugzilla.suse.com/850430 SUSE Bug 850430 The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout. CVE-2013-6623 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6623.html CVE-2013-6623 https://bugzilla.suse.com/850430 SUSE Bug 850430 Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the string values of id attributes. CVE-2013-6624 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6624.html CVE-2013-6624 https://bugzilla.suse.com/850430 SUSE Bug 850430 Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM range objects in circumstances that require child node removal after a (1) mutation or (2) blur event. CVE-2013-6625 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6625.html CVE-2013-6625 https://bugzilla.suse.com/850430 SUSE Bug 850430 https://bugzilla.suse.com/871792 SUSE Bug 871792 The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning, which allows remote attackers to spoof the address bar via a crafted web site. CVE-2013-6626 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6626.html CVE-2013-6626 https://bugzilla.suse.com/850430 SUSE Bug 850430 net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response. CVE-2013-6627 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6627.html CVE-2013-6627 https://bugzilla.suse.com/850430 SUSE Bug 850430 net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trust relationships by renegotiating a session. CVE-2013-6628 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6628.html CVE-2013-6628 https://bugzilla.suse.com/850430 SUSE Bug 850430 The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. CVE-2013-6629 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate 5.8 AV:N/AC:M/Au:N/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6629.html CVE-2013-6629 https://bugzilla.suse.com/850430 SUSE Bug 850430 https://bugzilla.suse.com/873872 SUSE Bug 873872 https://bugzilla.suse.com/873873 SUSE Bug 873873 https://bugzilla.suse.com/877429 SUSE Bug 877429 https://bugzilla.suse.com/877430 SUSE Bug 877430 https://bugzilla.suse.com/880246 SUSE Bug 880246 The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. CVE-2013-6630 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6630.html CVE-2013-6630 https://bugzilla.suse.com/850430 SUSE Bug 850430 Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger the absence of certain statistics initialization, leading to the skipping of a required DeRegisterExternalTransport call. CVE-2013-6631 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6631.html CVE-2013-6631 https://bugzilla.suse.com/850430 SUSE Bug 850430 Integer overflow in Google Chrome before 31.0.1650.57 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013. CVE-2013-6632 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6632.html CVE-2013-6632 https://bugzilla.suse.com/850430 SUSE Bug 850430 The OneClickSigninHelper::ShowInfoBarIfPossible function in browser/ui/sync/one_click_signin_helper.cc in Google Chrome before 31.0.1650.63 uses an incorrect URL during realm validation, which allows remote attackers to conduct session fixation attacks and hijack web sessions by triggering improper sync after a 302 (aka Found) HTTP status code. CVE-2013-6634 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6634.html CVE-2013-6634 https://bugzilla.suse.com/854472 SUSE Bug 854472 Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers removal of a node during processing of the DOM tree, related to CompositeEditCommand.cpp and ReplaceSelectionCommand.cpp. CVE-2013-6635 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6635.html CVE-2013-6635 https://bugzilla.suse.com/854472 SUSE Bug 854472 The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the address bar via vectors involving the document.write method. CVE-2013-6636 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6636.html CVE-2013-6636 https://bugzilla.suse.com/854472 SUSE Bug 854472 Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2013-6637 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6637.html CVE-2013-6637 https://bugzilla.suse.com/854472 SUSE Bug 854472 Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large typed array, related to the (1) Runtime_TypedArrayInitialize and (2) Runtime_TypedArrayInitializeFromArrayLike functions. CVE-2013-6638 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6638.html CVE-2013-6638 https://bugzilla.suse.com/854473 SUSE Bug 854473 The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via JavaScript code that sets the value of an array element with a crafted index. CVE-2013-6639 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6639.html CVE-2013-6639 https://bugzilla.suse.com/854473 SUSE Bug 854473 The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service (out-of-bounds read) via JavaScript code that sets a variable to the value of an array element with a crafted index. CVE-2013-6640 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6640.html CVE-2013-6640 https://bugzilla.suse.com/854473 SUSE Bug 854473 Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of the past names map of a FORM element. CVE-2013-6641 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6641.html CVE-2013-6641 https://bugzilla.suse.com/861013 SUSE Bug 861013 The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows attackers to trigger a sync with an arbitrary Google account by leveraging improper handling of the closing of an untrusted signin confirm dialog. CVE-2013-6643 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6643.html CVE-2013-6643 https://bugzilla.suse.com/861013 SUSE Bug 861013 Multiple unspecified vulnerabilities in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2013-6644 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6644.html CVE-2013-6644 https://bugzilla.suse.com/861013 SUSE Bug 861013 Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/web_contents/web_contents_view_aura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving certain print-preview and tab-switch actions that interact with a speech input element. CVE-2013-6645 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6645.html CVE-2013-6645 https://bugzilla.suse.com/861013 SUSE Bug 861013 Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the shutting down of a worker process. CVE-2013-6646 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6646.html CVE-2013-6646 https://bugzilla.suse.com/861013 SUSE Bug 861013 Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a zero-size SVG image. CVE-2013-6649 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6649.html CVE-2013-6649 https://bugzilla.suse.com/861013 SUSE Bug 861013 The StoreBuffer::ExemptPopularPages function in store-buffer.cc in Google V8 before 3.22.24.16, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors that trigger incorrect handling of "popular pages." CVE-2013-6650 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6650.html CVE-2013-6650 https://bugzilla.suse.com/861013 SUSE Bug 861013 Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attempted conflicting access to the color chooser. CVE-2013-6653 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6653.html CVE-2013-6653 https://bugzilla.suse.com/865500 SUSE Bug 865500 The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which allows remote attackers to cause a denial of service (incorrect cast) or possibly have unspecified other impact via unknown vectors. CVE-2013-6654 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6654.html CVE-2013-6654 https://bugzilla.suse.com/865500 SUSE Bug 865500 Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper handling of overflowchanged DOM events during interaction between JavaScript and layout. CVE-2013-6655 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6655.html CVE-2013-6655 https://bugzilla.suse.com/865500 SUSE Bug 865500 The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote attackers to obtain sensitive information via unspecified vectors. CVE-2013-6656 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6656.html CVE-2013-6656 https://bugzilla.suse.com/865500 SUSE Bug 865500 core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. CVE-2013-6657 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6657.html CVE-2013-6657 https://bugzilla.suse.com/865500 SUSE Bug 865500 Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving (1) running JavaScript code during execution of the updateWidgetPositions function or (2) making a call into a plugin during execution of the updateWidgetPositions function. CVE-2013-6658 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6658.html CVE-2013-6658 https://bugzilla.suse.com/865500 SUSE Bug 865500 The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to trigger use of a new certificate chain, inconsistent with the user's expectations, by initiating a TLS renegotiation. CVE-2013-6659 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6659.html CVE-2013-6659 https://bugzilla.suse.com/865500 SUSE Bug 865500 The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathnames via a crafted web site. CVE-2013-6660 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6660.html CVE-2013-6660 https://bugzilla.suse.com/865500 SUSE Bug 865500 Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknown vectors. CVE-2013-6661 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-6661.html CVE-2013-6661 https://bugzilla.suse.com/865500 SUSE Bug 865500 Double free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allows attackers to execute arbitrary code via unspecified vectors. CVE-2014-0574 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-0574.html CVE-2014-0574 https://bugzilla.suse.com/905032 SUSE Bug 905032 Use-after-free vulnerability in modules/speech/SpeechSynthesis.cpp in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of a certain utterance data structure. CVE-2014-1700 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1700.html CVE-2014-1700 https://bugzilla.suse.com/866959 SUSE Bug 866959 The GenerateFunction function in bindings/scripts/code_generator_v8.pm in Blink, as used in Google Chrome before 33.0.1750.149, does not implement a certain cross-origin restriction for the EventTarget::dispatchEvent function, which allows remote attackers to conduct Universal XSS (UXSS) attacks via vectors involving events. CVE-2014-1701 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1701.html CVE-2014-1701 https://bugzilla.suse.com/866959 SUSE Bug 866959 Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThread function in modules/webdatabase/DatabaseThread.cpp in the web database implementation in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of scheduled tasks during shutdown of a thread. CVE-2014-1702 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1702.html CVE-2014-1702 https://bugzilla.suse.com/866959 SUSE Bug 866959 Use-after-free vulnerability in the WebSocketDispatcherHost::SendOrDrop function in content/browser/renderer_host/websocket_dispatcher_host.cc in the Web Sockets implementation in Google Chrome before 33.0.1750.149 might allow remote attackers to bypass the sandbox protection mechanism by leveraging an incorrect deletion in a certain failure case. CVE-2014-1703 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1703.html CVE-2014-1703 https://bugzilla.suse.com/866959 SUSE Bug 866959 Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2014-1704 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1704.html CVE-2014-1704 https://bugzilla.suse.com/866959 SUSE Bug 866959 https://bugzilla.suse.com/868707 SUSE Bug 868707 Google V8, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. CVE-2014-1705 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1705.html CVE-2014-1705 https://bugzilla.suse.com/866959 SUSE Bug 866959 https://bugzilla.suse.com/868707 SUSE Bug 868707 Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value. CVE-2014-1713 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1713.html CVE-2014-1713 https://bugzilla.suse.com/866959 SUSE Bug 866959 https://bugzilla.suse.com/871792 SUSE Bug 871792 The ScopedClipboardWriter::WritePickledData function in ui/base/clipboard/scoped_clipboard_writer.cc in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows does not verify a certain format value, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the clipboard. CVE-2014-1714 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1714.html CVE-2014-1714 https://bugzilla.suse.com/866959 SUSE Bug 866959 Directory traversal vulnerability in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows has unspecified impact and attack vectors. CVE-2014-1715 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1715.html CVE-2014-1715 https://bugzilla.suse.com/866959 SUSE Bug 866959 Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." CVE-2014-1716 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1716.html CVE-2014-1716 https://bugzilla.suse.com/872805 SUSE Bug 872805 Google V8, as used in Google Chrome before 34.0.1847.116, does not properly use numeric casts during handling of typed arrays, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. CVE-2014-1717 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1717.html CVE-2014-1717 https://bugzilla.suse.com/872805 SUSE Bug 872805 Integer overflow in the SoftwareFrameManager::SwapToNewFrame function in content/browser/renderer_host/software_frame_manager.cc in the software compositor in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted mapping of a large amount of renderer memory. CVE-2014-1718 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1718.html CVE-2014-1718 https://bugzilla.suse.com/872805 SUSE Bug 872805 Use-after-free vulnerability in the WebSharedWorkerStub::OnTerminateWorkerContext function in content/worker/websharedworker_stub.cc in the Web Workers implementation in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger a SharedWorker termination during script loading. CVE-2014-1719 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1719.html CVE-2014-1719 https://bugzilla.suse.com/872805 SUSE Bug 872805 Use-after-free vulnerability in the HTMLBodyElement::insertedInto function in core/html/HTMLBodyElement.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attributes. CVE-2014-1720 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1720.html CVE-2014-1720 https://bugzilla.suse.com/872805 SUSE Bug 872805 Google V8, as used in Google Chrome before 34.0.1847.116, does not properly implement lazy deoptimization, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by improper handling of a heap allocation of a number outside the Small Integer (aka smi) range. CVE-2014-1721 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1721.html CVE-2014-1721 https://bugzilla.suse.com/872805 SUSE Bug 872805 Use-after-free vulnerability in the RenderBlock::addChildIgnoringAnonymousColumnBlocks function in core/rendering/RenderBlock.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving addition of a child node. CVE-2014-1722 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1722.html CVE-2014-1722 https://bugzilla.suse.com/872805 SUSE Bug 872805 The UnescapeURLWithOffsetsImpl function in net/base/escape.cc in Google Chrome before 34.0.1847.116 does not properly handle bidirectional Internationalized Resource Identifiers (IRIs), which makes it easier for remote attackers to spoof URLs via crafted use of right-to-left (RTL) Unicode text. CVE-2014-1723 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1723.html CVE-2014-1723 https://bugzilla.suse.com/872805 SUSE Bug 872805 Use-after-free vulnerability in Free(b)soft Laboratory Speech Dispatcher 0.7.1, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service (application hang) or possibly have unspecified other impact via a text-to-speech request. CVE-2014-1724 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1724.html CVE-2014-1724 https://bugzilla.suse.com/872805 SUSE Bug 872805 The base64DecodeInternal function in wtf/text/Base64.cpp in Blink, as used in Google Chrome before 34.0.1847.116, does not properly handle string data composed exclusively of whitespace characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via a window.atob method call. CVE-2014-1725 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1725.html CVE-2014-1725 https://bugzilla.suse.com/872805 SUSE Bug 872805 The drag implementation in Google Chrome before 34.0.1847.116 allows user-assisted remote attackers to bypass the Same Origin Policy and forge local pathnames by leveraging renderer access. CVE-2014-1726 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1726.html CVE-2014-1726 https://bugzilla.suse.com/872805 SUSE Bug 872805 Use-after-free vulnerability in content/renderer/renderer_webcolorchooser_impl.h in Google Chrome before 34.0.1847.116 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to forms. CVE-2014-1727 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1727.html CVE-2014-1727 https://bugzilla.suse.com/872805 SUSE Bug 872805 Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2014-1728 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1728.html CVE-2014-1728 https://bugzilla.suse.com/872805 SUSE Bug 872805 Multiple unspecified vulnerabilities in Google V8 before 3.24.35.22, as used in Google Chrome before 34.0.1847.116, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2014-1729 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1729.html CVE-2014-1729 https://bugzilla.suse.com/872805 SUSE Bug 872805 Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly store internationalization metadata, which allows remote attackers to bypass intended access restrictions by leveraging "type confusion" and reading property values, related to i18n.js and runtime.cc. CVE-2014-1730 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1730.html CVE-2014-1730 https://bugzilla.suse.com/875408 SUSE Bug 875408 core/html/HTMLSelectElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly check renderer state upon a focus event, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion" for SELECT elements. CVE-2014-1731 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1731.html CVE-2014-1731 https://bugzilla.suse.com/875408 SUSE Bug 875408 https://bugzilla.suse.com/879607 SUSE Bug 879607 Use-after-free vulnerability in browser/ui/views/speech_recognition_bubble_views.cc in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact via an INPUT element that triggers the presence of a Speech Recognition Bubble window for an incorrect duration. CVE-2014-1732 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1732.html CVE-2014-1732 https://bugzilla.suse.com/875408 SUSE Bug 875408 The PointerCompare function in codegen.cc in Seccomp-BPF, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, does not properly merge blocks, which might allow remote attackers to bypass intended sandbox restrictions by leveraging renderer access. CVE-2014-1733 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1733.html CVE-2014-1733 https://bugzilla.suse.com/875408 SUSE Bug 875408 Multiple unspecified vulnerabilities in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2014-1734 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1734.html CVE-2014-1734 https://bugzilla.suse.com/875408 SUSE Bug 875408 Multiple unspecified vulnerabilities in Google V8 before 3.24.35.33, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2014-1735 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1735.html CVE-2014-1735 https://bugzilla.suse.com/875408 SUSE Bug 875408 Multiple use-after-free vulnerabilities in net/websockets/websocket_job.cc in the WebSockets implementation in Google Chrome before 34.0.1847.137 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to WebSocketJob deletion. CVE-2014-1740 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1740.html CVE-2014-1740 https://bugzilla.suse.com/877768 SUSE Bug 877768 Multiple integer overflows in the replace-data functionality in the CharacterData interface implementation in core/dom/CharacterData.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to ranges. CVE-2014-1741 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1741.html CVE-2014-1741 Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling. CVE-2014-1742 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1742.html CVE-2014-1742 https://bugzilla.suse.com/877768 SUSE Bug 877768 Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers tree mutation. CVE-2014-1743 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1743.html CVE-2014-1743 Integer overflow in the AudioInputRendererHost::OnCreateStream function in content/browser/renderer_host/media/audio_input_renderer_host.cc in Google Chrome before 35.0.1916.114 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a large shared-memory allocation. CVE-2014-1744 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1744.html CVE-2014-1744 Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp. CVE-2014-1745 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1745.html CVE-2014-1745 https://bugzilla.suse.com/1219604 SUSE Bug 1219604 The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_protocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attackers to cause a denial of service (out-of-bounds read) via vectors that trigger use of a large buffer. CVE-2014-1746 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1746.html CVE-2014-1746 Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS (UXSS)." CVE-2014-1747 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1747.html CVE-2014-1747 The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame. CVE-2014-1748 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1748.html CVE-2014-1748 https://bugzilla.suse.com/909707 SUSE Bug 909707 https://bugzilla.suse.com/971460 SUSE Bug 971460 Multiple unspecified vulnerabilities in Google Chrome before 35.0.1916.114 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2014-1749 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1749.html CVE-2014-1749 Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a negative key value. CVE-2014-3152 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3152.html CVE-2014-3152 Use-after-free vulnerability in the ChildThread::Shutdown function in content/child/child_thread.cc in the filesystem API in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to a Blink shutdown. CVE-2014-3154 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3154.html CVE-2014-3154 https://bugzilla.suse.com/882267 SUSE Bug 882267 net/spdy/spdy_write_queue.cc in the SPDY implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging incorrect queue maintenance. CVE-2014-3155 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3155.html CVE-2014-3155 https://bugzilla.suse.com/882263 SUSE Bug 882263 Buffer overflow in the clipboard implementation in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unexpected bitmap data, related to content/renderer/renderer_clipboard_client.cc and content/renderer/webclipboard_impl.cc. CVE-2014-3156 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3156.html CVE-2014-3156 https://bugzilla.suse.com/882264 SUSE Bug 882264 Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpeg_video_decoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that are too small for proper interaction with an underlying FFmpeg library. CVE-2014-3157 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3157.html CVE-2014-3157 https://bugzilla.suse.com/882265 SUSE Bug 882265 The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file. CVE-2014-3160 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3160.html CVE-2014-3160 https://bugzilla.suse.com/887952 SUSE Bug 887952 Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.125 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2014-3162 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3162.html CVE-2014-3162 https://bugzilla.suse.com/887955 SUSE Bug 887955 Use-after-free vulnerability in modules/websockets/WorkerThreadableWebSocketChannel.cpp in the Web Sockets implementation in Blink, as used in Google Chrome before 36.0.1985.143, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an unexpectedly long lifetime of a temporary object during method completion. CVE-2014-3165 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3165.html CVE-2014-3165 https://bugzilla.suse.com/891717 SUSE Bug 891717 https://bugzilla.suse.com/891772 SUSE Bug 891772 The Public Key Pinning (PKP) implementation in Google Chrome before 36.0.1985.143 on Windows, OS X, and Linux, and before 36.0.1985.135 on Android, does not correctly consider the properties of SPDY connections, which allows remote attackers to obtain sensitive information by leveraging the use of multiple domain names. CVE-2014-3166 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3166.html CVE-2014-3166 https://bugzilla.suse.com/891717 SUSE Bug 891717 https://bugzilla.suse.com/891772 SUSE Bug 891772 Multiple unspecified vulnerabilities in Google Chrome before 36.0.1985.143 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2014-3167 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3167.html CVE-2014-3167 https://bugzilla.suse.com/891717 SUSE Bug 891717 https://bugzilla.suse.com/891772 SUSE Bug 891772 Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper caching associated with animation. CVE-2014-3168 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3168.html CVE-2014-3168 https://bugzilla.suse.com/893720 SUSE Bug 893720 Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging script execution that occurs before notification of node removal. CVE-2014-3169 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3169.html CVE-2014-3169 https://bugzilla.suse.com/893720 SUSE Bug 893720 extensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94 does not prevent use of a '\0' character in a host name, which allows remote attackers to spoof the extension permission dialog by relying on truncation after this character. CVE-2014-3170 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3170.html CVE-2014-3170 https://bugzilla.suse.com/893720 SUSE Bug 893720 Use-after-free vulnerability in the V8 bindings in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper use of HashMap add operations instead of HashMap set operations, related to bindings/core/v8/DOMWrapperMap.h and bindings/core/v8/SerializedScriptValue.cpp. CVE-2014-3171 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3171.html CVE-2014-3171 https://bugzilla.suse.com/893720 SUSE Bug 893720 The Debugger extension API in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as demonstrated by a chrome:// URL. CVE-2014-3172 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3172.html CVE-2014-3172 https://bugzilla.suse.com/893720 SUSE Bug 893720 The WebGL implementation in Google Chrome before 37.0.2062.94 does not ensure that clear calls interact properly with the state of a draw buffer, which allows remote attackers to cause a denial of service (read of uninitialized memory) via a crafted CANVAS element, related to gpu/command_buffer/service/framebuffer_manager.cc and gpu/command_buffer/service/gles2_cmd_decoder.cc. CVE-2014-3173 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3173.html CVE-2014-3173 https://bugzilla.suse.com/893720 SUSE Bug 893720 modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service (read of uninitialized memory) via crafted API calls. CVE-2014-3174 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3174.html CVE-2014-3174 https://bugzilla.suse.com/893720 SUSE Bug 893720 Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors, related to the load_truetype_glyph function in truetype/ttgload.c in FreeType and other functions in other components. CVE-2014-3175 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3175.html CVE-2014-3175 https://bugzilla.suse.com/893720 SUSE Bug 893720 Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177. CVE-2014-3176 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3176.html CVE-2014-3176 https://bugzilla.suse.com/893720 SUSE Bug 893720 Use-after-free vulnerability in core/dom/Node.cpp in Blink, as used in Google Chrome before 37.0.2062.120, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of render-tree inconsistencies. CVE-2014-3178 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3178.html CVE-2014-3178 Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in json-parser.h. CVE-2014-3188 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3188.html CVE-2014-3188 The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium component in Google Chrome before 38.0.2125.101 does not properly validate image-data dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via unknown vectors. CVE-2014-3189 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3189.html CVE-2014-3189 Use-after-free vulnerability in the Event::currentTarget function in core/events/Event.cpp in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that accesses the path property of an Event object. CVE-2014-3190 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3190.html CVE-2014-3190 Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree, related to the FrameView::updateLayoutAndStyleForPainting function in core/frame/FrameView.cpp and the RenderLayerScrollableArea::setScrollOffset function in core/rendering/RenderLayerScrollableArea.cpp. CVE-2014-3191 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3191.html CVE-2014-3191 Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2014-3192 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3192.html CVE-2014-3192 The SessionService::GetLastSession function in browser/sessions/session_service.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing. CVE-2014-3193 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3193.html CVE-2014-3193 Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2014-3194 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3194.html CVE-2014-3194 Google V8, as used in Google Chrome before 38.0.2125.101, does not properly track JavaScript heap-memory allocations as allocations of uninitialized memory and does not properly concatenate arrays of double-precision floating-point numbers, which allows remote attackers to obtain sensitive information via crafted JavaScript code, related to the PagedSpace::AllocateRaw and NewSpace::AllocateRaw functions in heap/spaces-inl.h, the LargeObjectSpace::AllocateRaw function in heap/spaces.cc, and the Runtime_ArrayConcat function in runtime.cc. CVE-2014-3195 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3195.html CVE-2014-3195 base/memory/shared_memory_win.cc in Google Chrome before 38.0.2125.101 on Windows does not properly implement read-only restrictions on shared memory, which allows attackers to bypass a sandbox protection mechanism via unspecified vectors. CVE-2014-3196 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3196.html CVE-2014-3196 The NavigationScheduler::schedulePageBlock function in core/loader/NavigationScheduler.cpp in Blink, as used in Google Chrome before 38.0.2125.101, does not properly provide substitute data for pages blocked by the XSS auditor, which allows remote attackers to obtain sensitive information via a crafted web site. CVE-2014-3197 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3197.html CVE-2014-3197 The Instance::HandleInputEvent function in pdf/instance.cc in the PDFium component in Google Chrome before 38.0.2125.101 interprets a certain -1 value as an index instead of a no-visible-page error code, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2014-3198 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3198.html CVE-2014-3198 The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 38.0.2125.101, has an erroneous fallback outcome for wrapper-selection failures, which allows remote attackers to cause a denial of service via vectors that trigger stopping a worker process that had been handling an Event object. CVE-2014-3199 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3199.html CVE-2014-3199 Multiple unspecified vulnerabilities in Google Chrome before 38.0.2125.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2014-3200 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-3200.html CVE-2014-3200 Google Chrome before 38.0.2125.101 allows remote attackers to spoof the address bar by placing a blob: substring at the beginning of the URL, followed by the original URI scheme and a long username string. CVE-2014-7899 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7899.html CVE-2014-7899 https://bugzilla.suse.com/906320 SUSE Bug 906320 Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser.cpp in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. CVE-2014-7900 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7900.html CVE-2014-7900 https://bugzilla.suse.com/906317 SUSE Bug 906317 Integer overflow in the opj_t2_read_packet_data function in fxcodec/fx_libopenjpeg/libopenjpeg20/t2.c in OpenJPEG in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long segment in a JPEG image. CVE-2014-7901 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7901.html CVE-2014-7901 https://bugzilla.suse.com/906322 SUSE Bug 906322 Use-after-free vulnerability in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. CVE-2014-7902 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7902.html CVE-2014-7902 https://bugzilla.suse.com/906328 SUSE Bug 906328 Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG image. CVE-2014-7903 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7903.html CVE-2014-7903 https://bugzilla.suse.com/906318 SUSE Bug 906318 Buffer overflow in Skia, as used in Google Chrome before 39.0.2171.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2014-7904 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7904.html CVE-2014-7904 https://bugzilla.suse.com/906321 SUSE Bug 906321 Google Chrome before 39.0.2171.65 on Android does not prevent navigation to a URL in cases where an intent for the URL lacks CATEGORY_BROWSABLE, which allows remote attackers to bypass intended access restrictions via a crafted web site. CVE-2014-7905 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7905.html CVE-2014-7905 https://bugzilla.suse.com/906330 SUSE Bug 906330 Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's lifetime. CVE-2014-7906 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7906.html CVE-2014-7906 https://bugzilla.suse.com/906319 SUSE Bug 906319 Multiple use-after-free vulnerabilities in modules/screen_orientation/ScreenOrientationController.cpp in Blink, as used in Google Chrome before 39.0.2171.65, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger improper handling of a detached frame, related to the (1) lock and (2) unlock methods. CVE-2014-7907 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7907.html CVE-2014-7907 https://bugzilla.suse.com/906323 SUSE Bug 906323 Multiple integer overflows in the CheckMov function in media/base/container_names.cc in Google Chrome before 39.0.2171.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a large atom in (1) MPEG-4 or (2) QuickTime .mov data. CVE-2014-7908 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7908.html CVE-2014-7908 https://bugzilla.suse.com/906324 SUSE Bug 906324 effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65, computes a hash key using uninitialized integer values, which might allow remote attackers to cause a denial of service by rendering crafted data. CVE-2014-7909 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7909.html CVE-2014-7909 https://bugzilla.suse.com/906326 SUSE Bug 906326 Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2014-7910 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7910.html CVE-2014-7910 https://bugzilla.suse.com/906327 SUSE Bug 906327 The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a look-behind expression. CVE-2014-7923 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7923.html CVE-2014-7923 https://bugzilla.suse.com/914468 SUSE Bug 914468 Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering duplicate BLOB references, related to content/browser/indexed_db/indexed_db_callbacks.cc and content/browser/indexed_db/indexed_db_dispatcher_host.cc. CVE-2014-7924 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7924.html CVE-2014-7924 https://bugzilla.suse.com/914468 SUSE Bug 914468 Use-after-free vulnerability in the WebAudio implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an audio-rendering thread in which AudioNode data is improperly maintained. CVE-2014-7925 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7925.html CVE-2014-7925 https://bugzilla.suse.com/914468 SUSE Bug 914468 The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier. CVE-2014-7926 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7926.html CVE-2014-7926 https://bugzilla.suse.com/914468 SUSE Bug 914468 The SimplifiedLowering::DoLoadBuffer function in compiler/simplified-lowering.cc in Google V8, as used in Google Chrome before 40.0.2214.91, does not properly choose an integer data type, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code. CVE-2014-7927 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7927.html CVE-2014-7927 https://bugzilla.suse.com/914468 SUSE Bug 914468 hydrogen.cc in Google V8, as used Google Chrome before 40.0.2214.91, does not properly handle arrays with holes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code that triggers an array copy. CVE-2014-7928 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7928.html CVE-2014-7928 https://bugzilla.suse.com/914468 SUSE Bug 914468 Use-after-free vulnerability in the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving movement of a SCRIPT element across documents. CVE-2014-7929 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7929.html CVE-2014-7929 https://bugzilla.suse.com/914468 SUSE Bug 914468 Use-after-free vulnerability in core/events/TreeScopeEventContext.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper maintenance of TreeScope data. CVE-2014-7930 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7930.html CVE-2014-7930 https://bugzilla.suse.com/914468 SUSE Bug 914468 Use-after-free vulnerability in the Element::detach function in core/dom/Element.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving pending updates of detached elements. CVE-2014-7932 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7932.html CVE-2014-7932 https://bugzilla.suse.com/914468 SUSE Bug 914468 Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers improper maintenance of tracks data. CVE-2014-7933 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7933.html CVE-2014-7933 https://bugzilla.suse.com/914468 SUSE Bug 914468 Use-after-free vulnerability in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unexpected absence of document data structures. CVE-2014-7934 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7934.html CVE-2014-7934 https://bugzilla.suse.com/914468 SUSE Bug 914468 Use-after-free vulnerability in browser/speech/tts_message_filter.cc in the Speech implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving utterances from a closed tab. CVE-2014-7935 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7935.html CVE-2014-7935 https://bugzilla.suse.com/914468 SUSE Bug 914468 Use-after-free vulnerability in the ZoomBubbleView::Close function in browser/ui/views/location_bar/zoom_bubble_view.cc in the Views implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that triggers improper maintenance of a zoom bubble. CVE-2014-7936 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7936.html CVE-2014-7936 https://bugzilla.suse.com/914468 SUSE Bug 914468 Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Vorbis I data. CVE-2014-7937 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7937.html CVE-2014-7937 https://bugzilla.suse.com/914468 SUSE Bug 914468 The Fonts implementation in Google Chrome before 40.0.2214.91 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. CVE-2014-7938 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7938.html CVE-2014-7938 https://bugzilla.suse.com/914468 SUSE Bug 914468 Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header. CVE-2014-7939 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7939.html CVE-2014-7939 https://bugzilla.suse.com/914468 SUSE Bug 914468 The collator implementation in i18n/ucol.cpp in International Components for Unicode (ICU) 52 through SVN revision 293126, as used in Google Chrome before 40.0.2214.91, does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted character sequence. CVE-2014-7940 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7940.html CVE-2014-7940 https://bugzilla.suse.com/914468 SUSE Bug 914468 The SelectionOwner::ProcessTarget function in ui/base/x/selection_owner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted X11 data. CVE-2014-7941 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7941.html CVE-2014-7941 https://bugzilla.suse.com/914468 SUSE Bug 914468 The Fonts implementation in Google Chrome before 40.0.2214.91 does not initialize memory for a data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2014-7942 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7942.html CVE-2014-7942 https://bugzilla.suse.com/914468 SUSE Bug 914468 Skia, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2014-7943 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7943.html CVE-2014-7943 https://bugzilla.suse.com/914468 SUSE Bug 914468 The sycc422_to_rgb function in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 40.0.2214.91, does not properly handle odd values of image width, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. CVE-2014-7944 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7944.html CVE-2014-7944 https://bugzilla.suse.com/914468 SUSE Bug 914468 OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c. CVE-2014-7945 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7945.html CVE-2014-7945 https://bugzilla.suse.com/914468 SUSE Bug 914468 The RenderTable::simplifiedNormalFlowLayout function in core/rendering/RenderTable.cpp in Blink, as used in Google Chrome before 40.0.2214.91, skips captions during table layout in certain situations, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors related to the Fonts implementation. CVE-2014-7946 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7946.html CVE-2014-7946 https://bugzilla.suse.com/914468 SUSE Bug 914468 OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, pi.c, t1.c, t2.c, and tcd.c. CVE-2014-7947 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7947.html CVE-2014-7947 https://bugzilla.suse.com/914468 SUSE Bug 914468 https://bugzilla.suse.com/979911 SUSE Bug 979911 The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcache_update_job.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows man-in-the-middle attackers to spoof HTML5 application content via a crafted certificate. CVE-2014-7948 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-7948.html CVE-2014-7948 https://bugzilla.suse.com/914468 SUSE Bug 914468 Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2015-1205 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1205.html CVE-2015-1205 https://bugzilla.suse.com/914468 SUSE Bug 914468 https://bugzilla.suse.com/915529 SUSE Bug 915529 https://bugzilla.suse.com/915530 SUSE Bug 915530 https://bugzilla.suse.com/915533 SUSE Bug 915533 https://bugzilla.suse.com/915534 SUSE Bug 915534 https://bugzilla.suse.com/915535 SUSE Bug 915535 Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper handling of a shadow-root anchor. CVE-2015-1209 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1209.html CVE-2015-1209 https://bugzilla.suse.com/914468 SUSE Bug 914468 https://bugzilla.suse.com/916841 SUSE Bug 916841 The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, does not properly consider frame access restrictions during the throwing of an exception, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. CVE-2015-1210 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1210.html CVE-2015-1210 https://bugzilla.suse.com/914468 SUSE Bug 914468 https://bugzilla.suse.com/916843 SUSE Bug 916843 The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android does not properly restrict the URI scheme during a ServiceWorker registration, which allows remote attackers to gain privileges via a filesystem: URI. CVE-2015-1211 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1211.html CVE-2015-1211 https://bugzilla.suse.com/914468 SUSE Bug 914468 https://bugzilla.suse.com/916838 SUSE Bug 916838 Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2015-1212 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1212.html CVE-2015-1212 https://bugzilla.suse.com/914468 SUSE Bug 914468 https://bugzilla.suse.com/916840 SUSE Bug 916840 https://bugzilla.suse.com/920825 SUSE Bug 920825 The SkBitmap::ReadRawPixels function in core/SkBitmap.cpp in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation. CVE-2015-1213 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1213.html CVE-2015-1213 https://bugzilla.suse.com/920825 SUSE Bug 920825 Integer overflow in the SkAutoSTArray implementation in include/core/SkTemplates.h in the filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a reset action with a large count value, leading to an out-of-bounds write operation. CVE-2015-1214 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1214.html CVE-2015-1214 https://bugzilla.suse.com/920825 SUSE Bug 920825 The filters implementation in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an out-of-bounds write operation. CVE-2015-1215 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1215.html CVE-2015-1215 https://bugzilla.suse.com/920825 SUSE Bug 920825 Use-after-free vulnerability in the V8Window::namedPropertyGetterCustom function in bindings/core/v8/custom/V8WindowCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a frame detachment. CVE-2015-1216 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1216.html CVE-2015-1216 https://bugzilla.suse.com/920825 SUSE Bug 920825 The V8LazyEventListener::prepareListenerObject function in bindings/core/v8/V8LazyEventListener.cpp in the V8 bindings in Blink, as used in Google Chrome before 41.0.2272.76, does not properly compile listeners, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." CVE-2015-1217 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1217.html CVE-2015-1217 https://bugzilla.suse.com/920825 SUSE Bug 920825 Multiple use-after-free vulnerabilities in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger movement of a SCRIPT element to different documents, related to (1) the HTMLScriptElement::didMoveToNewDocument function in core/html/HTMLScriptElement.cpp and (2) the SVGScriptElement::didMoveToNewDocument function in core/svg/SVGScriptElement.cpp. CVE-2015-1218 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1218.html CVE-2015-1218 https://bugzilla.suse.com/920825 SUSE Bug 920825 Integer overflow in the SkMallocPixelRef::NewAllocate function in core/SkMallocPixelRef.cpp in Skia, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted allocation of a large amount of memory during WebGL rendering. CVE-2015-1219 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1219.html CVE-2015-1219 https://bugzilla.suse.com/920825 SUSE Bug 920825 Use-after-free vulnerability in the GIFImageReader::parseData function in platform/image-decoders/gif/GIFImageReader.cpp in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted frame size in a GIF image. CVE-2015-1220 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1220.html CVE-2015-1220 https://bugzilla.suse.com/920825 SUSE Bug 920825 Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thread relative to Blink's main thread, related to the shutdown function in web/WebKit.cpp. CVE-2015-1221 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1221.html CVE-2015-1221 https://bugzilla.suse.com/920825 SUSE Bug 920825 Multiple use-after-free vulnerabilities in the ServiceWorkerScriptCacheMap implementation in content/browser/service_worker/service_worker_script_cache_map.cc in Google Chrome before 41.0.2272.76 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a ServiceWorkerContextWrapper::DeleteAndStartOver call, related to the NotifyStartedCaching and NotifyFinishedCaching functions. CVE-2015-1222 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1222.html CVE-2015-1222 https://bugzilla.suse.com/920825 SUSE Bug 920825 Multiple use-after-free vulnerabilities in core/html/HTMLInputElement.cpp in the DOM implementation in Blink, as used in Google Chrome before 41.0.2272.76, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger extraneous change events, as demonstrated by events for invalid input or input to read-only fields, related to the initializeTypeInParsing and updateType functions. CVE-2015-1223 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1223.html CVE-2015-1223 https://bugzilla.suse.com/920825 SUSE Bug 920825 The VpxVideoDecoder::VpxDecode function in media/filters/vpx_video_decoder.cc in the vpxdecoder implementation in Google Chrome before 41.0.2272.76 does not ensure that alpha-plane dimensions are identical to image dimensions, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted VPx video data. CVE-2015-1224 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1224.html CVE-2015-1224 https://bugzilla.suse.com/920825 SUSE Bug 920825 PDFium, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2015-1225 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1225.html CVE-2015-1225 https://bugzilla.suse.com/920825 SUSE Bug 920825 The DebuggerFunction::InitAgentHost function in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 41.0.2272.76 does not properly restrict what URLs are available as debugger targets, which allows remote attackers to bypass intended access restrictions via a crafted extension. CVE-2015-1226 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1226.html CVE-2015-1226 https://bugzilla.suse.com/920825 SUSE Bug 920825 The DragImage::create function in platform/DragImage.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not initialize memory for image drawing, which allows remote attackers to have an unspecified impact by triggering a failed image decoding, as demonstrated by an image for which the default orientation cannot be used. CVE-2015-1227 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1227.html CVE-2015-1227 https://bugzilla.suse.com/920825 SUSE Bug 920825 The RenderCounter::updateCounter function in core/rendering/RenderCounter.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not force a relayout operation and consequently does not initialize memory for a data structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted Cascading Style Sheets (CSS) token sequence. CVE-2015-1228 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1228.html CVE-2015-1228 https://bugzilla.suse.com/920825 SUSE Bug 920825 net/http/proxy_client_socket.cc in Google Chrome before 41.0.2272.76 does not properly handle a 407 (aka Proxy Authentication Required) HTTP status code accompanied by a Set-Cookie header, which allows remote proxy servers to conduct cookie-injection attacks via a crafted response. CVE-2015-1229 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1229.html CVE-2015-1229 https://bugzilla.suse.com/920825 SUSE Bug 920825 The getHiddenProperty function in bindings/core/v8/V8EventListenerList.h in Blink, as used in Google Chrome before 41.0.2272.76, has a name conflict with the AudioContext class, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that adds an AudioContext event listener and triggers "type confusion." CVE-2015-1230 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1230.html CVE-2015-1230 https://bugzilla.suse.com/920825 SUSE Bug 920825 Multiple unspecified vulnerabilities in Google Chrome before 41.0.2272.76 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2015-1231 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1231.html CVE-2015-1231 https://bugzilla.suse.com/920825 SUSE Bug 920825 Google Chrome before 41.0.2272.118 does not properly handle the interaction of IPC, the Gamepad API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors. CVE-2015-1233 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1233.html CVE-2015-1233 https://bugzilla.suse.com/925713 SUSE Bug 925713 Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact by manipulating OpenGL ES commands. CVE-2015-1234 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1234.html CVE-2015-1234 https://bugzilla.suse.com/925714 SUSE Bug 925714 The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element. CVE-2015-1235 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1235.html CVE-2015-1235 https://bugzilla.suse.com/927302 SUSE Bug 927302 The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a crafted web site containing a media element. CVE-2015-1236 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1236.html CVE-2015-1236 https://bugzilla.suse.com/927302 SUSE Bug 927302 Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages during a detach operation. CVE-2015-1237 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1237.html CVE-2015-1237 https://bugzilla.suse.com/927302 SUSE Bug 927302 Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors. CVE-2015-1238 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1238.html CVE-2015-1238 https://bugzilla.suse.com/927302 SUSE Bug 927302 gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency. CVE-2015-1240 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1240.html CVE-2015-1240 https://bugzilla.suse.com/927302 SUSE Bug 927302 Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack. CVE-2015-1241 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1241.html CVE-2015-1241 https://bugzilla.suse.com/927302 SUSE Bug 927302 The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that leverages "type confusion" in the check-elimination optimization. CVE-2015-1242 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1242.html CVE-2015-1242 https://bugzilla.suse.com/927302 SUSE Bug 927302 Use-after-free vulnerability in the MutationObserver::disconnect function in core/dom/MutationObserver.cpp in the DOM implementation in Blink, as used in Google Chrome before 42.0.2311.135, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an attempt to unregister a MutationObserver object that is not currently registered. CVE-2015-1243 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1243.html CVE-2015-1243 https://bugzilla.suse.com/929075 SUSE Bug 929075 The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic. CVE-2015-1244 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1244.html CVE-2015-1244 https://bugzilla.suse.com/927302 SUSE Bug 927302 Use-after-free vulnerability in the OpenPDFInReaderView::Update function in browser/ui/views/location_bar/open_pdf_in_reader_view.cc in Google Chrome before 41.0.2272.76 might allow user-assisted remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by triggering interaction with a PDFium "Open PDF in Reader" button that has an invalid tab association. CVE-2015-1245 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1245.html CVE-2015-1245 https://bugzilla.suse.com/927302 SUSE Bug 927302 Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2015-1246 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1246.html CVE-2015-1246 https://bugzilla.suse.com/927302 SUSE Bug 927302 The SearchEngineTabHelper::OnPageHasOSDD function in browser/ui/search_engines/search_engine_tab_helper.cc in Google Chrome before 42.0.2311.90 does not prevent use of a file: URL for an OpenSearch descriptor XML document, which might allow remote attackers to obtain sensitive information from local files via a crafted (1) http or (2) https web site. CVE-2015-1247 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1247.html CVE-2015-1247 https://bugzilla.suse.com/927302 SUSE Bug 927302 The FileSystem API in Google Chrome before 40.0.2214.91 allows remote attackers to bypass the SafeBrowsing for Executable Files protection mechanism by creating a .exe file in a temporary filesystem and then referencing this file with a filesystem:http: URL. CVE-2015-1248 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1248.html CVE-2015-1248 https://bugzilla.suse.com/927302 SUSE Bug 927302 Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.90 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2015-1249 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1249.html CVE-2015-1249 https://bugzilla.suse.com/927302 SUSE Bug 927302 Multiple unspecified vulnerabilities in Google Chrome before 42.0.2311.135 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2015-1250 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1250.html CVE-2015-1250 https://bugzilla.suse.com/929075 SUSE Bug 929075 Use-after-free vulnerability in the SpeechRecognitionClient implementation in the Speech subsystem in Google Chrome before 43.0.2357.65 allows remote attackers to execute arbitrary code via a crafted document. CVE-2015-1251 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1251.html CVE-2015-1251 https://bugzilla.suse.com/931659 SUSE Bug 931659 common/partial_circular_buffer.cc in Google Chrome before 43.0.2357.65 does not properly handle wraps, which allows remote attackers to bypass a sandbox protection mechanism or cause a denial of service (out-of-bounds write) via vectors that trigger a write operation with a large amount of data, related to the PartialCircularBuffer::Write and PartialCircularBuffer::DoWrite functions. CVE-2015-1252 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1252.html CVE-2015-1252 https://bugzilla.suse.com/931671 SUSE Bug 931671 core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that appends a child to a SCRIPT element, related to the insert and executeReparentTask functions. CVE-2015-1253 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1253.html CVE-2015-1253 https://bugzilla.suse.com/931670 SUSE Bug 931670 core/dom/Document.cpp in Blink, as used in Google Chrome before 43.0.2357.65, enables the inheritance of the designMode attribute, which allows remote attackers to bypass the Same Origin Policy by leveraging the availability of editing. CVE-2015-1254 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1254.html CVE-2015-1254 https://bugzilla.suse.com/931669 SUSE Bug 931669 Use-after-free vulnerability in content/renderer/media/webaudio_capturer_source.cc in the WebAudio implementation in Google Chrome before 43.0.2357.65 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by leveraging improper handling of a stop action for an audio track. CVE-2015-1255 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1255.html CVE-2015-1255 https://bugzilla.suse.com/931674 SUSE Bug 931674 Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document that leverages improper handling of a shadow tree for a use element. CVE-2015-1256 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1256.html CVE-2015-1256 https://bugzilla.suse.com/931664 SUSE Bug 931664 platform/graphics/filters/FEColorMatrix.cpp in the SVG implementation in Blink, as used in Google Chrome before 43.0.2357.65, does not properly handle an insufficient number of values in an feColorMatrix filter, which allows remote attackers to cause a denial of service (container overflow) or possibly have unspecified other impact via a crafted document. CVE-2015-1257 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1257.html CVE-2015-1257 https://bugzilla.suse.com/931665 SUSE Bug 931665 Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame size in VP9 video data. CVE-2015-1258 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1258.html CVE-2015-1258 https://bugzilla.suse.com/931666 SUSE Bug 931666 PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2015-1259 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1259.html CVE-2015-1259 https://bugzilla.suse.com/931667 SUSE Bug 931667 Multiple use-after-free vulnerabilities in content/renderer/media/user_media_client_impl.cc in the WebRTC implementation in Google Chrome before 43.0.2357.65 allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that executes upon completion of a getUserMedia request. CVE-2015-1260 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1260.html CVE-2015-1260 https://bugzilla.suse.com/931668 SUSE Bug 931668 android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java in Google Chrome before 43.0.2357.65 on Android does not properly restrict use of a URL's fragment identifier during construction of a page-info popup, which allows remote attackers to spoof the URL bar or deliver misleading popup content via crafted text. CVE-2015-1261 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1261.html CVE-2015-1261 https://bugzilla.suse.com/931673 SUSE Bug 931673 platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google Chrome before 43.0.2357.65, does not initialize a certain width field, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Unicode text. CVE-2015-1262 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1262.html CVE-2015-1262 https://bugzilla.suse.com/931672 SUSE Bug 931672 The Spellcheck API implementation in Google Chrome before 43.0.2357.65 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file. CVE-2015-1263 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1263.html CVE-2015-1263 https://bugzilla.suse.com/931663 SUSE Bug 931663 Cross-site scripting (XSS) vulnerability in Google Chrome before 43.0.2357.65 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted data that is improperly handled by the Bookmarks feature. CVE-2015-1264 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1264.html CVE-2015-1264 https://bugzilla.suse.com/931661 SUSE Bug 931661 Multiple unspecified vulnerabilities in Google Chrome before 43.0.2357.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2015-1265 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1265.html CVE-2015-1265 https://bugzilla.suse.com/931660 SUSE Bug 931660 content/browser/webui/content_web_ui_controller_factory.cc in Google Chrome before 43.0.2357.130 does not properly consider the scheme in determining whether a URL is associated with a WebUI SiteInstance, which allows remote attackers to bypass intended access restrictions via a similar URL, as demonstrated by use of http://gpu when there is a WebUI class for handling chrome://gpu requests. CVE-2015-1266 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1266.html CVE-2015-1266 https://bugzilla.suse.com/935723 SUSE Bug 935723 Blink, as used in Google Chrome before 43.0.2357.130, does not properly restrict the creation context during creation of a DOM wrapper, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that uses a Blink public API, related to WebArrayBufferConverter.cpp, WebBlob.cpp, WebDOMError.cpp, and WebDOMFileSystem.cpp. CVE-2015-1267 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1267.html CVE-2015-1267 https://bugzilla.suse.com/935723 SUSE Bug 935723 bindings/scripts/v8_types.py in Blink, as used in Google Chrome before 43.0.2357.130, does not properly select a creation context for a return value's DOM wrapper, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code, as demonstrated by use of a data: URL. CVE-2015-1268 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1268.html CVE-2015-1268 https://bugzilla.suse.com/935723 SUSE Bug 935723 The DecodeHSTSPreloadRaw function in net/http/transport_security_state.cc in Google Chrome before 43.0.2357.130 does not properly canonicalize DNS hostnames before making comparisons to HSTS or HPKP preload entries, which allows remote attackers to bypass intended access restrictions via a string that (1) ends in a . (dot) character or (2) is not entirely lowercase. CVE-2015-1269 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1269.html CVE-2015-1269 https://bugzilla.suse.com/935723 SUSE Bug 935723 The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service (read of uninitialized memory) or possibly have unspecified other impact via a crafted file. CVE-2015-1270 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1270.html CVE-2015-1270 https://bugzilla.suse.com/939077 SUSE Bug 939077 PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted PDF document that triggers a large memory allocation. CVE-2015-1271 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1271.html CVE-2015-1271 https://bugzilla.suse.com/939077 SUSE Bug 939077 Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the continued availability of a GPUChannelHost data structure during Blink shutdown, related to content/browser/gpu/browser_gpu_channel_host_factory.cc and content/renderer/render_thread_impl.cc. CVE-2015-1272 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1272.html CVE-2015-1272 https://bugzilla.suse.com/939077 SUSE Bug 939077 Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF document. CVE-2015-1273 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1273.html CVE-2015-1273 https://bugzilla.suse.com/939077 SUSE Bug 939077 Google Chrome before 44.0.2403.89 does not ensure that the auto-open list omits all dangerous file types, which makes it easier for remote attackers to execute arbitrary code by providing a crafted file and leveraging a user's previous "Always open files of this type" choice, related to download_commands.cc and download_prefs.cc. CVE-2015-1274 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1274.html CVE-2015-1274 https://bugzilla.suse.com/939077 SUSE Bug 939077 Cross-site scripting (XSS) vulnerability in org/chromium/chrome/browser/UrlUtilities.java in Google Chrome before 44.0.2403.89 on Android allows remote attackers to inject arbitrary web script or HTML via a crafted intent: URL, as demonstrated by a trailing alert(document.cookie);// substring, aka "Universal XSS (UXSS)." CVE-2015-1275 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1275.html CVE-2015-1275 https://bugzilla.suse.com/939077 SUSE Bug 939077 Use-after-free vulnerability in content/browser/indexed_db/indexed_db_backing_store.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an abort action before a certain write operation. CVE-2015-1276 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1276.html CVE-2015-1276 https://bugzilla.suse.com/939077 SUSE Bug 939077 Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0.2403.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging lack of certain validity checks for accessibility-tree data structures. CVE-2015-1277 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1277.html CVE-2015-1277 https://bugzilla.suse.com/939077 SUSE Bug 939077 content/browser/web_contents/web_contents_impl.cc in Google Chrome before 44.0.2403.89 does not ensure that a PDF document's modal dialog is closed upon navigation to an interstitial page, which allows remote attackers to spoof URLs via a crafted document, as demonstrated by the alert_dialog.pdf document. CVE-2015-1278 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1278.html CVE-2015-1278 https://bugzilla.suse.com/939077 SUSE Bug 939077 Integer overflow in the CJBig2_Image::expand function in fxcodec/jbig2/JBig2_Image.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via large height and stride values. CVE-2015-1279 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1279.html CVE-2015-1279 https://bugzilla.suse.com/939077 SUSE Bug 939077 SkPictureShader.cpp in Skia, as used in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging access to a renderer process and providing crafted serialized data. CVE-2015-1280 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1280.html CVE-2015-1280 https://bugzilla.suse.com/939077 SUSE Bug 939077 core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly determine the V8 context of a microtask, which allows remote attackers to bypass Content Security Policy (CSP) restrictions by providing an image from an unintended source. CVE-2015-1281 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1281.html CVE-2015-1281 https://bugzilla.suse.com/939077 SUSE Bug 939077 Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to the (1) Document::delay and (2) Document::DoFieldDelay functions. CVE-2015-1282 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1282.html CVE-2015-1282 https://bugzilla.suse.com/939077 SUSE Bug 939077 Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. CVE-2015-1283 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1283.html CVE-2015-1283 https://bugzilla.suse.com/1034050 SUSE Bug 1034050 https://bugzilla.suse.com/939077 SUSE Bug 939077 https://bugzilla.suse.com/979441 SUSE Bug 979441 https://bugzilla.suse.com/980391 SUSE Bug 980391 https://bugzilla.suse.com/983985 SUSE Bug 983985 The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly check for a page's maximum number of frames, which allows remote attackers to cause a denial of service (invalid count value and use-after-free) or possibly have unspecified other impact via crafted JavaScript code that makes many createElement calls for IFRAME elements. CVE-2015-1284 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1284.html CVE-2015-1284 https://bugzilla.suse.com/939077 SUSE Bug 939077 https://bugzilla.suse.com/959178 SUSE Bug 959178 The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sensitive information via an unspecified linear-time attack. CVE-2015-1285 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1285.html CVE-2015-1285 https://bugzilla.suse.com/939077 SUSE Bug 939077 Cross-site scripting (XSS) vulnerability in the V8ContextNativeHandler::GetModuleSystem function in extensions/renderer/v8_context_native_handler.cc in Google Chrome before 44.0.2403.89 allows remote attackers to inject arbitrary web script or HTML by leveraging the lack of a certain V8 context restriction, aka a Blink "Universal XSS (UXSS)." CVE-2015-1286 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1286.html CVE-2015-1286 https://bugzilla.suse.com/939077 SUSE Bug 939077 Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to core/fetch/CSSStyleSheetResource.cpp. CVE-2015-1287 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1287.html CVE-2015-1287 https://bugzilla.suse.com/939077 SUSE Bug 939077 The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related issue to CVE-2015-1263. CVE-2015-1288 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1288.html CVE-2015-1288 https://bugzilla.suse.com/939077 SUSE Bug 939077 Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2015-1289 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1289.html CVE-2015-1289 https://bugzilla.suse.com/939077 SUSE Bug 939077 The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not check whether a node is expected, which allows remote attackers to bypass the Same Origin Policy or cause a denial of service (DOM tree corruption) via a web site with crafted JavaScript code and IFRAME elements. CVE-2015-1291 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1291.html CVE-2015-1291 https://bugzilla.suse.com/944144 SUSE Bug 944144 https://bugzilla.suse.com/959178 SUSE Bug 959178 The NavigatorServiceWorker::serviceWorker function in modules/serviceworkers/NavigatorServiceWorker.cpp in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy by accessing a Service Worker. CVE-2015-1292 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1292.html CVE-2015-1292 https://bugzilla.suse.com/944144 SUSE Bug 944144 https://bugzilla.suse.com/959178 SUSE Bug 959178 The DOM implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. CVE-2015-1293 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1293.html CVE-2015-1293 https://bugzilla.suse.com/944144 SUSE Bug 944144 Use-after-free vulnerability in the SkMatrix::invertNonIdentity function in core/SkMatrix.cpp in Skia, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering the use of matrix elements that lead to an infinite result during an inversion calculation. CVE-2015-1294 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1294.html CVE-2015-1294 https://bugzilla.suse.com/944144 SUSE Bug 944144 https://bugzilla.suse.com/959178 SUSE Bug 959178 Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/print_web_view_helper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact by triggering nested IPC messages during preparation for printing, as demonstrated by messages associated with PDF documents in conjunction with messages about printer capabilities. CVE-2015-1295 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1295.html CVE-2015-1295 https://bugzilla.suse.com/944144 SUSE Bug 944144 The UnescapeURLWithAdjustmentsImpl implementation in net/base/escape.cc in Google Chrome before 45.0.2454.85 does not prevent display of Unicode LOCK characters in the omnibox, which makes it easier for remote attackers to spoof the SSL lock icon by placing one of these characters at the end of a URL, as demonstrated by the omnibox in localizations for right-to-left languages. CVE-2015-1296 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1296.html CVE-2015-1296 https://bugzilla.suse.com/944144 SUSE Bug 944144 The WebRequest API implementation in extensions/browser/api/web_request/web_request_api.cc in Google Chrome before 45.0.2454.85 does not properly consider a request's source before accepting the request, which allows remote attackers to bypass intended access restrictions via a crafted (1) app or (2) extension. CVE-2015-1297 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1297.html CVE-2015-1297 https://bugzilla.suse.com/944144 SUSE Bug 944144 The RuntimeEventRouter::OnExtensionUninstalled function in extensions/browser/api/runtime/runtime_api.cc in Google Chrome before 45.0.2454.85 does not ensure that the setUninstallURL preference corresponds to the URL of a web site, which allows user-assisted remote attackers to trigger access to an arbitrary URL via a crafted extension that is uninstalled. CVE-2015-1298 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1298.html CVE-2015-1298 https://bugzilla.suse.com/944144 SUSE Bug 944144 Use-after-free vulnerability in the shared-timer implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging erroneous timer firing, related to ThreadTimers.cpp and Timer.cpp. CVE-2015-1299 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1299.html CVE-2015-1299 https://bugzilla.suse.com/944144 SUSE Bug 944144 The FrameFetchContext::updateTimingInfoForIFrameNavigation function in core/loader/FrameFetchContext.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to obtain sensitive information via crafted JavaScript code that leverages a history.back call. CVE-2015-1300 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1300.html CVE-2015-1300 https://bugzilla.suse.com/944144 SUSE Bug 944144 Multiple unspecified vulnerabilities in Google Chrome before 45.0.2454.85 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2015-1301 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1301.html CVE-2015-1301 https://bugzilla.suse.com/944144 SUSE Bug 944144 The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and out_of_process_instance.cc. CVE-2015-1302 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1302.html CVE-2015-1302 https://bugzilla.suse.com/954579 SUSE Bug 954579 bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document containing an IFRAME element. CVE-2015-1303 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1303.html CVE-2015-1303 https://bugzilla.suse.com/947504 SUSE Bug 947504 object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows remote attackers to bypass the Same Origin Policy via a (1) observe or (2) getNotifier call. CVE-2015-1304 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1304.html CVE-2015-1304 https://bugzilla.suse.com/947507 SUSE Bug 947507 The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 46.0.2490.71, proceeds with a DOM tree insertion in certain cases where a parent node no longer contains a child node, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. CVE-2015-6755 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6755.html CVE-2015-6755 https://bugzilla.suse.com/950290 SUSE Bug 950290 Use-after-free vulnerability in the CPDFSDK_PageView implementation in fpdfsdk/src/fsdk_mgr.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by leveraging mishandling of a focused annotation in a PDF document. CVE-2015-6756 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6756.html CVE-2015-6756 https://bugzilla.suse.com/950290 SUSE Bug 950290 Use-after-free vulnerability in content/browser/service_worker/embedded_worker_instance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging object destruction in a callback. CVE-2015-6757 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6757.html CVE-2015-6757 https://bugzilla.suse.com/950290 SUSE Bug 950290 The CPDF_Document::GetPage function in fpdfapi/fpdf_parser/fpdf_parser_document.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, does not properly perform a cast of a dictionary object, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. CVE-2015-6758 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6758.html CVE-2015-6758 https://bugzilla.suse.com/950290 SUSE Bug 950290 The shouldTreatAsUniqueOrigin function in platform/weborigin/SecurityOrigin.cpp in Blink, as used in Google Chrome before 46.0.2490.71, does not ensure that the origin of a LocalStorage resource is considered unique, which allows remote attackers to obtain sensitive information via vectors involving a blob: URL. CVE-2015-6759 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6759.html CVE-2015-6759 https://bugzilla.suse.com/950290 SUSE Bug 950290 The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service (invalid read or write) or possibly have unspecified other impact via vectors involving a removed device. CVE-2015-6760 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6760.html CVE-2015-6760 https://bugzilla.suse.com/950290 SUSE Bug 950290 The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service (race condition and memory corruption) or possibly have unspecified other impact via a crafted WebM file. CVE-2015-6761 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6761.html CVE-2015-6761 https://bugzilla.suse.com/950290 SUSE Bug 950290 The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets (CSS) implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's URL appears to be a same-origin URL, which allows remote web servers to bypass the Same Origin Policy via a redirect. CVE-2015-6762 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6762.html CVE-2015-6762 https://bugzilla.suse.com/950290 SUSE Bug 950290 Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2015-6763 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6763.html CVE-2015-6763 https://bugzilla.suse.com/950290 SUSE Bug 950290 The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code. CVE-2015-6764 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6764.html CVE-2015-6764 https://bugzilla.suse.com/956902 SUSE Bug 956902 https://bugzilla.suse.com/957519 SUSE Bug 957519 Use-after-free vulnerability in content/browser/appcache/appcache_update_job.cc in Google Chrome before 47.0.2526.73 allows remote attackers to execute arbitrary code or cause a denial of service by leveraging the mishandling of AppCache update jobs. CVE-2015-6765 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6765.html CVE-2015-6765 https://bugzilla.suse.com/957519 SUSE Bug 957519 Use-after-free vulnerability in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers with renderer access to cause a denial of service or possibly have unspecified other impact by leveraging incorrect AppCacheUpdateJob behavior associated with duplicate cache selection. CVE-2015-6766 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6766.html CVE-2015-6766 https://bugzilla.suse.com/957519 SUSE Bug 957519 Use-after-free vulnerability in content/browser/appcache/appcache_dispatcher_host.cc in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect pointer maintenance associated with certain callbacks. CVE-2015-6767 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6767.html CVE-2015-6767 https://bugzilla.suse.com/957519 SUSE Bug 957519 The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6770. CVE-2015-6768 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6768.html CVE-2015-6768 https://bugzilla.suse.com/957519 SUSE Bug 957519 The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing. CVE-2015-6769 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6769.html CVE-2015-6769 https://bugzilla.suse.com/957519 SUSE Bug 957519 The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6768. CVE-2015-6770 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6770.html CVE-2015-6770 https://bugzilla.suse.com/957519 SUSE Bug 957519 js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73, improperly implements certain map and filter operations for arrays, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code. CVE-2015-6771 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6771.html CVE-2015-6771 https://bugzilla.suse.com/957519 SUSE Bug 957519 The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent javascript: URL navigation while a document is being detached, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that improperly interacts with a plugin. CVE-2015-6772 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6772.html CVE-2015-6772 https://bugzilla.suse.com/957519 SUSE Bug 957519 The convolution implementation in Skia, as used in Google Chrome before 47.0.2526.73, does not properly constrain row lengths, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted graphics data. CVE-2015-6773 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6773.html CVE-2015-6773 https://bugzilla.suse.com/957519 SUSE Bug 957519 Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that modifies a pointer used for reporting loadTimes data. CVE-2015-6774 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6774.html CVE-2015-6774 https://bugzilla.suse.com/957519 SUSE Bug 957519 fpdfsdk/src/jsapi/fxjs_v8.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, does not use signatures, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." CVE-2015-6775 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6775.html CVE-2015-6775 https://bugzilla.suse.com/957519 SUSE Bug 957519 The opj_dwt_decode_1* functions in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 47.0.2526.73, allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during a discrete wavelet transform. CVE-2015-6776 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6776.html CVE-2015-6776 https://bugzilla.suse.com/957519 SUSE Bug 957519 Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions. CVE-2015-6777 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6777.html CVE-2015-6777 https://bugzilla.suse.com/957519 SUSE Bug 957519 The CJBig2_SymbolDict class in fxcodec/jbig2/JBig2_SymbolDict.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a PDF document containing crafted data with JBIG2 compression. CVE-2015-6778 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6778.html CVE-2015-6778 https://bugzilla.suse.com/957519 SUSE Bug 957519 PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL. CVE-2015-6779 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6779.html CVE-2015-6779 https://bugzilla.suse.com/957519 SUSE Bug 957519 Use-after-free vulnerability in the Infobars implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site, related to browser/ui/views/website_settings/website_settings_popup_view.cc. CVE-2015-6780 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6780.html CVE-2015-6780 https://bugzilla.suse.com/957519 SUSE Bug 957519 Integer overflow in the FontData::Bound function in data/font_data.cc in Google sfntly, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted offset or length value within font data in an SFNT container. CVE-2015-6781 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6781.html CVE-2015-6781 https://bugzilla.suse.com/957519 SUSE Bug 957519 The Document::open function in WebKit/Source/core/dom/Document.cpp in Google Chrome before 47.0.2526.73 does not ensure that page-dismissal event handling is compatible with modal-dialog blocking, which makes it easier for remote attackers to spoof Omnibox content via a crafted web site. CVE-2015-6782 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6782.html CVE-2015-6782 https://bugzilla.suse.com/957519 SUSE Bug 957519 The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in crazy_linker (aka Crazy Linker) in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP archive. CVE-2015-6783 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6783.html CVE-2015-6783 https://bugzilla.suse.com/957519 SUSE Bug 957519 The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web (MOTW) comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring. CVE-2015-6784 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6784.html CVE-2015-6784 https://bugzilla.suse.com/957519 SUSE Bug 957519 The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a *.x.y pattern, which might allow remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a policy that was intended to be specific to subdomains. CVE-2015-6785 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6785.html CVE-2015-6785 https://bugzilla.suse.com/957519 SUSE Bug 957519 The CSPSourceList::matches function in WebKit/Source/core/frame/csp/CSPSourceList.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts a blob:, data:, or filesystem: URL as a match for a * pattern, which allows remote attackers to bypass intended scheme restrictions in opportunistic circumstances by leveraging a policy that relies on this pattern. CVE-2015-6786 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6786.html CVE-2015-6786 https://bugzilla.suse.com/957519 SUSE Bug 957519 Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2015-6787 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6787.html CVE-2015-6787 https://bugzilla.suse.com/957519 SUSE Bug 957519 The ObjectBackedNativeHandler class in extensions/renderer/object_backed_native_handler.cc in the extensions subsystem in Google Chrome before 47.0.2526.80 improperly implements handler functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." CVE-2015-6788 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6788.html CVE-2015-6788 https://bugzilla.suse.com/957519 SUSE Bug 957519 https://bugzilla.suse.com/958481 SUSE Bug 958481 Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0.2526.80, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact by leveraging unanticipated object deletion. CVE-2015-6789 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6789.html CVE-2015-6789 https://bugzilla.suse.com/957519 SUSE Bug 957519 https://bugzilla.suse.com/958481 SUSE Bug 958481 The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, which might allow remote attackers to inject arbitrary web script or HTML via a crafted document, as demonstrated by a double-quote character inside a single-quoted string. CVE-2015-6790 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6790.html CVE-2015-6790 https://bugzilla.suse.com/957519 SUSE Bug 957519 https://bugzilla.suse.com/958481 SUSE Bug 958481 Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.80 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2015-6791 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6791.html CVE-2015-6791 https://bugzilla.suse.com/957519 SUSE Bug 957519 https://bugzilla.suse.com/958481 SUSE Bug 958481 The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to midi_manager.cc, midi_manager_alsa.cc, and midi_manager_mac.cc, a different vulnerability than CVE-2015-8664. CVE-2015-6792 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-6792.html CVE-2015-6792 https://bugzilla.suse.com/959458 SUSE Bug 959458 Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as used in Google Chrome before 46.0.2490.71, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2015-7834 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-7834.html CVE-2015-7834 https://bugzilla.suse.com/950290 SUSE Bug 950290 Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. CVE-2015-8126 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate 4.3 AV:L/AC:L/Au:S/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-8126.html CVE-2015-8126 https://bugzilla.suse.com/954980 SUSE Bug 954980 https://bugzilla.suse.com/958198 SUSE Bug 958198 https://bugzilla.suse.com/960402 SUSE Bug 960402 https://bugzilla.suse.com/962743 SUSE Bug 962743 https://bugzilla.suse.com/963937 SUSE Bug 963937 https://bugzilla.suse.com/969333 SUSE Bug 969333 The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0.2564.82, does not ensure receiver compatibility before performing a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact via crafted JavaScript code. CVE-2016-1612 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1612.html CVE-2016-1612 https://bugzilla.suse.com/963184 SUSE Bug 963184 Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to improper tracking of the destruction of (1) IPWL_FocusHandler and (2) IPWL_Provider objects. CVE-2016-1613 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1613.html CVE-2016-1613 https://bugzilla.suse.com/963185 SUSE Bug 963185 The UnacceleratedImageBufferSurface class in WebKit/Source/platform/graphics/UnacceleratedImageBufferSurface.cpp in Blink, as used in Google Chrome before 48.0.2564.82, mishandles the initialization mode, which allows remote attackers to obtain sensitive information from process memory via a crafted web site. CVE-2016-1614 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1614.html CVE-2016-1614 https://bugzilla.suse.com/963186 SUSE Bug 963186 The Omnibox implementation in Google Chrome before 48.0.2564.82 allows remote attackers to spoof a document's origin via unspecified vectors. CVE-2016-1615 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1615.html CVE-2016-1615 https://bugzilla.suse.com/963187 SUSE Bug 963187 The CustomButton::AcceleratorPressed function in ui/views/controls/button/custom_button.cc in Google Chrome before 48.0.2564.82 allows remote attackers to spoof URLs via vectors involving an unfocused custom button. CVE-2016-1616 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1616.html CVE-2016-1616 https://bugzilla.suse.com/963188 SUSE Bug 963188 The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 48.0.2564.82, does not apply http policies to https URLs and does not apply ws policies to wss URLs, which makes it easier for remote attackers to determine whether a specific HSTS web site has been visited by reading a CSP report. CVE-2016-1617 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1617.html CVE-2016-1617 https://bugzilla.suse.com/963189 SUSE Bug 963189 Blink, as used in Google Chrome before 48.0.2564.82, does not ensure that a proper cryptographicallyRandomValues random number generator is used, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. CVE-2016-1618 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1618.html CVE-2016-1618 https://bugzilla.suse.com/963190 SUSE Bug 963190 Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted PDF document. CVE-2016-1619 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1619.html CVE-2016-1619 https://bugzilla.suse.com/963191 SUSE Bug 963191 Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-1620 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1620.html CVE-2016-1620 https://bugzilla.suse.com/963192 SUSE Bug 963192 The Extensions subsystem in Google Chrome before 48.0.2564.109 does not prevent use of the Object.defineProperty method to override intended extension behavior, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. CVE-2016-1622 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1622.html CVE-2016-1622 https://bugzilla.suse.com/965999 SUSE Bug 965999 The DOM implementation in Google Chrome before 48.0.2564.109 does not properly restrict frame-attach operations from occurring during or after frame-detach operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to FrameLoader.cpp, HTMLFrameOwnerElement.h, LocalFrame.cpp, and WebLocalFrameImpl.cpp. CVE-2016-1623 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1623.html CVE-2016-1623 https://bugzilla.suse.com/965999 SUSE Bug 965999 Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted data with brotli compression. CVE-2016-1624 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1624.html CVE-2016-1624 https://bugzilla.suse.com/965999 SUSE Bug 965999 The Chrome Instant feature in Google Chrome before 48.0.2564.109 does not ensure that a New Tab Page (NTP) navigation target is on the most-visited or suggestions list, which allows remote attackers to bypass intended restrictions via unspecified vectors, related to instant_service.cc and search_tab_helper.cc. CVE-2016-1625 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1625.html CVE-2016-1625 https://bugzilla.suse.com/965999 SUSE Bug 965999 The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, miscalculates a certain layer index value, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. CVE-2016-1626 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1626.html CVE-2016-1626 https://bugzilla.suse.com/965999 SUSE Bug 965999 The Developer Tools (aka DevTools) subsystem in Google Chrome before 48.0.2564.109 does not validate URL schemes and ensure that the remoteBase parameter is associated with a chrome-devtools-frontend.appspot.com URL, which allows remote attackers to bypass intended access restrictions via a crafted URL, related to browser/devtools/devtools_ui_bindings.cc and WebKit/Source/devtools/front_end/Runtime.js. CVE-2016-1627 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1627.html CVE-2016-1627 https://bugzilla.suse.com/965999 SUSE Bug 965999 Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy and a sandbox protection mechanism via unspecified vectors. CVE-2016-1629 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1629.html CVE-2016-1629 https://bugzilla.suse.com/967376 SUSE Bug 967376 The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site. CVE-2016-1630 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1630.html CVE-2016-1630 https://bugzilla.suse.com/969333 SUSE Bug 969333 The PPB_Flash_MessageLoop_Impl::InternalRun function in content/renderer/pepper/ppb_flash_message_loop_impl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. CVE-2016-1631 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1631.html CVE-2016-1631 https://bugzilla.suse.com/969333 SUSE Bug 969333 The Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly maintain own properties, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code that triggers an incorrect cast, related to extensions/renderer/v8_helpers.h and gin/converter.h. CVE-2016-1632 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1632.html CVE-2016-1632 https://bugzilla.suse.com/969333 SUSE Bug 969333 Use-after-free vulnerability in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2016-1633 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1633.html CVE-2016-1633 https://bugzilla.suse.com/969333 SUSE Bug 969333 Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that triggers Cascading Style Sheets (CSS) style invalidation during a certain subtree-removal action. CVE-2016-1634 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1634.html CVE-2016-1634 https://bugzilla.suse.com/969333 SUSE Bug 969333 extensions/renderer/render_frame_observer_natives.cc in Google Chrome before 49.0.2623.75 does not properly consider object lifetimes and re-entrancy issues during OnDocumentElementCreated handling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. CVE-2016-1635 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1635.html CVE-2016-1635 https://bugzilla.suse.com/969333 SUSE Bug 969333 The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity (aka SRI) protection mechanism by triggering two loads of the same resource. CVE-2016-1636 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1636.html CVE-2016-1636 https://bugzilla.suse.com/969333 SUSE Bug 969333 The SkATan2_255 function in effects/gradients/SkSweepGradient.cpp in Skia, as used in Google Chrome before 49.0.2623.75, mishandles arctangent calculations, which allows remote attackers to obtain sensitive information via a crafted web site. CVE-2016-1637 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1637.html CVE-2016-1637 https://bugzilla.suse.com/969333 SUSE Bug 969333 extensions/renderer/resources/platform_app.js in the Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly restrict use of Web APIs, which allows remote attackers to bypass intended access restrictions via a crafted platform app. CVE-2016-1638 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1638.html CVE-2016-1638 https://bugzilla.suse.com/969333 SUSE Bug 969333 Use-after-free vulnerability in browser/extensions/api/webrtc_audio_private/webrtc_audio_private_api.cc in the WebRTC Audio Private API implementation in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect reliance on the resource context pointer. CVE-2016-1639 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1639.html CVE-2016-1639 https://bugzilla.suse.com/969333 SUSE Bug 969333 The Web Store inline-installer implementation in the Extensions UI in Google Chrome before 49.0.2623.75 does not block installations upon deletion of an installation frame, which makes it easier for remote attackers to trick a user into believing that an installation request originated from the user's next navigation target via a crafted web site. CVE-2016-1640 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1640.html CVE-2016-1640 https://bugzilla.suse.com/969333 SUSE Bug 969333 Use-after-free vulnerability in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering an image download after a certain data structure is deleted, as demonstrated by a favicon.ico download. CVE-2016-1641 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1641.html CVE-2016-1641 https://bugzilla.suse.com/969333 SUSE Bug 969333 Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-1642 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1642.html CVE-2016-1642 https://bugzilla.suse.com/969333 SUSE Bug 969333 The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent shadow DOM, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." CVE-2016-1643 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1643.html CVE-2016-1643 https://bugzilla.suse.com/970514 SUSE Bug 970514 WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted HTML document. CVE-2016-1644 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1644.html CVE-2016-1644 https://bugzilla.suse.com/970509 SUSE Bug 970509 Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2016-1645 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1645.html CVE-2016-1645 https://bugzilla.suse.com/970511 SUSE Bug 970511 The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code. CVE-2016-1646 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1646.html CVE-2016-1646 https://bugzilla.suse.com/972834 SUSE Bug 972834 https://bugzilla.suse.com/973166 SUSE Bug 973166 Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2016-1647 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1647.html CVE-2016-1647 https://bugzilla.suse.com/972834 SUSE Bug 972834 https://bugzilla.suse.com/973166 SUSE Bug 973166 Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code. CVE-2016-1648 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1648.html CVE-2016-1648 https://bugzilla.suse.com/972834 SUSE Bug 972834 https://bugzilla.suse.com/973166 SUSE Bug 973166 The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted shader stages. CVE-2016-1649 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1649.html CVE-2016-1649 https://bugzilla.suse.com/972834 SUSE Bug 972834 https://bugzilla.suse.com/973166 SUSE Bug 973166 The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/page_capture/page_capture_api.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by triggering an error in creating an MHTML document. CVE-2016-1650 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1650.html CVE-2016-1650 https://bugzilla.suse.com/972834 SUSE Bug 972834 https://bugzilla.suse.com/973166 SUSE Bug 973166 fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 50.0.2661.75, does not properly implement the sycc420_to_rgb and sycc422_to_rgb functions, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via crafted JPEG 2000 data in a PDF document. CVE-2016-1651 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1651.html CVE-2016-1651 https://bugzilla.suse.com/975572 SUSE Bug 975572 Cross-site scripting (XSS) vulnerability in the ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the Extensions subsystem in Google Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)." CVE-2016-1652 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1652.html CVE-2016-1652 https://bugzilla.suse.com/975572 SUSE Bug 975572 The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related to compiler/pipeline.cc and compiler/simplified-lowering.cc. CVE-2016-1653 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1653.html CVE-2016-1653 https://bugzilla.suse.com/975572 SUSE Bug 975572 The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service (invalid read operation) via unknown vectors. CVE-2016-1654 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1654.html CVE-2016-1654 https://bugzilla.suse.com/975572 SUSE Bug 975572 Google Chrome before 50.0.2661.75 does not properly consider that frame removal may occur during callback execution, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted extension. CVE-2016-1655 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1655.html CVE-2016-1655 https://bugzilla.suse.com/975572 SUSE Bug 975572 The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote attackers to bypass intended pathname restrictions via unspecified vectors. CVE-2016-1656 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1656.html CVE-2016-1656 https://bugzilla.suse.com/975572 SUSE Bug 975572 The WebContentsImpl::FocusLocationBarByDefault function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 50.0.2661.75 mishandles focus for certain about:blank pages, which allows remote attackers to spoof the address bar via a crafted URL. CVE-2016-1657 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1657.html CVE-2016-1657 https://bugzilla.suse.com/975572 SUSE Bug 975572 The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension. CVE-2016-1658 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1658.html CVE-2016-1658 https://bugzilla.suse.com/975572 SUSE Bug 975572 Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-1659 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1659.html CVE-2016-1659 https://bugzilla.suse.com/975572 SUSE Bug 975572 Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site. CVE-2016-1660 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1660.html CVE-2016-1660 https://bugzilla.suse.com/977830 SUSE Bug 977830 Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp. CVE-2016-1661 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1661.html CVE-2016-1661 https://bugzilla.suse.com/977830 SUSE Bug 977830 extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. CVE-2016-1662 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1662.html CVE-2016-1662 https://bugzilla.suse.com/977830 SUSE Bug 977830 The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site. CVE-2016-1663 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1663.html CVE-2016-1663 https://bugzilla.suse.com/977830 SUSE Bug 977830 The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site. CVE-2016-1664 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1664.html CVE-2016-1664 https://bugzilla.suse.com/977830 SUSE Bug 977830 The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code. CVE-2016-1665 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1665.html CVE-2016-1665 https://bugzilla.suse.com/977830 SUSE Bug 977830 Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-1666 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1666.html CVE-2016-1666 https://bugzilla.suse.com/977830 SUSE Bug 977830 The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. CVE-2016-1667 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1667.html CVE-2016-1667 https://bugzilla.suse.com/979859 SUSE Bug 979859 The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.102, uses an improper creation context, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. CVE-2016-1668 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1668.html CVE-2016-1668 https://bugzilla.suse.com/979859 SUSE Bug 979859 The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code. CVE-2016-1669 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1669.html CVE-2016-1669 https://bugzilla.suse.com/979859 SUSE Bug 979859 https://bugzilla.suse.com/987919 SUSE Bug 987919 Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID. CVE-2016-1670 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1670.html CVE-2016-1670 https://bugzilla.suse.com/979859 SUSE Bug 979859 The ModuleSystem::RequireForJsInner function in extensions/renderer/module_system.cc in the extension bindings in Google Chrome before 51.0.2704.63 mishandles properties, which allows remote attackers to conduct bindings-interception attacks and bypass the Same Origin Policy via unspecified vectors. CVE-2016-1672 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1672.html CVE-2016-1672 https://bugzilla.suse.com/981886 SUSE Bug 981886 Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. CVE-2016-1673 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1673.html CVE-2016-1673 https://bugzilla.suse.com/981886 SUSE Bug 981886 The extensions subsystem in Google Chrome before 51.0.2704.63 allows remote attackers to bypass the Same Origin Policy via unspecified vectors. CVE-2016-1674 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1674.html CVE-2016-1674 https://bugzilla.suse.com/981886 SUSE Bug 981886 Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp. CVE-2016-1675 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1675.html CVE-2016-1675 https://bugzilla.suse.com/981886 SUSE Bug 981886 extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.63 does not properly use prototypes, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. CVE-2016-1676 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1676.html CVE-2016-1676 https://bugzilla.suse.com/981886 SUSE Bug 981886 uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion." CVE-2016-1677 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1677.html CVE-2016-1677 https://bugzilla.suse.com/981886 SUSE Bug 981886 objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code. CVE-2016-1678 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1678.html CVE-2016-1678 https://bugzilla.suse.com/981886 SUSE Bug 981886 The ToV8Value function in content/child/v8_value_converter_impl.cc in the V8 bindings in Google Chrome before 51.0.2704.63 does not properly restrict use of getters and setters, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code. CVE-2016-1679 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1679.html CVE-2016-1679 https://bugzilla.suse.com/981886 SUSE Bug 981886 Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors. CVE-2016-1680 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1680.html CVE-2016-1680 https://bugzilla.suse.com/981886 SUSE Bug 981886 Heap-based buffer overflow in the opj_j2k_read_SPCod_SPCoc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document. CVE-2016-1681 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1681.html CVE-2016-1681 https://bugzilla.suse.com/981886 SUSE Bug 981886 The ServiceWorkerContainer::registerServiceWorkerImpl function in WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp in Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a ServiceWorker registration. CVE-2016-1682 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1682.html CVE-2016-1682 https://bugzilla.suse.com/981886 SUSE Bug 981886 numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document. CVE-2016-1683 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1683.html CVE-2016-1683 https://bugzilla.suse.com/981886 SUSE Bug 981886 numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document. CVE-2016-1684 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1684.html CVE-2016-1684 https://bugzilla.suse.com/981886 SUSE Bug 981886 core/fxge/ge/fx_ge_text.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, miscalculates certain index values, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. CVE-2016-1685 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1685.html CVE-2016-1685 https://bugzilla.suse.com/981886 SUSE Bug 981886 The CPDF_DIBSource::CreateDecoder function in core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, mishandles decoder-initialization failure, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document. CVE-2016-1686 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1686.html CVE-2016-1686 https://bugzilla.suse.com/981886 SUSE Bug 981886 The renderer implementation in Google Chrome before 51.0.2704.63 does not properly restrict public exposure of classes, which allows remote attackers to obtain sensitive information via vectors related to extensions. CVE-2016-1687 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1687.html CVE-2016-1687 https://bugzilla.suse.com/981886 SUSE Bug 981886 The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted JavaScript code. CVE-2016-1688 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1688.html CVE-2016-1688 https://bugzilla.suse.com/981886 SUSE Bug 981886 Heap-based buffer overflow in content/renderer/media/canvas_capture_handler.cc in Google Chrome before 51.0.2704.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site. CVE-2016-1689 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1689.html CVE-2016-1689 https://bugzilla.suse.com/981886 SUSE Bug 981886 The Autofill implementation in Google Chrome before 51.0.2704.63 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1701. CVE-2016-1690 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1690.html CVE-2016-1690 https://bugzilla.suse.com/981886 SUSE Bug 981886 Skia, as used in Google Chrome before 51.0.2704.63, mishandles coincidence runs, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted curves, related to SkOpCoincidence.cpp and SkPathOpsCommon.cpp. CVE-2016-1691 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1691.html CVE-2016-1691 https://bugzilla.suse.com/981886 SUSE Bug 981886 WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704.63, permits cross-origin loading of CSS stylesheets by a ServiceWorker even when the stylesheet download has an incorrect MIME type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. CVE-2016-1692 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1692.html CVE-2016-1692 https://bugzilla.suse.com/981886 SUSE Bug 981886 browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use the HTTPS service on dl.google.com to obtain the Software Removal Tool, which allows remote attackers to spoof the chrome_cleanup_tool.exe (aka CCT) file via a man-in-the-middle attack on an HTTP session. CVE-2016-1693 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1693.html CVE-2016-1693 https://bugzilla.suse.com/981886 SUSE Bug 981886 browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP pins during cache clearing, which makes it easier for remote attackers to spoof web sites via a valid certificate from an arbitrary recognized Certification Authority. CVE-2016-1694 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1694.html CVE-2016-1694 https://bugzilla.suse.com/981886 SUSE Bug 981886 Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.63 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-1695 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1695.html CVE-2016-1695 https://bugzilla.suse.com/981886 SUSE Bug 981886 The extensions subsystem in Google Chrome before 51.0.2704.79 does not properly restrict bindings access, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors. CVE-2016-1696 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1696.html CVE-2016-1696 https://bugzilla.suse.com/982719 SUSE Bug 982719 The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. CVE-2016-1697 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1697.html CVE-2016-1697 https://bugzilla.suse.com/982719 SUSE Bug 982719 The createCustomType function in extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.79 does not validate module types, which might allow attackers to load arbitrary modules or obtain sensitive information by leveraging a poisoned definition. CVE-2016-1698 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1698.html CVE-2016-1698 https://bugzilla.suse.com/982719 SUSE Bug 982719 WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 51.0.2704.79, does not ensure that the remoteFrontendUrl parameter is associated with a chrome-devtools-frontend.appspot.com URL, which allows remote attackers to bypass intended access restrictions via a crafted URL. CVE-2016-1699 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1699.html CVE-2016-1699 https://bugzilla.suse.com/982719 SUSE Bug 982719 extensions/renderer/runtime_custom_bindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to extensions. CVE-2016-1700 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1700.html CVE-2016-1700 https://bugzilla.suse.com/982719 SUSE Bug 982719 The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690. CVE-2016-1701 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1701.html CVE-2016-1701 https://bugzilla.suse.com/982719 SUSE Bug 982719 The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data. CVE-2016-1702 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1702.html CVE-2016-1702 https://bugzilla.suse.com/982719 SUSE Bug 982719 Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-1703 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1703.html CVE-2016-1703 https://bugzilla.suse.com/982719 SUSE Bug 982719 Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-1704 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1704.html CVE-2016-1704 https://bugzilla.suse.com/985397 SUSE Bug 985397 Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-1705 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1705.html CVE-2016-1705 https://bugzilla.suse.com/989901 SUSE Bug 989901 The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC messages to the plugin broker process that should have come from the browser process, which allows remote attackers to bypass a sandbox protection mechanism via an unexpected message type, related to broker_process_dispatcher.cc, ppapi_plugin_process_host.cc, ppapi_thread.cc, and render_frame_message_filter.cc. CVE-2016-1706 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1706.html CVE-2016-1706 https://bugzilla.suse.com/989901 SUSE Bug 989901 ios/web/web_state/ui/crw_web_controller.mm in Google Chrome before 52.0.2743.82 on iOS does not ensure that an invalid URL is replaced with the about:blank URL, which allows remote attackers to spoof the URL display via a crafted web site. CVE-2016-1707 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1707.html CVE-2016-1707 https://bugzilla.suse.com/989901 SUSE Bug 989901 The Chrome Web Store inline-installation implementation in the Extensions subsystem in Google Chrome before 52.0.2743.82 does not properly consider object lifetimes during progress observation, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site. CVE-2016-1708 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1708.html CVE-2016-1708 https://bugzilla.suse.com/989901 SUSE Bug 989901 Heap-based buffer overflow in the ByteArray::Get method in data/byte_array.cc in Google sfntly before 2016-06-10, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SFNT font. CVE-2016-1709 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1709.html CVE-2016-1709 https://bugzilla.suse.com/989901 SUSE Bug 989901 The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. CVE-2016-1710 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1710.html CVE-2016-1710 https://bugzilla.suse.com/989901 SUSE Bug 989901 WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. CVE-2016-1711 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1711.html CVE-2016-1711 https://bugzilla.suse.com/989901 SUSE Bug 989901 Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-3679 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-3679.html CVE-2016-3679 https://bugzilla.suse.com/972834 SUSE Bug 972834 https://bugzilla.suse.com/973166 SUSE Bug 973166 Use-after-free vulnerability in WebKit/Source/core/editing/VisibleUnits.cpp in Blink, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code involving an @import at-rule in a Cascading Style Sheets (CSS) token sequence in conjunction with a rel=import attribute of a LINK element. CVE-2016-5127 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5127.html CVE-2016-5127 https://bugzilla.suse.com/989901 SUSE Bug 989901 objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. CVE-2016-5128 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5128.html CVE-2016-5128 https://bugzilla.suse.com/989901 SUSE Bug 989901 Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code. CVE-2016-5129 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5129.html CVE-2016-5129 https://bugzilla.suse.com/989901 SUSE Bug 989901 content/renderer/history_controller.cc in Google Chrome before 52.0.2743.82 does not properly restrict multiple uses of a JavaScript forward method, which allows remote attackers to spoof the URL display via a crafted web site. CVE-2016-5130 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5130.html CVE-2016-5130 https://bugzilla.suse.com/989901 SUSE Bug 989901 Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. CVE-2016-5131 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5131.html CVE-2016-5131 https://bugzilla.suse.com/1014873 SUSE Bug 1014873 https://bugzilla.suse.com/1069433 SUSE Bug 1069433 https://bugzilla.suse.com/1078813 SUSE Bug 1078813 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 https://bugzilla.suse.com/989901 SUSE Bug 989901 The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows remote attackers to bypass the Same Origin Policy via an https IFRAME element inside an http IFRAME element. CVE-2016-5132 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5132.html CVE-2016-5132 https://bugzilla.suse.com/989901 SUSE Bug 989901 Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect credential storage by modifying the client-server data stream. CVE-2016-5133 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5133.html CVE-2016-5133 https://bugzilla.suse.com/989901 SUSE Bug 989901 net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in Google Chrome before 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows remote attackers to discover credentials by operating a server with a PAC script, a related issue to CVE-2016-3763. CVE-2016-5134 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5134.html CVE-2016-5134 https://bugzilla.suse.com/989901 SUSE Bug 989901 WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted web site, as demonstrated by a "Content-Security-Policy: referrer origin-when-cross-origin" header that overrides a "<META name='referrer' content='no-referrer'>" element. CVE-2016-5135 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5135.html CVE-2016-5135 https://bugzilla.suse.com/989901 SUSE Bug 989901 Use-after-free vulnerability in extensions/renderer/user_script_injector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to script deletion. CVE-2016-5136 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5136.html CVE-2016-5136 https://bugzilla.suse.com/989901 SUSE Bug 989901 The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 52.0.2743.82, does not apply http :80 policies to https :443 URLs and does not apply ws :80 policies to wss :443 URLs, which makes it easier for remote attackers to determine whether a specific HSTS web site has been visited by reading a CSP report. NOTE: this vulnerability is associated with a specification change after CVE-2016-1617 resolution. CVE-2016-5137 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5137.html CVE-2016-5137 https://bugzilla.suse.com/989901 SUSE Bug 989901 Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2016-5139 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5139.html CVE-2016-5139 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992311 SUSE Bug 992311 https://bugzilla.suse.com/992325 SUSE Bug 992325 Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2016-5140 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5140.html CVE-2016-5140 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992310 SUSE Bug 992310 https://bugzilla.suse.com/992325 SUSE Bug 992325 Blink, as used in Google Chrome before 52.0.2743.116, allows remote attackers to spoof the address bar via vectors involving a provisional URL for an initially empty document, related to FrameLoader.cpp and ScopedPageLoadDeferrer.cpp. CVE-2016-5141 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5141.html CVE-2016-5141 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992314 SUSE Bug 992314 https://bugzilla.suse.com/992325 SUSE Bug 992325 The Web Cryptography API (aka WebCrypto) implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code, related to NormalizeAlgorithm.cpp and SubtleCrypto.cpp. CVE-2016-5142 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5142.html CVE-2016-5142 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992313 SUSE Bug 992313 https://bugzilla.suse.com/992325 SUSE Bug 992325 The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL, a different vulnerability than CVE-2016-5144. CVE-2016-5143 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5143.html CVE-2016-5143 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992319 SUSE Bug 992319 https://bugzilla.suse.com/992325 SUSE Bug 992325 The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL, a different vulnerability than CVE-2016-5143. CVE-2016-5144 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5144.html CVE-2016-5144 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992315 SUSE Bug 992315 https://bugzilla.suse.com/992325 SUSE Bug 992325 Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. CVE-2016-5145 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5145.html CVE-2016-5145 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992320 SUSE Bug 992320 https://bugzilla.suse.com/992325 SUSE Bug 992325 Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-5146 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5146.html CVE-2016-5146 https://bugzilla.suse.com/992305 SUSE Bug 992305 https://bugzilla.suse.com/992309 SUSE Bug 992309 https://bugzilla.suse.com/992325 SUSE Bug 992325 Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles deferred page loads, which allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)." CVE-2016-5147 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5147.html CVE-2016-5147 https://bugzilla.suse.com/996648 SUSE Bug 996648 Cross-site scripting (XSS) vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML via vectors related to widget updates, aka "Universal XSS (UXSS)." CVE-2016-5148 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5148.html CVE-2016-5148 https://bugzilla.suse.com/996648 SUSE Bug 996648 The extensions subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux relies on an IFRAME source URL to identify an associated extension, which allows remote attackers to conduct extension-bindings injection attacks by leveraging script access to a resource that initially has the about:blank URL. CVE-2016-5149 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5149.html CVE-2016-5149 https://bugzilla.suse.com/996648 SUSE Bug 996648 WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, has an Indexed Database (aka IndexedDB) API implementation that does not properly restrict key-path evaluation, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code that leverages certain side effects. CVE-2016-5150 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5150.html CVE-2016-5150 https://bugzilla.suse.com/996648 SUSE Bug 996648 PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux mishandles timers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/javascript/JS_Object.cpp and fpdfsdk/javascript/app.cpp. CVE-2016-5151 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5151.html CVE-2016-5151 https://bugzilla.suse.com/996648 SUSE Bug 996648 Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2016-5152 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5152.html CVE-2016-5152 https://bugzilla.suse.com/996648 SUSE Bug 996648 The Web Animations implementation in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, improperly relies on list iteration, which allows remote attackers to cause a denial of service (use-after-destruction) or possibly have unspecified other impact via a crafted web site. CVE-2016-5153 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5153.html CVE-2016-5153 https://bugzilla.suse.com/996648 SUSE Bug 996648 Multiple heap-based buffer overflows in PDFium, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JBig2 image. CVE-2016-5154 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5154.html CVE-2016-5154 https://bugzilla.suse.com/996648 SUSE Bug 996648 Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly validate access to the initial document, which allows remote attackers to spoof the address bar via a crafted web site. CVE-2016-5155 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5155.html CVE-2016-5155 https://bugzilla.suse.com/996648 SUSE Bug 996648 extensions/renderer/event_bindings.cc in the event bindings in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux attempts to process filtered events after failure to add an event matcher, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors. CVE-2016-5156 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5156.html CVE-2016-5156 https://bugzilla.suse.com/996648 SUSE Bug 996648 Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data. CVE-2016-5157 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5157.html CVE-2016-5157 https://bugzilla.suse.com/996648 SUSE Bug 996648 Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data. CVE-2016-5158 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5158.html CVE-2016-5158 https://bugzilla.suse.com/996648 SUSE Bug 996648 Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c. CVE-2016-5159 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5159.html CVE-2016-5159 https://bugzilla.suse.com/996648 SUSE Bug 996648 The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json web_accessible_resources field for restrictions on IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks, and trick users into changing extension settings, via a crafted web site, a different vulnerability than CVE-2016-5162. CVE-2016-5160 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5160.html CVE-2016-5160 https://bugzilla.suse.com/996648 SUSE Bug 996648 The EditingStyle::mergeStyle function in WebKit/Source/core/editing/EditingStyle.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, mishandles custom properties, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site that leverages "type confusion" in the StylePropertySerializer class. CVE-2016-5161 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5161.html CVE-2016-5161 https://bugzilla.suse.com/996648 SUSE Bug 996648 The AllowCrossRendererResourceLoad function in extensions/browser/url_request_util.cc in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly use an extension's manifest.json web_accessible_resources field for restrictions on IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks, and trick users into changing extension settings, via a crafted web site, a different vulnerability than CVE-2016-5160. CVE-2016-5162 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5162.html CVE-2016-5162 https://bugzilla.suse.com/996648 SUSE Bug 996648 The bidirectional-text implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not ensure left-to-right (LTR) rendering of URLs, which allows remote attackers to spoof the address bar via crafted right-to-left (RTL) Unicode text, related to omnibox/SuggestionView.java and omnibox/UrlBar.java in Chrome for Android. CVE-2016-5163 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5163.html CVE-2016-5163 https://bugzilla.suse.com/996648 SUSE Bug 996648 Cross-site scripting (XSS) vulnerability in WebKit/Source/platform/v8_inspector/V8Debugger.cpp in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML into the Developer Tools (aka DevTools) subsystem via a crafted web site, aka "Universal XSS (UXSS)." CVE-2016-5164 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5164.html CVE-2016-5164 https://bugzilla.suse.com/996648 SUSE Bug 996648 Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allows remote attackers to inject arbitrary web script or HTML via the settings parameter in a chrome-devtools-frontend.appspot.com URL's query string. CVE-2016-5165 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5165.html CVE-2016-5165 https://bugzilla.suse.com/996648 SUSE Bug 996648 The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and conduct SMB relay attacks via a crafted web page that is accessed with the "Save page as" menu choice. CVE-2016-5166 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5166.html CVE-2016-5166 https://bugzilla.suse.com/996648 SUSE Bug 996648 WebKit/Source/bindings/modules/v8/V8BindingForModules.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not properly consider getter side effects during array key conversion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Indexed Database (aka IndexedDB) API calls. CVE-2016-5170 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5170.html CVE-2016-5170 https://bugzilla.suse.com/998743 SUSE Bug 998743 WebKit/Source/bindings/templates/interface.cpp in Blink, as used in Google Chrome before 53.0.2785.113, does not prevent certain constructor calls, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted JavaScript code. CVE-2016-5171 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5171.html CVE-2016-5171 https://bugzilla.suse.com/998743 SUSE Bug 998743 The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code. CVE-2016-5172 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5172.html CVE-2016-5172 https://bugzilla.suse.com/998743 SUSE Bug 998743 The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access to Object.prototype, which allows remote attackers to load unintended resources, and consequently trigger unintended JavaScript function calls and bypass the Same Origin Policy via an indirect interception attack. CVE-2016-5173 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5173.html CVE-2016-5173 https://bugzilla.suse.com/998743 SUSE Bug 998743 browser/ui/cocoa/browser_window_controller_private.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service (unsuppressed popup) via a crafted web site. CVE-2016-5174 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5174.html CVE-2016-5174 https://bugzilla.suse.com/998743 SUSE Bug 998743 Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.113 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-5175 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5175.html CVE-2016-5175 https://bugzilla.suse.com/998743 SUSE Bug 998743 Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. CVE-2016-5177 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5177.html CVE-2016-5177 https://bugzilla.suse.com/1002140 SUSE Bug 1002140 Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-5178 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5178.html CVE-2016-5178 https://bugzilla.suse.com/1002140 SUSE Bug 1002140 Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android permitted execution of v8 microtasks while the DOM was in an inconsistent state, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via crafted HTML pages. CVE-2016-5181 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5181.html CVE-2016-5181 https://bugzilla.suse.com/1004465 SUSE Bug 1004465 Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages. CVE-2016-5182 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5182.html CVE-2016-5182 https://bugzilla.suse.com/1004465 SUSE Bug 1004465 A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files. CVE-2016-5183 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5183.html CVE-2016-5183 https://bugzilla.suse.com/1004465 SUSE Bug 1004465 PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFL_FormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files. CVE-2016-5184 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5184.html CVE-2016-5184 https://bugzilla.suse.com/1004465 SUSE Bug 1004465 Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly allowed reentrance of FrameView::updateLifecyclePhasesInternal(), which allowed a remote attacker to perform an out of bounds memory read via crafted HTML pages. CVE-2016-5185 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5185.html CVE-2016-5185 https://bugzilla.suse.com/1004465 SUSE Bug 1004465 Devtools in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled objects after a tab crash, which allowed a remote attacker to perform an out of bounds memory read via crafted PDF files. CVE-2016-5186 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5186.html CVE-2016-5186 https://bugzilla.suse.com/1004465 SUSE Bug 1004465 Google Chrome prior to 54.0.2840.85 for Android incorrectly handled rapid transition into and out of full screen mode, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages. CVE-2016-5187 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5187.html CVE-2016-5187 https://bugzilla.suse.com/1004465 SUSE Bug 1004465 Multiple issues in Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux allow a remote attacker to spoof various parts of browser UI via crafted HTML pages. CVE-2016-5188 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5188.html CVE-2016-5188 https://bugzilla.suse.com/1004465 SUSE Bug 1004465 Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android permitted navigation to blob URLs with non-canonical origins, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages. CVE-2016-5189 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5189.html CVE-2016-5189 https://bugzilla.suse.com/1004465 SUSE Bug 1004465 Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles during shutdown, which allowed a remote attacker to perform an out of bounds memory read via crafted HTML pages. CVE-2016-5190 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5190.html CVE-2016-5190 https://bugzilla.suse.com/1004465 SUSE Bug 1004465 Bookmark handling in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation of supplied data, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via crafted HTML pages, as demonstrated by an interpretation conflict between userinfo and scheme in an http://javascript:payload@example.com URL. CVE-2016-5191 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5191.html CVE-2016-5191 https://bugzilla.suse.com/1004465 SUSE Bug 1004465 Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS check on redirect in TextTrackLoader, which allowed a remote attacker to bypass cross-origin restrictions via crafted HTML pages. CVE-2016-5192 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5192.html CVE-2016-5192 https://bugzilla.suse.com/1004465 SUSE Bug 1004465 Google Chrome prior to 54.0 for iOS had insufficient validation of URLs for windows open by DOM, which allowed a remote attacker to bypass restrictions on navigation to certain URL schemes via crafted HTML pages. CVE-2016-5193 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5193.html CVE-2016-5193 https://bugzilla.suse.com/1004465 SUSE Bug 1004465 V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page. CVE-2016-5198 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5198.html CVE-2016-5198 https://bugzilla.suse.com/1008274 SUSE Bug 1008274 An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file. CVE-2016-5199 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5199.html CVE-2016-5199 https://bugzilla.suse.com/1009892 SUSE Bug 1009892 V8 in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android incorrectly applied type rules, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2016-5200 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5200.html CVE-2016-5200 https://bugzilla.suse.com/1009893 SUSE Bug 1009893 A leak of privateClass in the extensions API in Google Chrome prior to 54.0.2840.100 for Linux, and 54.0.2840.99 for Windows, and 54.0.2840.98 for Mac allowed a remote attacker to access privileged JavaScript code via a crafted HTML page. CVE-2016-5201 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5201.html CVE-2016-5201 https://bugzilla.suse.com/1009894 SUSE Bug 1009894 browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before 54.0.2840.100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will destroy. CVE-2016-5202 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5202.html CVE-2016-5202 https://bugzilla.suse.com/1009895 SUSE Bug 1009895 Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. CVE-2016-5204 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5204.html CVE-2016-5204 https://bugzilla.suse.com/1013236 SUSE Bug 1013236 A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2016-5211 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5211.html CVE-2016-5211 https://bugzilla.suse.com/1013236 SUSE Bug 1013236 The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page. CVE-2016-5217 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5217.html CVE-2016-5217 https://bugzilla.suse.com/1013236 SUSE Bug 1013236 Incorrect handling of invalid URLs in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2016-5222 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5222.html CVE-2016-5222 https://bugzilla.suse.com/1013236 SUSE Bug 1013236 A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page. CVE-2016-5224 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5224.html CVE-2016-5224 https://bugzilla.suse.com/1013236 SUSE Bug 1013236 A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2016-9651 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-9651.html CVE-2016-9651 https://bugzilla.suse.com/1013236 SUSE Bug 1013236 An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution. CVE-2017-11215 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-11215.html CVE-2017-11215 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK metadata functionality. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution. CVE-2017-11225 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-11225.html CVE-2017-11225 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Incorrect implementation in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2017-15386 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15386.html CVE-2017-15386 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page. CVE-2017-15387 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15387.html CVE-2017-15387 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 Iteration through non-finite points in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-15388 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15388.html CVE-2017-15388 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 An insufficient watchdog timer in navigation in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2017-15389 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15389.html CVE-2017-15389 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-15390 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15390.html CVE-2017-15390 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to access Extension pages without authorisation via a crafted HTML page. CVE-2017-15391 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15391.html CVE-2017-15391 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 Insufficient data validation in V8 in Google Chrome prior to 62.0.3202.62 allowed an attacker who can write to the Windows Registry to potentially exploit heap corruption via a crafted Windows Registry entry, related to PlatformIntegration. CVE-2017-15392 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15392.html CVE-2017-15392 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak. CVE-2017-15393 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15393.html CVE-2017-15393 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing in permission dialogs via IDN homographs in a crafted Chrome Extension. CVE-2017-15394 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15394.html CVE-2017-15394 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 A use after free in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an ImageCapture NULL pointer dereference. CVE-2017-15395 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15395.html CVE-2017-15395 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15396 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15396.html CVE-2017-15396 https://bugzilla.suse.com/1065405 SUSE Bug 1065405 A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server. CVE-2017-15398 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15398.html CVE-2017-15398 https://bugzilla.suse.com/1066851 SUSE Bug 1066851 https://bugzilla.suse.com/1066853 SUSE Bug 1066853 A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15399 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15399.html CVE-2017-15399 https://bugzilla.suse.com/1066851 SUSE Bug 1066851 https://bugzilla.suse.com/1066853 SUSE Bug 1066853 Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server. CVE-2017-15407 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15407.html CVE-2017-15407 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium. CVE-2017-15408 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15408.html CVE-2017-15408 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15409 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15409.html CVE-2017-15409 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2017-15410 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15410.html CVE-2017-15410 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2017-15411 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15411.html CVE-2017-15411 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15412 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15412.html CVE-2017-15412 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 https://bugzilla.suse.com/1077993 SUSE Bug 1077993 https://bugzilla.suse.com/1123129 SUSE Bug 1123129 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-15413 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15413.html CVE-2017-15413 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Incorrect serialization in IPC in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the value of a pointer via a crafted HTML page. CVE-2017-15415 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15415.html CVE-2017-15415 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Heap buffer overflow in Blob API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka a Blink out-of-bounds read. CVE-2017-15416 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15416.html CVE-2017-15416 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Inappropriate implementation in Skia canvas composite operations in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2017-15417 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15417.html CVE-2017-15417 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Use of uninitialized memory in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2017-15418 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15418.html CVE-2017-15418 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Insufficient policy enforcement in Resource Timing API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to infer browsing history by triggering a leaked cross-origin URL via a crafted HTML page. CVE-2017-15419 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15419.html CVE-2017-15419 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Incorrect handling of back navigations in error pages in Navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2017-15420 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15420.html CVE-2017-15420 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-15422 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15422.html CVE-2017-15422 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 https://bugzilla.suse.com/1077999 SUSE Bug 1077999 https://bugzilla.suse.com/1123121 SUSE Bug 1123121 Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic. CVE-2017-15423 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15423.html CVE-2017-15423 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-15424 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15424.html CVE-2017-15424 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-15425 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15425.html CVE-2017-15425 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-15426 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15426.html CVE-2017-15426 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar. CVE-2017-15427 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15427.html CVE-2017-15427 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. CVE-2017-15429 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15429.html CVE-2017-15429 https://bugzilla.suse.com/1072976 SUSE Bug 1072976 Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. CVE-2017-15430 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-15430.html CVE-2017-15430 https://bugzilla.suse.com/1071691 SUSE Bug 1071691 https://bugzilla.suse.com/1106341 SUSE Bug 1106341 Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled object owner relationships, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. CVE-2017-5006 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5006.html CVE-2017-5006 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled the sequence of events when closing a page, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. CVE-2017-5007 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5007.html CVE-2017-5007 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed attacker controlled JavaScript to be run during the invocation of a private script method, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. CVE-2017-5008 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5008.html CVE-2017-5008 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 WebRTC in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-5009 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5009.html CVE-2017-5009 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, resolved promises in an inappropriate context, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. CVE-2017-5010 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5010.html CVE-2017-5010 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Google Chrome prior to 56.0.2924.76 for Windows insufficiently sanitized DevTools URLs, which allowed a remote attacker who convinced a user to install a malicious extension to read filesystem contents via a crafted HTML page. CVE-2017-5011 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5011.html CVE-2017-5011 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 A heap buffer overflow in V8 in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-5012 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5012.html CVE-2017-5012 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Google Chrome prior to 56.0.2924.76 for Linux incorrectly handled new tab page navigations in non-selected tabs, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2017-5013 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5013.html CVE-2017-5013 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Heap buffer overflow during image processing in Skia in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5014 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5014.html CVE-2017-5014 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled Unicode glyphs, which allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-5015 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5015.html CVE-2017-5015 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to prevent certain UI elements from being displayed by non-visible pages, which allowed a remote attacker to show certain UI elements on a page they don't control via a crafted HTML page. CVE-2017-5016 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5016.html CVE-2017-5016 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Interactions with the OS in Google Chrome prior to 56.0.2924.76 for Mac insufficiently cleared video memory, which allowed a remote attacker to possibly extract image fragments on systems with GeForce 8600M graphics chips via a crafted HTML page. CVE-2017-5017 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5017.html CVE-2017-5017 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. CVE-2017-5018 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5018.html CVE-2017-5018 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-5019 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5019.html CVE-2017-5019 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to require a user gesture for powerful download operations, which allowed a remote attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted HTML page. CVE-2017-5020 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5020.html CVE-2017-5020 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5021 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5021.html CVE-2017-5021 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2017-5022 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5022.html CVE-2017-5022 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page. CVE-2017-5023 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5023.html CVE-2017-5023 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file. CVE-2017-5024 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5024.html CVE-2017-5024 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file. CVE-2017-5025 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5025.html CVE-2017-5025 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, which allowed a remote attacker to show alerts on a page they don't control via a crafted HTML page. CVE-2017-5026 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5026.html CVE-2017-5026 https://bugzilla.suse.com/1022049 SUSE Bug 1022049 Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page. CVE-2017-5030 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5030.html CVE-2017-5030 https://bugzilla.suse.com/1028848 SUSE Bug 1028848 https://bugzilla.suse.com/1028875 SUSE Bug 1028875 Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site. CVE-2017-5035 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5035.html CVE-2017-5035 https://bugzilla.suse.com/1028848 SUSE Bug 1028848 https://bugzilla.suse.com/1028875 SUSE Bug 1028875 Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward navigation, which allowed a remote attacker to display incorrect information for a site via a crafted HTML page. CVE-2017-5041 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5041.html CVE-2017-5041 https://bugzilla.suse.com/1028848 SUSE Bug 1028848 https://bugzilla.suse.com/1028875 SUSE Bug 1028875 Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5044 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5044.html CVE-2017-5044 https://bugzilla.suse.com/1028848 SUSE Bug 1028848 https://bugzilla.suse.com/1028875 SUSE Bug 1028875 An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting. CVE-2017-5052 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5052.html CVE-2017-5052 https://bugzilla.suse.com/1031677 SUSE Bug 1031677 An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf. CVE-2017-5053 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5053.html CVE-2017-5053 https://bugzilla.suse.com/1031677 SUSE Bug 1031677 An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to obtain heap memory contents via a crafted HTML page. CVE-2017-5054 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5054.html CVE-2017-5054 https://bugzilla.suse.com/1031677 SUSE Bug 1031677 A use after free in printing in Google Chrome prior to 57.0.2987.133 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5055 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5055.html CVE-2017-5055 https://bugzilla.suse.com/1031677 SUSE Bug 1031677 A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5056 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5056.html CVE-2017-5056 https://bugzilla.suse.com/1031677 SUSE Bug 1031677 Type confusion in PDFium in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. CVE-2017-5057 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5057.html CVE-2017-5057 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 A use after free in PrintPreview in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2017-5058 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5058.html CVE-2017-5058 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 Type confusion in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to potentially obtain code execution via a crafted HTML page. CVE-2017-5059 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5059.html CVE-2017-5059 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-5060 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5060.html CVE-2017-5060 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 A race condition in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2017-5061 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5061.html CVE-2017-5061 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension. CVE-2017-5062 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5062.html CVE-2017-5062 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 A numeric overflow in Skia in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5063 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5063.html CVE-2017-5063 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 Incorrect handling of DOM changes in Blink in Google Chrome prior to 58.0.3029.81 for Windows allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-5064 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5064.html CVE-2017-5064 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 Lack of an appropriate action on page navigation in Blink in Google Chrome prior to 58.0.3029.81 for Windows and Mac allowed a remote attacker to potentially confuse a user into making an incorrect security decision via a crafted HTML page. CVE-2017-5065 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5065.html CVE-2017-5065 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificate via a crafted HTML page. CVE-2017-5066 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5066.html CVE-2017-5066 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2017-5067 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5067.html CVE-2017-5067 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 Incorrect handling of picture ID in WebRTC in Google Chrome prior to 58.0.3029.96 for Mac, Windows, and Linux allowed a remote attacker to trigger a race condition via a crafted HTML page. CVE-2017-5068 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5068.html CVE-2017-5068 https://bugzilla.suse.com/1037594 SUSE Bug 1037594 Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to circumvent Cross-Origin Resource Sharing checks via a crafted HTML page. CVE-2017-5069 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5069.html CVE-2017-5069 https://bugzilla.suse.com/1035103 SUSE Bug 1035103 Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2017-5070 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5070.html CVE-2017-5070 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5071 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5071.html CVE-2017-5071 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a remote attacker to perform domain spoofing with RTL characters via a crafted URL page. CVE-2017-5072 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5072.html CVE-2017-5072 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Use after free in print preview in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5073 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5073.html CVE-2017-5073 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 A use after free in Chrome Apps in Google Chrome prior to 59.0.3071.86 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, related to Bluetooth. CVE-2017-5074 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5074.html CVE-2017-5074 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Inappropriate implementation in CSP reporting in Blink in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to obtain the value of url fragments via a crafted HTML page. CVE-2017-5075 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5075.html CVE-2017-5075 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-5076 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5076.html CVE-2017-5076 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Insufficient validation of untrusted input in Skia in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5077 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5077.html CVE-2017-5077 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Insufficient validation of untrusted input in Blink's mailto: handling in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac allowed a remote attacker to perform command injection via a crafted HTML page, a similar issue to CVE-2004-0121. For example, characters such as * have an incorrect interaction with xdg-email in xdg-utils, and a space character can be used in front of a command-line argument. CVE-2017-5078 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5078.html CVE-2017-5078 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page. CVE-2017-5079 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5079.html CVE-2017-5079 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5080 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5080.html CVE-2017-5080 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files. CVE-2017-5081 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5081.html CVE-2017-5081 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Failure to take advantage of available mitigations in credit card autofill in Google Chrome prior to 59.0.3071.92 for Android allowed a local attacker to take screen shots of credit card information via a crafted HTML page. CVE-2017-5082 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5082.html CVE-2017-5082 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page. CVE-2017-5083 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5083.html CVE-2017-5083 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Inappropriate implementation in Bookmarks in Google Chrome prior to 59 for iOS allowed a remote attacker who convinced the user to perform certain operations to run JavaScript on chrome:// pages via a crafted bookmark. CVE-2017-5085 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5085.html CVE-2017-5085 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Windows and Mac allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-5086 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5086.html CVE-2017-5086 https://bugzilla.suse.com/1042833 SUSE Bug 1042833 A use after free in Blink in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page, aka an IndexedDB sandbox escape. CVE-2017-5087 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5087.html CVE-2017-5087 https://bugzilla.suse.com/1044690 SUSE Bug 1044690 Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.104 for Mac, Windows, and Linux, and 59.0.3071.117 for Android, allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. CVE-2017-5088 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5088.html CVE-2017-5088 https://bugzilla.suse.com/1044690 SUSE Bug 1044690 Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.104 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name. CVE-2017-5089 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5089.html CVE-2017-5089 https://bugzilla.suse.com/1044690 SUSE Bug 1044690 A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5091 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5091.html CVE-2017-5091 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2017-5092 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5092.html CVE-2017-5092 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Inappropriate implementation in modal dialog handling in Blink in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to prevent a full screen warning from being displayed via a crafted HTML page. CVE-2017-5093 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5093.html CVE-2017-5093 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Type confusion in extensions JavaScript bindings in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted HTML page. CVE-2017-5094 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5094.html CVE-2017-5094 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit stack corruption via a crafted PDF file. CVE-2017-5095 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5095.html CVE-2017-5095 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Insufficient policy enforcement during navigation between different schemes in Google Chrome prior to 60.0.3112.78 for Android allowed a remote attacker to perform cross origin content download via a crafted HTML page, related to intents. CVE-2017-5096 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5096.html CVE-2017-5096 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Insufficient validation of untrusted input in Skia in Google Chrome prior to 60.0.3112.78 for Linux allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5097 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5097.html CVE-2017-5097 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 A use after free in V8 in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5098 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5098.html CVE-2017-5098 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to potentially gain privilege elevation via a crafted HTML page. CVE-2017-5099 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5099.html CVE-2017-5099 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 A use after free in Apps in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5100 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5100.html CVE-2017-5100 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Inappropriate implementation in Omnibox in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page. CVE-2017-5101 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5101.html CVE-2017-5101 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2017-5102 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5102.html CVE-2017-5102 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Use of an uninitialized value in Skia in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2017-5103 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5103.html CVE-2017-5103 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Inappropriate implementation in interstitials in Google Chrome prior to 60.0.3112.78 for Mac allowed a remote attacker to spoof the contents of the omnibox via a crafted HTML page. CVE-2017-5104 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5104.html CVE-2017-5104 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-5105 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5105.html CVE-2017-5105 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name. CVE-2017-5106 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5106.html CVE-2017-5106 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page. CVE-2017-5107 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5107.html CVE-2017-5107 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file. CVE-2017-5108 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5108.html CVE-2017-5108 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Inappropriate implementation of unload handler handling in permission prompts in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page. CVE-2017-5109 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5109.html CVE-2017-5109 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page. CVE-2017-5110 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5110.html CVE-2017-5110 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 A use after free in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file. CVE-2017-5111 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5111.html CVE-2017-5111 https://bugzilla.suse.com/1057364 SUSE Bug 1057364 Heap buffer overflow in WebGL in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2017-5112 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5112.html CVE-2017-5112 https://bugzilla.suse.com/1057364 SUSE Bug 1057364 Math overflow in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-5113 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5113.html CVE-2017-5113 https://bugzilla.suse.com/1057364 SUSE Bug 1057364 Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file. CVE-2017-5114 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5114.html CVE-2017-5114 https://bugzilla.suse.com/1057364 SUSE Bug 1057364 Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Windows allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. CVE-2017-5115 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5115.html CVE-2017-5115 https://bugzilla.suse.com/1057364 SUSE Bug 1057364 Type confusion in V8 in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2017-5116 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5116.html CVE-2017-5116 https://bugzilla.suse.com/1057364 SUSE Bug 1057364 Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Linux and Windows allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2017-5117 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5117.html CVE-2017-5117 https://bugzilla.suse.com/1057364 SUSE Bug 1057364 Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, failed to correctly propagate CSP restrictions to javascript scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2017-5118 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5118.html CVE-2017-5118 https://bugzilla.suse.com/1057364 SUSE Bug 1057364 Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2017-5119 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5119.html CVE-2017-5119 https://bugzilla.suse.com/1057364 SUSE Bug 1057364 Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page. In other words, Chrome could transmit cleartext even though the user had entered an https URL, because of a misdesigned workaround for cases where the domain name in a URL almost matches the domain name in an X.509 server certificate (but differs in the initial "www." substring). CVE-2017-5120 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5120.html CVE-2017-5120 https://bugzilla.suse.com/1057364 SUSE Bug 1057364 Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux, Windows, and Mac allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to the escape analysis phase. CVE-2017-5121 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5121.html CVE-2017-5121 https://bugzilla.suse.com/1060019 SUSE Bug 1060019 https://bugzilla.suse.com/1060020 SUSE Bug 1060020 Inappropriate use of table size handling in V8 in Google Chrome prior to 61.0.3163.100 for Windows allowed a remote attacker to trigger out-of-bounds access via a crafted HTML page. CVE-2017-5122 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5122.html CVE-2017-5122 https://bugzilla.suse.com/1060019 SUSE Bug 1060019 https://bugzilla.suse.com/1060020 SUSE Bug 1060020 Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page. CVE-2017-5124 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5124.html CVE-2017-5124 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2017-5125 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5125.html CVE-2017-5125 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2017-5126 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5126.html CVE-2017-5126 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2017-5127 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5127.html CVE-2017-5127 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL. CVE-2017-5128 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5128.html CVE-2017-5128 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2017-5129 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5129.html CVE-2017-5129 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file. CVE-2017-5130 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5130.html CVE-2017-5130 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 https://bugzilla.suse.com/1078806 SUSE Bug 1078806 https://bugzilla.suse.com/1123129 SUSE Bug 1123129 https://bugzilla.suse.com/1123919 SUSE Bug 1123919 An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write. CVE-2017-5131 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5131.html CVE-2017-5131 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation. CVE-2017-5132 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5132.html CVE-2017-5132 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentially execute code via a crafted PDF file. CVE-2017-5133 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-5133.html CVE-2017-5133 https://bugzilla.suse.com/1064066 SUSE Bug 1064066 https://bugzilla.suse.com/1064089 SUSE Bug 1064089 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. CVE-2017-7000 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-7000.html CVE-2017-7000 https://bugzilla.suse.com/1050537 SUSE Bug 1050537 A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2018-16065 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16065.html CVE-2018-16065 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-16066 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16066.html CVE-2018-16066 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-16067 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16067.html CVE-2018-16067 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2018-16068 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16068.html CVE-2018-16068 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Unintended floating-point error accumulation in SwiftShader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2018-16069 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16069.html CVE-2018-16069 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Integer overflows in Skia in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-16070 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16070.html CVE-2018-16070 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. CVE-2018-16071 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16071.html CVE-2018-16071 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass site isolation via a crafted HTML page. CVE-2018-16073 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16073.html CVE-2018-16073 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass site isolation via a crafted HTML page. CVE-2018-16074 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16074.html CVE-2018-16074 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Insufficient file type enforcement in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain local file data via a crafted HTML page. CVE-2018-16075 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16075.html CVE-2018-16075 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. CVE-2018-16076 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16076.html CVE-2018-16076 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 https://bugzilla.suse.com/1110628 SUSE Bug 1110628 Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2018-16077 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16077.html CVE-2018-16077 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Unsafe handling of credit card details in Autofill in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2018-16078 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16078.html CVE-2018-16078 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A race condition between permission prompts and navigations in Prompts in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2018-16079 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16079.html CVE-2018-16079 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A missing check for popup window handling in Fullscreen in Google Chrome on macOS prior to 69.0.3497.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2018-16080 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16080.html CVE-2018-16080 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system without file access permission via a crafted Chrome Extension. CVE-2018-16081 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16081.html CVE-2018-16081 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 An out of bounds read in Swiftshader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2018-16082 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16082.html CVE-2018-16082 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2018-16083 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16083.html CVE-2018-16083 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed a remote attacker who convinced the user to perform certain operations to open external programs via a crafted HTML page. CVE-2018-16084 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16084.html CVE-2018-16084 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A use after free in ResourceCoordinator in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-16085 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16085.html CVE-2018-16085 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. CVE-2018-16086 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16086.html CVE-2018-16086 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2018-16087 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16087.html CVE-2018-16087 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A missing check for JS-simulated input events in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to download arbitrary files with no user input via a crafted HTML page. CVE-2018-16088 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-16088.html CVE-2018-16088 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page. CVE-2018-17462 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17462.html CVE-2018-17462 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2018-17463 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17463.html CVE-2018-17463 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2018-17464 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17464.html CVE-2018-17464 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Incorrect implementation of object trimming in V8 in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. CVE-2018-17465 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17465.html CVE-2018-17465 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2018-17466 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17466.html CVE-2018-17466 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 https://bugzilla.suse.com/1121207 SUSE Bug 1121207 Insufficiently quick clearing of stale rendered content in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2018-17467 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17467.html CVE-2018-17467 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page. CVE-2018-17468 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17468.html CVE-2018-17468 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Incorrect handling of PDF filter chains in PDFium in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. CVE-2018-17469 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17469.html CVE-2018-17469 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 A heap buffer overflow in GPU in Google Chrome prior to 70.0.3538.67 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2018-17470 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17470.html CVE-2018-17470 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Incorrect dialog placement in WebContents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page. CVE-2018-17471 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17471.html CVE-2018-17471 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the <iframe> sandbox via a crafted HTML page. CVE-2018-17472 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17472.html CVE-2018-17472 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. CVE-2018-17473 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17473.html CVE-2018-17473 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Use after free in HTMLImportsController in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-17474 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17474.html CVE-2018-17474 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2018-17475 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17475.html CVE-2018-17475 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page. CVE-2018-17476 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17476.html CVE-2018-17476 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Incorrect dialog placement in Extensions in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of extension popups via a crafted HTML page. CVE-2018-17477 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17477.html CVE-2018-17477 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Incorrect array position calculations in V8 in Google Chrome prior to 70.0.3538.102 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. CVE-2018-17478 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17478.html CVE-2018-17478 https://bugzilla.suse.com/1115537 SUSE Bug 1115537 Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-17479 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17479.html CVE-2018-17479 https://bugzilla.suse.com/1116608 SUSE Bug 1116608 Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2018-17480 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17480.html CVE-2018-17480 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2018-17481 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-17481.html CVE-2018-17481 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1119364 SUSE Bug 1119364 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-18335 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18335.html CVE-2018-18335 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2018-18336 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18336.html CVE-2018-18336 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-18337 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18337.html CVE-2018-18337 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-18338 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18338.html CVE-2018-18338 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-18339 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18339.html CVE-2018-18339 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-18340 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18340.html CVE-2018-18340 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 An integer overflow leading to a heap buffer overflow in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-18341 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18341.html CVE-2018-18341 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Execution of user supplied Javascript during object deserialization can update object length leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2018-18342 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18342.html CVE-2018-18342 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-18343 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18343.html CVE-2018-18343 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to access files on the local file system via a crafted Chrome Extension. CVE-2018-18344 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18344.html CVE-2018-18344 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Incorrect handling of blob URLS in Site Isolation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker who had compromised the renderer process to bypass site isolation protections via a crafted HTML page. CVE-2018-18345 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18345.html CVE-2018-18345 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page. CVE-2018-18346 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18346.html CVE-2018-18346 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Incorrect handling of failed navigations with invalid URLs in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to trick a user into executing javascript in an arbitrary origin via a crafted HTML page. CVE-2018-18347 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18347.html CVE-2018-18347 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Incorrect handling of bidirectional domain names with RTL characters in Omnibox in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. CVE-2018-18348 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18348.html CVE-2018-18348 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension. CVE-2018-18349 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18349.html CVE-2018-18349 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2018-18350 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18350.html CVE-2018-18350 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page. CVE-2018-18351 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18351.html CVE-2018-18351 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page. CVE-2018-18352 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18352.html CVE-2018-18352 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Failure to dismiss http auth dialogs on navigation in Network Authentication in Google Chrome on Android prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of an auto dialog via a crafted HTML page. CVE-2018-18353 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18353.html CVE-2018-18353 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Insufficient validate of external protocols in Shell Integration in Google Chrome on Windows prior to 71.0.3578.80 allowed a remote attacker to launch external programs via a crafted HTML page. CVE-2018-18354 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18354.html CVE-2018-18354 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. CVE-2018-18355 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18355.html CVE-2018-18355 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-18356 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18356.html CVE-2018-18356 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 https://bugzilla.suse.com/1125396 SUSE Bug 1125396 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. CVE-2018-18357 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18357.html CVE-2018-18357 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file. CVE-2018-18358 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18358.html CVE-2018-18358 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2018-18359 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-18359.html CVE-2018-18359 https://bugzilla.suse.com/1118529 SUSE Bug 1118529 https://bugzilla.suse.com/1125330 SUSE Bug 1125330 Use of extended attributes in downloads in Google Chrome prior to 72.0.3626.81 allowed a local attacker to read download URLs via the filesystem. CVE-2018-20073 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-20073.html CVE-2018-20073 https://bugzilla.suse.com/1120892 SUSE Bug 1120892 An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. CVE-2018-4117 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-4117.html CVE-2018-4117 https://bugzilla.suse.com/1088182 SUSE Bug 1088182 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60. CVE-2018-5179 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-5179.html CVE-2018-5179 https://bugzilla.suse.com/1112111 SUSE Bug 1112111 https://bugzilla.suse.com/1119105 SUSE Bug 1119105 Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2018-6031 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6031.html CVE-2018-6031 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted HTML page. CVE-2018-6032 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6032.html CVE-2018-6032 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension. CVE-2018-6033 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6033.html CVE-2018-6033 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Insufficient data validation in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2018-6034 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6034.html CVE-2018-6034 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension. CVE-2018-6035 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6035.html CVE-2018-6035 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page. CVE-2018-6036 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6036.html CVE-2018-6036 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with insufficient user gestures via a crafted HTML page. CVE-2018-6037 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6037.html CVE-2018-6037 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2018-6038 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6038.html CVE-2018-6038 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension. CVE-2018-6039 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6039.html CVE-2018-6039 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially bypass content security policy via a crafted HTML page. CVE-2018-6040 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6040.html CVE-2018-6040 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Incorrect security UI in navigation in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2018-6041 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6041.html CVE-2018-6041 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2018-6042 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6042.html CVE-2018-6042 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Insufficient data validation in External Protocol Handler in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially execute arbitrary programs on user machine via a crafted HTML page. CVE-2018-6043 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6043.html CVE-2018-6043 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16064. Reason: This candidate is a reservation duplicate of CVE-2018-16064. Notes: All CVE users should reference CVE-2018-16064 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. CVE-2018-6044 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6044.html CVE-2018-6044 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension. CVE-2018-6045 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6045.html CVE-2018-6045 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension. CVE-2018-6046 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6046.html CVE-2018-6046 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Insufficient policy enforcement in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user redirect URL via a crafted HTML page. CVE-2018-6047 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6047.html CVE-2018-6047 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak referrer information via a crafted HTML page. CVE-2018-6048 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6048.html CVE-2018-6048 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Incorrect security UI in permissions prompt in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the origin to which permission is granted via a crafted HTML page. CVE-2018-6049 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6049.html CVE-2018-6049 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Incorrect security UI in Omnibox in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2018-6050 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6050.html CVE-2018-6050 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page. CVE-2018-6051 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6051.html CVE-2018-6051 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Lack of support for a non standard no-referrer policy value in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain referrer details from a web page that had thought it had opted out of sending referrer data. CVE-2018-6052 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6052.html CVE-2018-6052 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Inappropriate implementation in New Tab Page in Google Chrome prior to 64.0.3282.119 allowed a local attacker to view website thumbnail images after clearing browser data via a crafted HTML page. CVE-2018-6053 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6053.html CVE-2018-6053 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. CVE-2018-6054 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6054.html CVE-2018-6054 https://bugzilla.suse.com/1077571 SUSE Bug 1077571 Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2018-6056 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6056.html CVE-2018-6056 https://bugzilla.suse.com/1080920 SUSE Bug 1080920 Lack of special casing of Android ashmem in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to bypass inter-process read only guarantees via a crafted HTML page. CVE-2018-6057 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6057.html CVE-2018-6057 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Use after free in WebAudio in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-6060 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6060.html CVE-2018-6060 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-6061 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6061.html CVE-2018-6061 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Heap overflow write in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. CVE-2018-6062 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6062.html CVE-2018-6062 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Incorrect use of mojo::WrapSharedMemoryHandle in Mojo in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. CVE-2018-6063 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6063.html CVE-2018-6063 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-6064 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6064.html CVE-2018-6064 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-6065 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6065.html CVE-2018-6065 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2018-6066 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6066.html CVE-2018-6066 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Incorrect IPC serialization in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-6067 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6067.html CVE-2018-6067 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2018-6068 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6068.html CVE-2018-6068 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Stack buffer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2018-6069 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6069.html CVE-2018-6069 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. CVE-2018-6070 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6070.html CVE-2018-6070 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 An integer overflow in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2018-6071 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6071.html CVE-2018-6071 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 An integer overflow leading to use after free in PDFium in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2018-6072 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6072.html CVE-2018-6072 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 A heap buffer overflow in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. CVE-2018-6073 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6073.html CVE-2018-6073 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Failure to apply Mark-of-the-Web in Downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to bypass OS level controls via a crafted HTML page. CVE-2018-6074 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6074.html CVE-2018-6074 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page and user interaction. CVE-2018-6075 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6075.html CVE-2018-6075 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Insufficient encoding of URL fragment identifiers in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform a DOM based XSS attack via a crafted HTML page. CVE-2018-6076 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6076.html CVE-2018-6076 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Displacement map filters being applied to cross-origin images in Blink SVG rendering in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2018-6077 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6077.html CVE-2018-6077 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. CVE-2018-6078 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6078.html CVE-2018-6078 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Inappropriate sharing of TEXTURE_2D_ARRAY/TEXTURE_3D data between tabs in WebGL in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2018-6079 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6079.html CVE-2018-6079 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Lack of access control checks in Instrumentation in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to obtain memory metadata from privileged processes . CVE-2018-6080 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6080.html CVE-2018-6080 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 XSS vulnerabilities in Interstitials in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension or open Developer Console to inject arbitrary scripts or HTML via a crafted HTML page. CVE-2018-6081 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6081.html CVE-2018-6081 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Including port 22 in the list of allowed FTP ports in Networking in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially enumerate internal host services via a crafted HTML page. CVE-2018-6082 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6082.html CVE-2018-6082 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page. CVE-2018-6083 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6083.html CVE-2018-6083 https://bugzilla.suse.com/1084296 SUSE Bug 1084296 Re-entry of a destructor in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page. CVE-2018-6085 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6085.html CVE-2018-6085 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page. CVE-2018-6086 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6086.html CVE-2018-6086 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2018-6087 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6087.html CVE-2018-6087 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. CVE-2018-6088 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6088.html CVE-2018-6088 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 A lack of CORS checks, after a Service Worker redirected to a cross-origin PDF, in Service Worker in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page. CVE-2018-6089 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6089.html CVE-2018-6089 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 An integer overflow that lead to a heap buffer-overflow in Skia in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2018-6090 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6090.html CVE-2018-6090 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2018-6091 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6091.html CVE-2018-6091 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2018-6092 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6092.html CVE-2018-6092 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2018-6093 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6093.html CVE-2018-6093 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-6094 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6094.html CVE-2018-6094 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page. CVE-2018-6095 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6095.html CVE-2018-6095 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obscure the full screen warning via a crafted HTML page. CVE-2018-6096 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6096.html CVE-2018-6096 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page. CVE-2018-6097 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6097.html CVE-2018-6097 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2018-6098 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6098.html CVE-2018-6098 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 A lack of CORS checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak limited cross-origin data via a crafted HTML page. CVE-2018-6099 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6099.html CVE-2018-6099 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Incorrect handling of confusable characters in URL Formatter in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2018-6100 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6100.html CVE-2018-6100 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server. CVE-2018-6101 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6101.html CVE-2018-6101 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. CVE-2018-6102 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6102.html CVE-2018-6102 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 A stagnant permission prompt in Prompts in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass permission policy via a crafted HTML page. CVE-2018-6103 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6103.html CVE-2018-6103 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2018-6104 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6104.html CVE-2018-6104 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2018-6105 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6105.html CVE-2018-6105 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page. CVE-2018-6106 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6106.html CVE-2018-6106 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2018-6107 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6107.html CVE-2018-6107 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted HTML page. CVE-2018-6108 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6108.html CVE-2018-6108 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 readAsText() can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page. CVE-2018-6109 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6109.html CVE-2018-6109 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to cause Chrome to execute scripts via a local non-HTML page. CVE-2018-6110 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6110.html CVE-2018-6110 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page. CVE-2018-6111 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6111.html CVE-2018-6111 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2018-6112 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6112.html CVE-2018-6112 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Improper handling of pending navigation entries in Navigation in Google Chrome on iOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2018-6113 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6113.html CVE-2018-6113 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Incorrect enforcement of CSP for <object> tags in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2018-6114 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6114.html CVE-2018-6114 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Inappropriate setting of the SEE_MASK_FLAG_NO_UI flag in file downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially bypass OS malware checks via a crafted HTML page. CVE-2018-6115 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6115.html CVE-2018-6115 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 A nullptr dereference in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2018-6116 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6116.html CVE-2018-6116 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 Confusing settings in Autofill in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2018-6117 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6117.html CVE-2018-6117 https://bugzilla.suse.com/1090000 SUSE Bug 1090000 A double-eviction in the Incognito mode cache that lead to a user-after-free in cache in Google Chrome prior to 66.0.3359.139 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. CVE-2018-6118 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6118.html CVE-2018-6118 https://bugzilla.suse.com/1091288 SUSE Bug 1091288 An integer overflow that could lead to an attacker-controlled heap out-of-bounds write in PDFium in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. CVE-2018-6120 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6120.html CVE-2018-6120 https://bugzilla.suse.com/1092923 SUSE Bug 1092923 Insufficient validation of input in Blink in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to perform privilege escalation via a crafted HTML page. CVE-2018-6121 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6121.html CVE-2018-6121 https://bugzilla.suse.com/1092923 SUSE Bug 1092923 Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-6122 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6122.html CVE-2018-6122 https://bugzilla.suse.com/1092923 SUSE Bug 1092923 A use after free in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-6123 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6123.html CVE-2018-6123 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Type confusion in ReadableStreams in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. CVE-2018-6124 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6124.html CVE-2018-6124 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Insufficient policy enforcement in USB in Google Chrome on Windows prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. CVE-2018-6125 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6125.html CVE-2018-6125 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. CVE-2018-6126 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6126.html CVE-2018-6126 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 https://bugzilla.suse.com/1096449 SUSE Bug 1096449 Early free of object in use in IndexDB in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2018-6127 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6127.html CVE-2018-6127 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Incorrect URL parsing in WebKit in Google Chrome on iOS prior to 67.0.3396.62 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2018-6128 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6128.html CVE-2018-6128 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Out of bounds array access in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2018-6129 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6129.html CVE-2018-6129 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Incorrect handling of object lifetimes in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2018-6130 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6130.html CVE-2018-6130 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Object lifecycle issue in WebAssembly in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-6131 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6131.html CVE-2018-6131 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Uninitialized data in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. CVE-2018-6132 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6132.html CVE-2018-6132 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2018-6133 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6133.html CVE-2018-6133 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Information leak in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to bypass no-referrer policy via a crafted HTML page. CVE-2018-6134 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6134.html CVE-2018-6134 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Lack of clearing the previous site before loading alerts from a new one in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2018-6135 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6135.html CVE-2018-6135 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Missing type check in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2018-6136 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6136.html CVE-2018-6136 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 CSS Paint API in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2018-6137 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6137.html CVE-2018-6137 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. CVE-2018-6138 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6138.html CVE-2018-6138 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. CVE-2018-6139 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6139.html CVE-2018-6139 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. CVE-2018-6140 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6140.html CVE-2018-6140 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Insufficient validation of an image filter in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. CVE-2018-6141 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6141.html CVE-2018-6141 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Array bounds check failure in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. CVE-2018-6142 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6142.html CVE-2018-6142 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Insufficient validation in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2018-6143 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6143.html CVE-2018-6143 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Off-by-one error in PDFium in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file. CVE-2018-6144 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6144.html CVE-2018-6144 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Insufficient data validation in HTML parser in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to bypass same origin policy via a crafted HTML page. CVE-2018-6145 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6145.html CVE-2018-6145 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a local attacker to obtain potentially sensitive information from process memory via a local process. CVE-2018-6147 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6147.html CVE-2018-6147 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 Incorrect implementation in Content Security Policy in Google Chrome prior to 67.0.3396.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2018-6148 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6148.html CVE-2018-6148 https://bugzilla.suse.com/1096508 SUSE Bug 1096508 Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. CVE-2018-6149 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6149.html CVE-2018-6149 https://bugzilla.suse.com/1097452 SUSE Bug 1097452 A precision error in Skia in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. CVE-2018-6153 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6153.html CVE-2018-6153 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-6154 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6154.html CVE-2018-6154 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Incorrect handling of frames in the VP8 parser in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. CVE-2018-6155 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6155.html CVE-2018-6155 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. CVE-2018-6156 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6156.html CVE-2018-6156 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. CVE-2018-6157 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6157.html CVE-2018-6157 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A race condition in Oilpan in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-6158 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6158.html CVE-2018-6158 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2018-6159 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6159.html CVE-2018-6159 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 JavaScript alert handling in Prompts in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2018-6160 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6160.html CVE-2018-6160 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Insufficient policy enforcement in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page. CVE-2018-6161 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6161.html CVE-2018-6161 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Improper deserialization in WebGL in Google Chrome on Mac prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2018-6162 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6162.html CVE-2018-6162 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2018-6163 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6163.html CVE-2018-6163 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Insufficient origin checks for CSS content in Blink in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2018-6164 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6164.html CVE-2018-6164 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Incorrect handling of reloads in Navigation in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2018-6165 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6165.html CVE-2018-6165 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2018-6166 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6166.html CVE-2018-6166 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2018-6167 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6167.html CVE-2018-6167 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2018-6168 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6168.html CVE-2018-6168 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page. CVE-2018-6169 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6169.html CVE-2018-6169 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2018-6170 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6170.html CVE-2018-6170 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. CVE-2018-6171 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6171.html CVE-2018-6171 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2018-6172 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6172.html CVE-2018-6172 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2018-6173 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6173.html CVE-2018-6173 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page. CVE-2018-6174 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6174.html CVE-2018-6174 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2018-6175 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6175.html CVE-2018-6175 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Insufficient file type enforcement in Extensions API in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted Chrome Extension. CVE-2018-6176 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6176.html CVE-2018-6176 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2018-6177 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6177.html CVE-2018-6177 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension. CVE-2018-6178 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6178.html CVE-2018-6178 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension. CVE-2018-6179 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6179.html CVE-2018-6179 https://bugzilla.suse.com/1086124 SUSE Bug 1086124 https://bugzilla.suse.com/1102530 SUSE Bug 1102530 https://bugzilla.suse.com/1107235 SUSE Bug 1107235 The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service (heap-based buffer over-read and later out-of-bounds write), or possibly have unspecified other impact. CVE-2018-6406 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-6406.html CVE-2018-6406 https://bugzilla.suse.com/1078463 SUSE Bug 1078463 IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2019-13659 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13659.html CVE-2019-13659 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page. CVE-2019-13660 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13660.html CVE-2019-13660 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page. CVE-2019-13661 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13661.html CVE-2019-13661 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient policy enforcement in navigations in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2019-13662 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13662.html CVE-2019-13662 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2019-13663 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13663.html CVE-2019-13663 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2019-13664 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13664.html CVE-2019-13664 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient filtering in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass multiple file download protection via a crafted HTML page. CVE-2019-13665 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13665.html CVE-2019-13665 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Information leak in storage in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-13666 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13666.html CVE-2019-13666 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2019-13667 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13667.html CVE-2019-13667 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-13668 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13668.html CVE-2019-13668 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Incorrect data validation in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2019-13669 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13669.html CVE-2019-13669 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient data validation in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13670 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13670.html CVE-2019-13670 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 UI spoofing in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof security UI via a crafted HTML page. CVE-2019-13671 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13671.html CVE-2019-13671 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-13673 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13673.html CVE-2019-13673 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2019-13674 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13674.html CVE-2019-13674 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page. CVE-2019-13675 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13675.html CVE-2019-13675 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2019-13676 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13676.html CVE-2019-13676 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient policy enforcement in site isolation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page. CVE-2019-13677 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13677.html CVE-2019-13677 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Incorrect data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2019-13678 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13678.html CVE-2019-13678 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient policy enforcement in PDFium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to show print dialogs via a crafted PDF file. CVE-2019-13679 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13679.html CVE-2019-13679 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Inappropriate implementation in TLS in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof client IP address to websites via crafted TLS connections. CVE-2019-13680 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13680.html CVE-2019-13680 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass download restrictions via a crafted HTML page. CVE-2019-13681 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13681.html CVE-2019-13681 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient policy enforcement in external protocol handling in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page. CVE-2019-13682 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13682.html CVE-2019-13682 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-13683 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13683.html CVE-2019-13683 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Use after free in sharing view in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13685 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13685.html CVE-2019-13685 https://bugzilla.suse.com/1151229 SUSE Bug 1151229 Use after free in offline mode in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13686 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13686.html CVE-2019-13686 https://bugzilla.suse.com/1151229 SUSE Bug 1151229 Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13687 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13687.html CVE-2019-13687 https://bugzilla.suse.com/1151229 SUSE Bug 1151229 Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13688 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13688.html CVE-2019-13688 https://bugzilla.suse.com/1151229 SUSE Bug 1151229 Use after free in IndexedDB in Google Chrome prior to 77.0.3865.120 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. CVE-2019-13693 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13693.html CVE-2019-13693 https://bugzilla.suse.com/1153660 SUSE Bug 1153660 Use after free in WebRTC in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13694 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13694.html CVE-2019-13694 https://bugzilla.suse.com/1153660 SUSE Bug 1153660 Use after free in audio in Google Chrome on Android prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13695 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13695.html CVE-2019-13695 https://bugzilla.suse.com/1153660 SUSE Bug 1153660 Use after free in JavaScript in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13696 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13696.html CVE-2019-13696 https://bugzilla.suse.com/1153660 SUSE Bug 1153660 Insufficient policy enforcement in performance APIs in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-13697 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13697.html CVE-2019-13697 https://bugzilla.suse.com/1153660 SUSE Bug 1153660 Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13699 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13699.html CVE-2019-13699 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13700 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13700.html CVE-2019-13700 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2019-13701 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13701.html CVE-2019-13701 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable. CVE-2019-13702 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13702.html CVE-2019-13702 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2019-13703 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13703.html CVE-2019-13703 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2019-13704 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13704.html CVE-2019-13704 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. CVE-2019-13705 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13705.html CVE-2019-13705 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2019-13706 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13706.html CVE-2019-13706 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application. CVE-2019-13707 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13707.html CVE-2019-13707 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2019-13708 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13708.html CVE-2019-13708 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page. CVE-2019-13709 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13709.html CVE-2019-13709 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Insufficient validation of untrusted input in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page. CVE-2019-13710 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13710.html CVE-2019-13710 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-13711 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13711.html CVE-2019-13711 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-13713 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13713.html CVE-2019-13713 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to inject CSS into an HTML page via a crafted URL. CVE-2019-13714 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13714.html CVE-2019-13714 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2019-13715 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13715.html CVE-2019-13715 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2019-13716 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13716.html CVE-2019-13716 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page. CVE-2019-13717 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13717.html CVE-2019-13717 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2019-13718 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13718.html CVE-2019-13718 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page. CVE-2019-13719 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13719.html CVE-2019-13719 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13720 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13720.html CVE-2019-13720 https://bugzilla.suse.com/1155643 SUSE Bug 1155643 Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13721 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13721.html CVE-2019-13721 https://bugzilla.suse.com/1155643 SUSE Bug 1155643 Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13723 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13723.html CVE-2019-13723 https://bugzilla.suse.com/1157269 SUSE Bug 1157269 Out of bounds memory access in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13724 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13724.html CVE-2019-13724 https://bugzilla.suse.com/1157269 SUSE Bug 1157269 Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. CVE-2019-13725 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13725.html CVE-2019-13725 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. CVE-2019-13726 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13726.html CVE-2019-13726 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page. CVE-2019-13727 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13727.html CVE-2019-13727 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13728 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13728.html CVE-2019-13728 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13729 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13729.html CVE-2019-13729 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13730 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13730.html CVE-2019-13730 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13732 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13732.html CVE-2019-13732 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13734 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13734.html CVE-2019-13734 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2019-13735 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13735.html CVE-2019-13735 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2019-13736 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13736.html CVE-2019-13736 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2019-13737 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13737.html CVE-2019-13737 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page. CVE-2019-13738 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13738.html CVE-2019-13738 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2019-13739 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13739.html CVE-2019-13739 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2019-13740 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13740.html CVE-2019-13740 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content. CVE-2019-13741 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13741.html CVE-2019-13741 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. CVE-2019-13742 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13742.html CVE-2019-13742 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page. CVE-2019-13743 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13743.html CVE-2019-13743 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-13744 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13744.html CVE-2019-13744 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-13745 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13745.html CVE-2019-13745 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2019-13746 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13746.html CVE-2019-13746 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13747 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13747.html CVE-2019-13747 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2019-13748 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13748.html CVE-2019-13748 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2019-13749 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13749.html CVE-2019-13749 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page. CVE-2019-13750 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13750.html CVE-2019-13750 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2019-13751 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13751.html CVE-2019-13751 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2019-13752 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13752.html CVE-2019-13752 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2019-13753 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13753.html CVE-2019-13753 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2019-13754 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13754.html CVE-2019-13754 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page. CVE-2019-13755 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13755.html CVE-2019-13755 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2019-13756 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13756.html CVE-2019-13756 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2019-13757 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13757.html CVE-2019-13757 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2019-13758 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13758.html CVE-2019-13758 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2019-13759 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13759.html CVE-2019-13759 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2019-13761 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13761.html CVE-2019-13761 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code. CVE-2019-13762 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13762.html CVE-2019-13762 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. CVE-2019-13763 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13763.html CVE-2019-13763 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13764 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13764.html CVE-2019-13764 https://bugzilla.suse.com/1158982 SUSE Bug 1158982 Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13767 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-13767.html CVE-2019-13767 https://bugzilla.suse.com/1159498 SUSE Bug 1159498 In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. CVE-2019-15903 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-15903.html CVE-2019-15903 https://bugzilla.suse.com/1149429 SUSE Bug 1149429 https://bugzilla.suse.com/1154738 SUSE Bug 1154738 https://bugzilla.suse.com/1154806 SUSE Bug 1154806 In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed. CVE-2019-18197 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-18197.html CVE-2019-18197 https://bugzilla.suse.com/1154609 SUSE Bug 1154609 https://bugzilla.suse.com/1157028 SUSE Bug 1157028 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 https://bugzilla.suse.com/1169511 SUSE Bug 1169511 https://bugzilla.suse.com/1190108 SUSE Bug 1190108 exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. CVE-2019-19880 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-19880.html CVE-2019-19880 https://bugzilla.suse.com/1159491 SUSE Bug 1159491 https://bugzilla.suse.com/1159715 SUSE Bug 1159715 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). CVE-2019-19923 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-19923.html CVE-2019-19923 https://bugzilla.suse.com/1160309 SUSE Bug 1160309 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. CVE-2019-19926 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-19926.html CVE-2019-19926 https://bugzilla.suse.com/1159491 SUSE Bug 1159491 https://bugzilla.suse.com/1159715 SUSE Bug 1159715 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init. CVE-2019-20503 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-20503.html CVE-2019-20503 https://bugzilla.suse.com/1166238 SUSE Bug 1166238 https://bugzilla.suse.com/1167090 SUSE Bug 1167090 Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy. CVE-2019-5754 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5754.html CVE-2019-5754 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. CVE-2019-5755 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5755.html CVE-2019-5755 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. CVE-2019-5756 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5756.html CVE-2019-5756 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. CVE-2019-5757 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5757.html CVE-2019-5757 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5758 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5758.html CVE-2019-5758 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2019-5759 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5759.html CVE-2019-5759 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5760 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5760.html CVE-2019-5760 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Incorrect object lifecycle management in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5761 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5761.html CVE-2019-5761 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. CVE-2019-5762 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5762.html CVE-2019-5762 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5763 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5763.html CVE-2019-5763 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Incorrect pointer management in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5764 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5764.html CVE-2019-5764 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent. CVE-2019-5765 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5765.html CVE-2019-5765 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-5766 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5766.html CVE-2019-5766 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK. CVE-2019-5767 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5767.html CVE-2019-5767 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension. CVE-2019-5768 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5768.html CVE-2019-5768 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5769 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5769.html CVE-2019-5769 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2019-5770 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5770.html CVE-2019-5770 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page. CVE-2019-5771 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5771.html CVE-2019-5771 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2019-5772 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5772.html CVE-2019-5772 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. CVE-2019-5773 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5773.html CVE-2019-5773 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file. CVE-2019-5774 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5774.html CVE-2019-5774 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. CVE-2019-5775 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5775.html CVE-2019-5775 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. CVE-2019-5776 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5776.html CVE-2019-5776 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. CVE-2019-5777 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5777.html CVE-2019-5777 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension. CVE-2019-5778 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5778.html CVE-2019-5778 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2019-5779 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5779.html CVE-2019-5779 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events. CVE-2019-5780 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5780.html CVE-2019-5780 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. CVE-2019-5781 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5781.html CVE-2019-5781 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2019-5782 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5782.html CVE-2019-5782 https://bugzilla.suse.com/1123641 SUSE Bug 1123641 Incorrect handling of deferred code in V8 in Google Chrome prior to 72.0.3626.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5784 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5784.html CVE-2019-5784 https://bugzilla.suse.com/1124936 SUSE Bug 1124936 Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2019-5786 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5786.html CVE-2019-5786 https://bugzilla.suse.com/1127602 SUSE Bug 1127602 Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5787 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5787.html CVE-2019-5787 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. CVE-2019-5788 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5788.html CVE-2019-5788 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. CVE-2019-5789 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5789.html CVE-2019-5789 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2019-5790 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5790.html CVE-2019-5790 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2019-5791 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5791.html CVE-2019-5791 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. CVE-2019-5792 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5792.html CVE-2019-5792 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to initiate the extensions installation user interface via a crafted HTML page. CVE-2019-5793 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5793.html CVE-2019-5793 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Incorrect handling of cancelled requests in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2019-5794 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5794.html CVE-2019-5794 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. CVE-2019-5795 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5795.html CVE-2019-5795 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Data race in extensions guest view in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5796 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5796.html CVE-2019-5796 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Double free in DOMStorage in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5797 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5797.html CVE-2019-5797 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. CVE-2019-5798 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5798.html CVE-2019-5798 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 https://bugzilla.suse.com/1135824 SUSE Bug 1135824 Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2019-5799 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5799.html CVE-2019-5799 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2019-5800 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5800.html CVE-2019-5800 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2019-5801 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5801.html CVE-2019-5801 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2019-5802 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5802.html CVE-2019-5802 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2019-5803 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5803.html CVE-2019-5803 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name. CVE-2019-5804 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5804.html CVE-2019-5804 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2019-5805 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5805.html CVE-2019-5805 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5806 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5806.html CVE-2019-5806 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5807 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5807.html CVE-2019-5807 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5808 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5808.html CVE-2019-5808 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. CVE-2019-5809 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5809.html CVE-2019-5809 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2019-5810 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5810.html CVE-2019-5810 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page. CVE-2019-5811 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5811.html CVE-2019-5811 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Inadequate security UI in iOS UI in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2019-5812 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5812.html CVE-2019-5812 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5813 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5813.html CVE-2019-5813 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-5814 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5814.html CVE-2019-5814 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data. CVE-2019-5815 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5815.html CVE-2019-5815 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page. CVE-2019-5816 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5816.html CVE-2019-5816 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5817 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5817.html CVE-2019-5817 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. CVE-2019-5818 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5818.html CVE-2019-5818 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard. CVE-2019-5819 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5819.html CVE-2019-5819 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2019-5820 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5820.html CVE-2019-5820 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2019-5821 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5821.html CVE-2019-5821 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page. CVE-2019-5822 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5822.html CVE-2019-5822 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2019-5823 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5823.html CVE-2019-5823 https://bugzilla.suse.com/1133313 SUSE Bug 1133313 Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5824 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5824.html CVE-2019-5824 https://bugzilla.suse.com/1134218 SUSE Bug 1134218 Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5827 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5827.html CVE-2019-5827 https://bugzilla.suse.com/1134218 SUSE Bug 1134218 Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2019-5828 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5828.html CVE-2019-5828 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2019-5829 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5829.html CVE-2019-5829 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-5830 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5830.html CVE-2019-5830 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5831 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5831.html CVE-2019-5831 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-5832 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5832.html CVE-2019-5832 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page. CVE-2019-5833 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5833.html CVE-2019-5833 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2019-5834 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5834.html CVE-2019-5834 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2019-5835 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5835.html CVE-2019-5835 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5836 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5836.html CVE-2019-5836 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-5837 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5837.html CVE-2019-5837 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension. CVE-2019-5838 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5838.html CVE-2019-5838 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL. CVE-2019-5839 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5839.html CVE-2019-5839 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2019-5840 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5840.html CVE-2019-5840 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 Use after free in Blink in Google Chrome prior to 75.0.3770.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5842 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5842.html CVE-2019-5842 https://bugzilla.suse.com/1137332 SUSE Bug 1137332 https://bugzilla.suse.com/1138287 SUSE Bug 1138287 Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5844 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5844.html CVE-2019-5844 https://bugzilla.suse.com/1129059 SUSE Bug 1129059 Inappropriate implementation in JavaScript in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5847 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5847.html CVE-2019-5847 https://bugzilla.suse.com/1141649 SUSE Bug 1141649 Incorrect font handling in autofill in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2019-5848 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5848.html CVE-2019-5848 https://bugzilla.suse.com/1141649 SUSE Bug 1141649 Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2019-5850 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5850.html CVE-2019-5850 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Use after free in WebAudio in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5851 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5851.html CVE-2019-5851 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2019-5852 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5852.html CVE-2019-5852 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5853 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5853.html CVE-2019-5853 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2019-5854 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5854.html CVE-2019-5854 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2019-5855 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5855.html CVE-2019-5855 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Insufficient policy enforcement in storage in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. CVE-2019-5856 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5856.html CVE-2019-5856 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. CVE-2019-5857 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5857.html CVE-2019-5857 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Incorrect security UI in MacOS services integration in Google Chrome on OS X prior to 76.0.3809.87 allowed a local attacker to execute arbitrary code via a crafted HTML page. CVE-2019-5858 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5858.html CVE-2019-5858 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Insufficient filtering in URI schemes in Google Chrome on Windows prior to 76.0.3809.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2019-5859 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5859.html CVE-2019-5859 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Use after free in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2019-5860 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5860.html CVE-2019-5860 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page. CVE-2019-5861 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5861.html CVE-2019-5861 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Insufficient data validation in AppCache in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. CVE-2019-5862 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5862.html CVE-2019-5862 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. CVE-2019-5863 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5863.html CVE-2019-5863 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Insufficient data validation in CORS in Google Chrome prior to 76.0.3809.87 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. CVE-2019-5864 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5864.html CVE-2019-5864 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Insufficient policy enforcement in navigations in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. CVE-2019-5865 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5865.html CVE-2019-5865 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 Out of bounds read in JavaScript in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5867 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5867.html CVE-2019-5867 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 https://bugzilla.suse.com/1145242 SUSE Bug 1145242 Use after free in PDFium in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2019-5868 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5868.html CVE-2019-5868 https://bugzilla.suse.com/1143492 SUSE Bug 1143492 https://bugzilla.suse.com/1145242 SUSE Bug 1145242 Use after free in Blink in Google Chrome prior to 76.0.3809.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5869 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5869.html CVE-2019-5869 https://bugzilla.suse.com/1149143 SUSE Bug 1149143 Use after free in media in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2019-5870 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5870.html CVE-2019-5870 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Heap buffer overflow in Skia in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5871 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5871.html CVE-2019-5871 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Use after free in Mojo in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5872 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5872.html CVE-2019-5872 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient filtering in URI schemes in Google Chrome on Windows prior to 77.0.3865.75 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2019-5874 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5874.html CVE-2019-5874 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2019-5875 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5875.html CVE-2019-5875 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Use after free in media in Google Chrome on Android prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5876 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5876.html CVE-2019-5876 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Out of bounds memory access in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5877 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5877.html CVE-2019-5877 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-5878 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5878.html CVE-2019-5878 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension. CVE-2019-5879 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5879.html CVE-2019-5879 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2019-5880 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5880.html CVE-2019-5880 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Out of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2019-5881 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-5881.html CVE-2019-5881 https://bugzilla.suse.com/1150425 SUSE Bug 1150425 Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. CVE-2019-8075 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-8075.html CVE-2019-8075 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2020-0561 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-0561.html CVE-2020-0561 Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering. CVE-2020-15959 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15959.html CVE-2020-15959 https://bugzilla.suse.com/1176306 SUSE Bug 1176306 Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2020-15960 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15960.html CVE-2020-15960 https://bugzilla.suse.com/1176791 SUSE Bug 1176791 https://bugzilla.suse.com/1176799 SUSE Bug 1176799 Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. CVE-2020-15961 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15961.html CVE-2020-15961 https://bugzilla.suse.com/1176791 SUSE Bug 1176791 https://bugzilla.suse.com/1176799 SUSE Bug 1176799 Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2020-15962 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15962.html CVE-2020-15962 https://bugzilla.suse.com/1176791 SUSE Bug 1176791 https://bugzilla.suse.com/1176799 SUSE Bug 1176799 Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. CVE-2020-15963 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15963.html CVE-2020-15963 https://bugzilla.suse.com/1176791 SUSE Bug 1176791 https://bugzilla.suse.com/1176799 SUSE Bug 1176799 Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-15964 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15964.html CVE-2020-15964 https://bugzilla.suse.com/1176791 SUSE Bug 1176791 https://bugzilla.suse.com/1176799 SUSE Bug 1176799 Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2020-15965 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15965.html CVE-2020-15965 https://bugzilla.suse.com/1176791 SUSE Bug 1176791 https://bugzilla.suse.com/1176799 SUSE Bug 1176799 Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension. CVE-2020-15966 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15966.html CVE-2020-15966 https://bugzilla.suse.com/1176791 SUSE Bug 1176791 https://bugzilla.suse.com/1176799 SUSE Bug 1176799 Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-15967 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15967.html CVE-2020-15967 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-15968 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15968.html CVE-2020-15968 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-15969 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15969.html CVE-2020-15969 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 https://bugzilla.suse.com/1177872 SUSE Bug 1177872 https://bugzilla.suse.com/1177977 SUSE Bug 1177977 Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-15970 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15970.html CVE-2020-15970 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-15971 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15971.html CVE-2020-15971 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-15972 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15972.html CVE-2020-15972 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. CVE-2020-15973 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15973.html CVE-2020-15973 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page. CVE-2020-15974 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15974.html CVE-2020-15974 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-15975 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15975.html CVE-2020-15975 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-15976 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15976.html CVE-2020-15976 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. CVE-2020-15977 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15977.html CVE-2020-15977 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. CVE-2020-15978 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15978.html CVE-2020-15978 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-15979 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15979.html CVE-2020-15979 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents. CVE-2020-15980 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15980.html CVE-2020-15980 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2020-15981 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15981.html CVE-2020-15981 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2020-15982 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15982.html CVE-2020-15982 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page. CVE-2020-15983 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15983.html CVE-2020-15983 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL. CVE-2020-15984 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15984.html CVE-2020-15984 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page. CVE-2020-15985 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15985.html CVE-2020-15985 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-15986 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15986.html CVE-2020-15986 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream. CVE-2020-15987 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15987.html CVE-2020-15987 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page. CVE-2020-15988 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15988.html CVE-2020-15988 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. CVE-2020-15989 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15989.html CVE-2020-15989 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-15990 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15990.html CVE-2020-15990 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-15991 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15991.html CVE-2020-15991 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. CVE-2020-15992 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15992.html CVE-2020-15992 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-15995 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15995.html CVE-2020-15995 https://bugzilla.suse.com/1180645 SUSE Bug 1180645 Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-15999 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15999.html CVE-2020-15999 https://bugzilla.suse.com/1177914 SUSE Bug 1177914 https://bugzilla.suse.com/1177936 SUSE Bug 1177936 https://bugzilla.suse.com/1178824 SUSE Bug 1178824 https://bugzilla.suse.com/1178894 SUSE Bug 1178894 Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16000 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16000.html CVE-2020-16000 https://bugzilla.suse.com/1177936 SUSE Bug 1177936 Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16001 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16001.html CVE-2020-16001 https://bugzilla.suse.com/1177936 SUSE Bug 1177936 Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2020-16002 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16002.html CVE-2020-16002 https://bugzilla.suse.com/1177936 SUSE Bug 1177936 Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16003 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16003.html CVE-2020-16003 https://bugzilla.suse.com/1177936 SUSE Bug 1177936 Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16004 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16004.html CVE-2020-16004 https://bugzilla.suse.com/1178375 SUSE Bug 1178375 Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16005 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16005.html CVE-2020-16005 https://bugzilla.suse.com/1178375 SUSE Bug 1178375 Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16006 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16006.html CVE-2020-16006 https://bugzilla.suse.com/1178375 SUSE Bug 1178375 Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem. CVE-2020-16007 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16007.html CVE-2020-16007 https://bugzilla.suse.com/1178375 SUSE Bug 1178375 Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet. CVE-2020-16008 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16008.html CVE-2020-16008 https://bugzilla.suse.com/1178375 SUSE Bug 1178375 Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16009 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16009.html CVE-2020-16009 https://bugzilla.suse.com/1178375 SUSE Bug 1178375 Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-16011 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16011.html CVE-2020-16011 https://bugzilla.suse.com/1178375 SUSE Bug 1178375 Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-16012 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16012.html CVE-2020-16012 https://bugzilla.suse.com/1178824 SUSE Bug 1178824 https://bugzilla.suse.com/1178894 SUSE Bug 1178894 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16013 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16013.html CVE-2020-16013 https://bugzilla.suse.com/1178703 SUSE Bug 1178703 Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-16014 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16014.html CVE-2020-16014 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16015 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16015.html CVE-2020-16015 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Inappropriate implementation in base in Google Chrome prior to 86.0.4240.193 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-16016 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16016.html CVE-2020-16016 https://bugzilla.suse.com/1178630 SUSE Bug 1178630 Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-16017 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16017.html CVE-2020-16017 https://bugzilla.suse.com/1178703 SUSE Bug 1178703 Use after free in payments in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-16018 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16018.html CVE-2020-16018 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Inappropriate implementation in filesystem in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file. CVE-2020-16019 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16019.html CVE-2020-16019 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Inappropriate implementation in cryptohome in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass discretionary access control via a malicious file. CVE-2020-16020 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16020.html CVE-2020-16020 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Race in image burner in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to perform OS-level privilege escalation via a malicious file. CVE-2020-16021 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16021.html CVE-2020-16021 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially bypass firewall controls via a crafted HTML page. CVE-2020-16022 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16022.html CVE-2020-16022 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16023 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16023.html CVE-2020-16023 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-16024 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16024.html CVE-2020-16024 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-16025 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16025.html CVE-2020-16025 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16026 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16026.html CVE-2020-16026 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension. CVE-2020-16027 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16027.html CVE-2020-16027 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16028 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16028.html CVE-2020-16028 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file. CVE-2020-16029 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16029.html CVE-2020-16029 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Insufficient data validation in Blink in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. CVE-2020-16030 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16030.html CVE-2020-16030 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2020-16031 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16031.html CVE-2020-16031 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Insufficient data validation in sharing in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2020-16032 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16032.html CVE-2020-16032 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Inappropriate implementation in WebUSB in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof security UI via a crafted HTML page. CVE-2020-16033 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16033.html CVE-2020-16033 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Inappropriate implementation in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a local attacker to bypass policy restrictions via a crafted HTML page. CVE-2020-16034 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16034.html CVE-2020-16034 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Insufficient data validation in cros-disks in Google Chrome on ChromeOS prior to 87.0.4280.66 allowed a remote attacker who had compromised the browser process to bypass noexec restrictions via a malicious file. CVE-2020-16035 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16035.html CVE-2020-16035 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Inappropriate implementation in cookies in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass cookie restrictions via a crafted HTML page. CVE-2020-16036 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16036.html CVE-2020-16036 https://bugzilla.suse.com/1178923 SUSE Bug 1178923 Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16037 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16037.html CVE-2020-16037 https://bugzilla.suse.com/1179576 SUSE Bug 1179576 Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16038 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16038.html CVE-2020-16038 https://bugzilla.suse.com/1179576 SUSE Bug 1179576 Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16039 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16039.html CVE-2020-16039 https://bugzilla.suse.com/1179576 SUSE Bug 1179576 Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-16040 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16040.html CVE-2020-16040 https://bugzilla.suse.com/1179576 SUSE Bug 1179576 Out of bounds read in networking in Google Chrome prior to 87.0.4280.88 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2020-16041 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16041.html CVE-2020-16041 https://bugzilla.suse.com/1179576 SUSE Bug 1179576 Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2020-16042 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16042.html CVE-2020-16042 https://bugzilla.suse.com/1179576 SUSE Bug 1179576 https://bugzilla.suse.com/1180039 SUSE Bug 1180039 Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic. CVE-2020-16043 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16043.html CVE-2020-16043 https://bugzilla.suse.com/1180645 SUSE Bug 1180645 Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet. CVE-2020-16044 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-16044.html CVE-2020-16044 https://bugzilla.suse.com/1180623 SUSE Bug 1180623 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2020-27844 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-27844.html CVE-2020-27844 https://bugzilla.suse.com/1180045 SUSE Bug 1180045 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6377 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6377.html CVE-2020-6377 https://bugzilla.suse.com/1160337 SUSE Bug 1160337 Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6378 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6378.html CVE-2020-6378 https://bugzilla.suse.com/1161252 SUSE Bug 1161252 Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6379 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6379.html CVE-2020-6379 https://bugzilla.suse.com/1161252 SUSE Bug 1161252 Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted Chrome Extension. CVE-2020-6380 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6380.html CVE-2020-6380 https://bugzilla.suse.com/1161252 SUSE Bug 1161252 Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6381 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6381.html CVE-2020-6381 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6382 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6382.html CVE-2020-6382 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page. CVE-2020-6385 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6385.html CVE-2020-6385 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream. CVE-2020-6387 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6387.html CVE-2020-6387 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Out of bounds access in WebAudio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6388 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6388.html CVE-2020-6388 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream. CVE-2020-6389 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6389.html CVE-2020-6389 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6390 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6390.html CVE-2020-6390 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page. CVE-2020-6391 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6391.html CVE-2020-6391 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. CVE-2020-6392 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6392.html CVE-2020-6392 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6393 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6393.html CVE-2020-6393 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2020-6394 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6394.html CVE-2020-6394 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2020-6395 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6395.html CVE-2020-6395 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2020-6396 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6396.html CVE-2020-6396 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page. CVE-2020-6397 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6397.html CVE-2020-6397 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2020-6398 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6398.html CVE-2020-6398 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Insufficient policy enforcement in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6399 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6399.html CVE-2020-6399 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6400 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6400.html CVE-2020-6400 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2020-6401 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6401.html CVE-2020-6401 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. CVE-2020-6402 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6402.html CVE-2020-6402 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2020-6403 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6403.html CVE-2020-6403 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6404 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6404.html CVE-2020-6404 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2020-6405 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6405.html CVE-2020-6405 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6406 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6406.html CVE-2020-6406 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6407 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6407.html CVE-2020-6407 https://bugzilla.suse.com/1164828 SUSE Bug 1164828 Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page. CVE-2020-6408 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6408.html CVE-2020-6408 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name. CVE-2020-6409 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6409.html CVE-2020-6409 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Insufficient policy enforcement in navigation in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to confuse the user via a crafted domain name. CVE-2020-6410 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6410.html CVE-2020-6410 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2020-6411 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6411.html CVE-2020-6411 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2020-6412 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6412.html CVE-2020-6412 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page. CVE-2020-6413 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6413.html CVE-2020-6413 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6414 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6414.html CVE-2020-6414 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6415 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6415.html CVE-2020-6415 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6416 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6416.html CVE-2020-6416 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local attacker to execute arbitrary code via a crafted registry entry. CVE-2020-6417 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6417.html CVE-2020-6417 https://bugzilla.suse.com/1162833 SUSE Bug 1162833 Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6418 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6418.html CVE-2020-6418 https://bugzilla.suse.com/1164828 SUSE Bug 1164828 Insufficient policy enforcement in media in Google Chrome prior to 80.0.3987.132 allowed a remote attacker to bypass same origin policy via a crafted HTML page. CVE-2020-6420 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6420.html CVE-2020-6420 https://bugzilla.suse.com/1165826 SUSE Bug 1165826 Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6422 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6422.html CVE-2020-6422 https://bugzilla.suse.com/1167090 SUSE Bug 1167090 Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6423 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6423.html CVE-2020-6423 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6424 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6424.html CVE-2020-6424 https://bugzilla.suse.com/1167090 SUSE Bug 1167090 Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension. CVE-2020-6425 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6425.html CVE-2020-6425 https://bugzilla.suse.com/1167090 SUSE Bug 1167090 Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6426 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6426.html CVE-2020-6426 https://bugzilla.suse.com/1167090 SUSE Bug 1167090 Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6427 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6427.html CVE-2020-6427 https://bugzilla.suse.com/1167090 SUSE Bug 1167090 Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6428 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6428.html CVE-2020-6428 https://bugzilla.suse.com/1167090 SUSE Bug 1167090 Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6429 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6429.html CVE-2020-6429 https://bugzilla.suse.com/1167090 SUSE Bug 1167090 Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6430 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6430.html CVE-2020-6430 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page. CVE-2020-6431 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6431.html CVE-2020-6431 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6432 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6432.html CVE-2020-6432 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6433 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6433.html CVE-2020-6433 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6434 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6434.html CVE-2020-6434 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. CVE-2020-6435 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6435.html CVE-2020-6435 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6436 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6436.html CVE-2020-6436 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted application. CVE-2020-6437 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6437.html CVE-2020-6437 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. CVE-2020-6438 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6438.html CVE-2020-6438 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page. CVE-2020-6439 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6439.html CVE-2020-6439 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension. CVE-2020-6440 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6440.html CVE-2020-6440 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page. CVE-2020-6441 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6441.html CVE-2020-6441 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6442 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6442.html CVE-2020-6442 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page. CVE-2020-6443 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6443.html CVE-2020-6443 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6444 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6444.html CVE-2020-6444 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2020-6445 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6445.html CVE-2020-6445 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2020-6446 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6446.html CVE-2020-6446 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6447 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6447.html CVE-2020-6447 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6448 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6448.html CVE-2020-6448 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6449 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6449.html CVE-2020-6449 https://bugzilla.suse.com/1167090 SUSE Bug 1167090 Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6450 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6450.html CVE-2020-6450 https://bugzilla.suse.com/1168421 SUSE Bug 1168421 Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6451 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6451.html CVE-2020-6451 https://bugzilla.suse.com/1168421 SUSE Bug 1168421 Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6452 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6452.html CVE-2020-6452 https://bugzilla.suse.com/1168421 SUSE Bug 1168421 Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. CVE-2020-6454 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6454.html CVE-2020-6454 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6455 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6455.html CVE-2020-6455 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents. CVE-2020-6456 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6456.html CVE-2020-6456 https://bugzilla.suse.com/1168911 SUSE Bug 1168911 Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-6457 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6457.html CVE-2020-6457 https://bugzilla.suse.com/1169729 SUSE Bug 1169729 Out of bounds read and write in PDFium in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2020-6458 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6458.html CVE-2020-6458 https://bugzilla.suse.com/1170107 SUSE Bug 1170107 Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6459 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6459.html CVE-2020-6459 https://bugzilla.suse.com/1170107 SUSE Bug 1170107 Insufficient data validation in URL formatting in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to perform domain spoofing via a crafted domain name. CVE-2020-6460 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6460.html CVE-2020-6460 https://bugzilla.suse.com/1170107 SUSE Bug 1170107 Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-6462 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6462.html CVE-2020-6462 https://bugzilla.suse.com/1170707 SUSE Bug 1170707 Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6463 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6463.html CVE-2020-6463 https://bugzilla.suse.com/1171975 SUSE Bug 1171975 https://bugzilla.suse.com/1174538 SUSE Bug 1174538 Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6464 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6464.html CVE-2020-6464 https://bugzilla.suse.com/1171247 SUSE Bug 1171247 Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-6465 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6465.html CVE-2020-6465 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-6466 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6466.html CVE-2020-6466 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6467 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6467.html CVE-2020-6467 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6468 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6468.html CVE-2020-6468 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. CVE-2020-6469 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6469.html CVE-2020-6469 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents. CVE-2020-6470 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6470.html CVE-2020-6470 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. CVE-2020-6471 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6471.html CVE-2020-6471 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension. CVE-2020-6472 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6472.html CVE-2020-6472 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2020-6473 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6473.html CVE-2020-6473 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6474 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6474.html CVE-2020-6474 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Incorrect implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page. CVE-2020-6475 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6475.html CVE-2020-6475 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. CVE-2020-6476 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6476.html CVE-2020-6476 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a local attacker to perform privilege escalation via a crafted file. CVE-2020-6477 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6477.html CVE-2020-6477 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Inappropriate implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page. CVE-2020-6478 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6478.html CVE-2020-6478 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Inappropriate implementation in sharing in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page. CVE-2020-6479 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6479.html CVE-2020-6479 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local attacker to bypass navigation restrictions via UI actions. CVE-2020-6480 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6480.html CVE-2020-6480 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to perform domain spoofing via a crafted domain name. CVE-2020-6481 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6481.html CVE-2020-6481 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. CVE-2020-6482 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6482.html CVE-2020-6482 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6483 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6483.html CVE-2020-6483 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted request. CVE-2020-6484 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6484.html CVE-2020-6484 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient data validation in media router in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. CVE-2020-6485 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6485.html CVE-2020-6485 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient policy enforcement in navigations in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6486 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6486.html CVE-2020-6486 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6487 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6487.html CVE-2020-6487 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6488 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6488.html CVE-2020-6488 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page. CVE-2020-6489 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6489.html CVE-2020-6489 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page. CVE-2020-6490 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6490.html CVE-2020-6490 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name. CVE-2020-6491 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6491.html CVE-2020-6491 https://bugzilla.suse.com/1171910 SUSE Bug 1171910 Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-6493 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6493.html CVE-2020-6493 https://bugzilla.suse.com/1172496 SUSE Bug 1172496 Incorrect security UI in payments in Google Chrome on Android prior to 83.0.4103.97 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2020-6494 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6494.html CVE-2020-6494 https://bugzilla.suse.com/1172496 SUSE Bug 1172496 Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. CVE-2020-6495 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6495.html CVE-2020-6495 https://bugzilla.suse.com/1172496 SUSE Bug 1172496 Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-6496 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6496.html CVE-2020-6496 https://bugzilla.suse.com/1172496 SUSE Bug 1172496 Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-6505 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6505.html CVE-2020-6505 https://bugzilla.suse.com/1173029 SUSE Bug 1173029 Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a crafted HTML page. CVE-2020-6506 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6506.html CVE-2020-6506 https://bugzilla.suse.com/1173029 SUSE Bug 1173029 Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6507 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6507.html CVE-2020-6507 https://bugzilla.suse.com/1173029 SUSE Bug 1173029 Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. CVE-2020-6509 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6509.html CVE-2020-6509 https://bugzilla.suse.com/1173251 SUSE Bug 1173251 Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6510 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6510.html CVE-2020-6510 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6511 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6511.html CVE-2020-6511 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6512 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6512.html CVE-2020-6512 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. CVE-2020-6513 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6513.html CVE-2020-6513 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. CVE-2020-6514 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6514.html CVE-2020-6514 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 https://bugzilla.suse.com/1174538 SUSE Bug 1174538 Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6515 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6515.html CVE-2020-6515 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6516 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6516.html CVE-2020-6516 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6517 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6517.html CVE-2020-6517 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6518 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6518.html CVE-2020-6518 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2020-6519 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6519.html CVE-2020-6519 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6520 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6520.html CVE-2020-6520 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2020-6521 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6521.html CVE-2020-6521 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-6522 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6522.html CVE-2020-6522 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6523 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6523.html CVE-2020-6523 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6524 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6524.html CVE-2020-6524 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6525 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6525.html CVE-2020-6525 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6526 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6526.html CVE-2020-6526 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2020-6527 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6527.html CVE-2020-6527 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2020-6528 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6528.html CVE-2020-6528 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page. CVE-2020-6529 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6529.html CVE-2020-6529 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. CVE-2020-6530 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6530.html CVE-2020-6530 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6531 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6531.html CVE-2020-6531 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6532 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6532.html CVE-2020-6532 https://bugzilla.suse.com/1174582 SUSE Bug 1174582 Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6533 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6533.html CVE-2020-6533 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6534 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6534.html CVE-2020-6534 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page. CVE-2020-6535 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6535.html CVE-2020-6535 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA. CVE-2020-6536 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6536.html CVE-2020-6536 https://bugzilla.suse.com/1174189 SUSE Bug 1174189 Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2020-6537 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6537.html CVE-2020-6537 https://bugzilla.suse.com/1174582 SUSE Bug 1174582 Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6538 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6538.html CVE-2020-6538 https://bugzilla.suse.com/1174582 SUSE Bug 1174582 Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6539 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6539.html CVE-2020-6539 https://bugzilla.suse.com/1174582 SUSE Bug 1174582 Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6540 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6540.html CVE-2020-6540 https://bugzilla.suse.com/1174582 SUSE Bug 1174582 Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6541 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6541.html CVE-2020-6541 https://bugzilla.suse.com/1174582 SUSE Bug 1174582 Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6542 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6542.html CVE-2020-6542 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6543 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6543.html CVE-2020-6543 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6544 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6544.html CVE-2020-6544 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6545 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6545.html CVE-2020-6545 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem. CVE-2020-6546 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6546.html CVE-2020-6546 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page. CVE-2020-6547 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6547.html CVE-2020-6547 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6548 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6548.html CVE-2020-6548 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6549 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6549.html CVE-2020-6549 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6550 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6550.html CVE-2020-6550 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6551 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6551.html CVE-2020-6551 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6552 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6552.html CVE-2020-6552 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6553 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6553.html CVE-2020-6553 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. CVE-2020-6554 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6554.html CVE-2020-6554 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2020-6555 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6555.html CVE-2020-6555 https://bugzilla.suse.com/1175085 SUSE Bug 1175085 Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6556 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6556.html CVE-2020-6556 https://bugzilla.suse.com/1175505 SUSE Bug 1175505 Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2020-6557 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6557.html CVE-2020-6557 https://bugzilla.suse.com/1177408 SUSE Bug 1177408 Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6558 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6558.html CVE-2020-6558 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6559 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6559.html CVE-2020-6559 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6560 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6560.html CVE-2020-6560 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6561 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6561.html CVE-2020-6561 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6562 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6562.html CVE-2020-6562 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. CVE-2020-6563 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6563.html CVE-2020-6563 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page. CVE-2020-6564 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6564.html CVE-2020-6564 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2020-6565 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6565.html CVE-2020-6565 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2020-6566 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6566.html CVE-2020-6566 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6567 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6567.html CVE-2020-6567 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2020-6568 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6568.html CVE-2020-6568 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6569 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6569.html CVE-2020-6569 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction. CVE-2020-6570 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6570.html CVE-2020-6570 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2020-6571 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6571.html CVE-2020-6571 https://bugzilla.suse.com/1175757 SUSE Bug 1175757 Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-6573 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6573.html CVE-2020-6573 https://bugzilla.suse.com/1176306 SUSE Bug 1176306 Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary. CVE-2020-6574 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6574.html CVE-2020-6574 https://bugzilla.suse.com/1176306 SUSE Bug 1176306 Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2020-6575 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6575.html CVE-2020-6575 https://bugzilla.suse.com/1176306 SUSE Bug 1176306 Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2020-6576 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6576.html CVE-2020-6576 https://bugzilla.suse.com/1176306 SUSE Bug 1176306 A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. CVE-2020-6831 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-6831.html CVE-2020-6831 https://bugzilla.suse.com/1171186 SUSE Bug 1171186 https://bugzilla.suse.com/1171247 SUSE Bug 1171247 Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21106 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21106.html CVE-2021-21106 https://bugzilla.suse.com/1180645 SUSE Bug 1180645 Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21107 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21107.html CVE-2021-21107 https://bugzilla.suse.com/1180645 SUSE Bug 1180645 Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21108 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21108.html CVE-2021-21108 https://bugzilla.suse.com/1180645 SUSE Bug 1180645 Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21109 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21109.html CVE-2021-21109 https://bugzilla.suse.com/1180645 SUSE Bug 1180645 Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21110 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21110.html CVE-2021-21110 https://bugzilla.suse.com/1180645 SUSE Bug 1180645 Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. CVE-2021-21111 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21111.html CVE-2021-21111 https://bugzilla.suse.com/1180645 SUSE Bug 1180645 Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21112 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21112.html CVE-2021-21112 https://bugzilla.suse.com/1180645 SUSE Bug 1180645 Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21113 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21113.html CVE-2021-21113 https://bugzilla.suse.com/1180645 SUSE Bug 1180645 Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21114 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21114.html CVE-2021-21114 https://bugzilla.suse.com/1180645 SUSE Bug 1180645 User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21115 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21115.html CVE-2021-21115 https://bugzilla.suse.com/1180645 SUSE Bug 1180645 Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21116 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21116.html CVE-2021-21116 https://bugzilla.suse.com/1180645 SUSE Bug 1180645 Insufficient policy enforcement in Cryptohome in Google Chrome prior to 88.0.4324.96 allowed a local attacker to perform OS-level privilege escalation via a crafted file. CVE-2021-21117 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21117.html CVE-2021-21117 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2021-21118 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21118.html CVE-2021-21118 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Use after free in Media in Google Chrome prior to 88.0.4324.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21119 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21119.html CVE-2021-21119 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Use after free in WebSQL in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21120 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21120.html CVE-2021-21120 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Use after free in Omnibox in Google Chrome on Linux prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21121 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21121.html CVE-2021-21121 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21122 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21122.html CVE-2021-21122 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. CVE-2021-21123 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21123.html CVE-2021-21123 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Potential user after free in Speech Recognizer in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21124 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21124.html CVE-2021-21124 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. CVE-2021-21125 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21125.html CVE-2021-21125 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. CVE-2021-21126 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21126.html CVE-2021-21126 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass content security policy via a crafted Chrome Extension. CVE-2021-21127 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21127.html CVE-2021-21127 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Heap buffer overflow in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21128 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21128.html CVE-2021-21128 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. CVE-2021-21129 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21129.html CVE-2021-21129 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. CVE-2021-21130 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21130.html CVE-2021-21130 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. CVE-2021-21131 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21131.html CVE-2021-21131 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. CVE-2021-21132 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21132.html CVE-2021-21132 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in Downloads in Google Chrome prior to 88.0.4324.96 allowed an attacker who convinced a user to download files to bypass navigation restrictions via a crafted HTML page. CVE-2021-21133 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21133.html CVE-2021-21133 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page. CVE-2021-21134 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21134.html CVE-2021-21134 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-21135 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21135.html CVE-2021-21135 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-21136 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21136.html CVE-2021-21136 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. CVE-2021-21137 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21137.html CVE-2021-21137 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Use after free in DevTools in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform a sandbox escape via a crafted file. CVE-2021-21138 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21138.html CVE-2021-21138 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2021-21139 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21139.html CVE-2021-21139 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device. CVE-2021-21140 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21140.html CVE-2021-21140 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page. CVE-2021-21141 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21141.html CVE-2021-21141 https://bugzilla.suse.com/1181137 SUSE Bug 1181137 Use after free in Payments in Google Chrome on Mac prior to 88.0.4324.146 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21142 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21142.html CVE-2021-21142 https://bugzilla.suse.com/1181772 SUSE Bug 1181772 Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. CVE-2021-21143 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21143.html CVE-2021-21143 https://bugzilla.suse.com/1181772 SUSE Bug 1181772 Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. CVE-2021-21144 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21144.html CVE-2021-21144 https://bugzilla.suse.com/1181772 SUSE Bug 1181772 Use after free in Fonts in Google Chrome prior to 88.0.4324.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21145 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21145.html CVE-2021-21145 https://bugzilla.suse.com/1181772 SUSE Bug 1181772 Use after free in Navigation in Google Chrome prior to 88.0.4324.146 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21146 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21146.html CVE-2021-21146 https://bugzilla.suse.com/1181772 SUSE Bug 1181772 Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2021-21147 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21147.html CVE-2021-21147 https://bugzilla.suse.com/1181772 SUSE Bug 1181772 Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21148 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21148.html CVE-2021-21148 https://bugzilla.suse.com/1181827 SUSE Bug 1181827 Stack buffer overflow in Data Transfer in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. CVE-2021-21149 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21149.html CVE-2021-21149 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Use after free in Downloads in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21150 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21150.html CVE-2021-21150 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Use after free in Payments in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21151 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21151.html CVE-2021-21151 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Heap buffer overflow in Media in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21152 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21152.html CVE-2021-21152 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Stack buffer overflow in GPU Process in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2021-21153 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21153.html CVE-2021-21153 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21154 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21154.html CVE-2021-21154 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21155 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21155.html CVE-2021-21155 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted script. CVE-2021-21156 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21156.html CVE-2021-21156 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21157 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21157.html CVE-2021-21157 https://bugzilla.suse.com/1182358 SUSE Bug 1182358 Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21159 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21159.html CVE-2021-21159 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Heap buffer overflow in WebAudio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21160 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21160.html CVE-2021-21160 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21161 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21161.html CVE-2021-21161 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Use after free in WebRTC in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21162 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21162.html CVE-2021-21162 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server. CVE-2021-21163 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21163.html CVE-2021-21163 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-21164 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21164.html CVE-2021-21164 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21165 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21165.html CVE-2021-21165 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21166 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21166.html CVE-2021-21166 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Use after free in bookmarks in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21167 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21167.html CVE-2021-21167 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Insufficient policy enforcement in appcache in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2021-21168 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21168.html CVE-2021-21168 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2021-21169 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21169.html CVE-2021-21169 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Incorrect security UI in Loader in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2021-21170 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21170.html CVE-2021-21170 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Incorrect security UI in TabStrip and Navigation in Google Chrome on Android prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2021-21171 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21171.html CVE-2021-21171 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 89.0.4389.72 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. CVE-2021-21172 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21172.html CVE-2021-21172 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-21173 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21173.html CVE-2021-21173 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Inappropriate implementation in Referrer in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2021-21174 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21174.html CVE-2021-21174 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-21175 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21175.html CVE-2021-21175 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Inappropriate implementation in full screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2021-21176 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21176.html CVE-2021-21176 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2021-21177 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21177.html CVE-2021-21177 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Inappropriate implementation in Compositing in Google Chrome on Linux and Windows prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2021-21178 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21178.html CVE-2021-21178 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Use after free in Network Internals in Google Chrome on Linux prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21179 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21179.html CVE-2021-21179 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Use after free in tab search in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21180 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21180.html CVE-2021-21180 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2021-21181 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21181.html CVE-2021-21181 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Insufficient policy enforcement in navigations in Google Chrome prior to 89.0.4389.72 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. CVE-2021-21182 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21182.html CVE-2021-21182 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-21183 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21183.html CVE-2021-21183 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-21184 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21184.html CVE-2021-21184 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Insufficient policy enforcement in extensions in Google Chrome prior to 89.0.4389.72 allowed an attacker who convinced a user to install a malicious extension to obtain sensitive information via a crafted Chrome Extension. CVE-2021-21185 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21185.html CVE-2021-21185 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code. CVE-2021-21186 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21186.html CVE-2021-21186 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2021-21187 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21187.html CVE-2021-21187 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Use after free in Blink in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21188 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21188.html CVE-2021-21188 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2021-21189 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21189.html CVE-2021-21189 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Uninitialized data in PDFium in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. CVE-2021-21190 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21190.html CVE-2021-21190 https://bugzilla.suse.com/1182960 SUSE Bug 1182960 https://bugzilla.suse.com/1183514 SUSE Bug 1183514 Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21191 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21191.html CVE-2021-21191 https://bugzilla.suse.com/1183515 SUSE Bug 1183515 Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21192 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21192.html CVE-2021-21192 https://bugzilla.suse.com/1183515 SUSE Bug 1183515 Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21193 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21193.html CVE-2021-21193 https://bugzilla.suse.com/1183515 SUSE Bug 1183515 Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21194 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21194.html CVE-2021-21194 https://bugzilla.suse.com/1184256 SUSE Bug 1184256 Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21195 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21195.html CVE-2021-21195 https://bugzilla.suse.com/1184256 SUSE Bug 1184256 Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21196 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21196.html CVE-2021-21196 https://bugzilla.suse.com/1184256 SUSE Bug 1184256 Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21197 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21197.html CVE-2021-21197 https://bugzilla.suse.com/1184256 SUSE Bug 1184256 Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21198 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21198.html CVE-2021-21198 https://bugzilla.suse.com/1184256 SUSE Bug 1184256 Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21199 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21199.html CVE-2021-21199 https://bugzilla.suse.com/1184256 SUSE Bug 1184256 Use after free in permissions in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21201 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21201.html CVE-2021-21201 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Use after free in extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. CVE-2021-21202 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21202.html CVE-2021-21202 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Use after free in Blink in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21203 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21203.html CVE-2021-21203 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21204 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21204.html CVE-2021-21204 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Insufficient policy enforcement in navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2021-21205 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21205.html CVE-2021-21205 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21206 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21206.html CVE-2021-21206 https://bugzilla.suse.com/1184700 SUSE Bug 1184700 Use after free in IndexedDB in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. CVE-2021-21207 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21207.html CVE-2021-21207 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Insufficient data validation in QR scanner in Google Chrome on iOS prior to 90.0.4430.72 allowed an attacker displaying a QR code to perform domain spoofing via a crafted QR code. CVE-2021-21208 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21208.html CVE-2021-21208 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-21209 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21209.html CVE-2021-21209 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Inappropriate implementation in Network in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially access local UDP ports via a crafted HTML page. CVE-2021-21210 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21210.html CVE-2021-21210 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-21211 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21211.html CVE-2021-21211 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Incorrect security UI in Network Config UI in Google Chrome on ChromeOS prior to 90.0.4430.72 allowed a remote attacker to potentially compromise WiFi connection security via a malicious WAP. CVE-2021-21212 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21212.html CVE-2021-21212 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Use after free in WebMIDI in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21213 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21213.html CVE-2021-21213 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Use after free in Network API in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. CVE-2021-21214 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21214.html CVE-2021-21214 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page. CVE-2021-21215 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21215.html CVE-2021-21215 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page. CVE-2021-21216 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21216.html CVE-2021-21216 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. CVE-2021-21217 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21217.html CVE-2021-21217 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. CVE-2021-21218 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21218.html CVE-2021-21218 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Uninitialized data in PDFium in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. CVE-2021-21219 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21219.html CVE-2021-21219 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21220 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21220.html CVE-2021-21220 https://bugzilla.suse.com/1184700 SUSE Bug 1184700 Insufficient validation of untrusted input in Mojo in Google Chrome prior to 90.0.4430.72 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. CVE-2021-21221 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21221.html CVE-2021-21221 https://bugzilla.suse.com/1184764 SUSE Bug 1184764 Heap buffer overflow in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. CVE-2021-21222 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21222.html CVE-2021-21222 https://bugzilla.suse.com/1185047 SUSE Bug 1185047 Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21223 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21223.html CVE-2021-21223 https://bugzilla.suse.com/1185047 SUSE Bug 1185047 Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2021-21224 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21224.html CVE-2021-21224 https://bugzilla.suse.com/1185047 SUSE Bug 1185047 Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21225 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21225.html CVE-2021-21225 https://bugzilla.suse.com/1185047 SUSE Bug 1185047 Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-21226 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21226.html CVE-2021-21226 https://bugzilla.suse.com/1185047 SUSE Bug 1185047 Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21227 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21227.html CVE-2021-21227 https://bugzilla.suse.com/1185375 SUSE Bug 1185375 Insufficient policy enforcement in extensions in Google Chrome prior to 90.0.4430.93 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. CVE-2021-21228 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21228.html CVE-2021-21228 https://bugzilla.suse.com/1185375 SUSE Bug 1185375 Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2021-21229 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21229.html CVE-2021-21229 https://bugzilla.suse.com/1185375 SUSE Bug 1185375 Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21230 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21230.html CVE-2021-21230 https://bugzilla.suse.com/1185375 SUSE Bug 1185375 Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21231 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21231.html CVE-2021-21231 https://bugzilla.suse.com/1185375 SUSE Bug 1185375 Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21232 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21232.html CVE-2021-21232 https://bugzilla.suse.com/1185375 SUSE Bug 1185375 Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-21233 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-21233.html CVE-2021-21233 https://bugzilla.suse.com/1185375 SUSE Bug 1185375 Incorrect security UI in Web App Installs in Google Chrome on Android prior to 90.0.4430.212 allowed an attacker who convinced a user to install a web application to inject scripts or HTML into a privileged page via a crafted HTML page. CVE-2021-30506 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30506.html CVE-2021-30506 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Inappropriate implementation in Offline in Google Chrome on Android prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. CVE-2021-30507 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30507.html CVE-2021-30507 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Heap buffer overflow in Media Feeds in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to enable certain features in Chrome to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30508 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30508.html CVE-2021-30508 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Out of bounds write in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page and a crafted Chrome extension. CVE-2021-30509 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30509.html CVE-2021-30509 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Use after free in Aura in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30510 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30510.html CVE-2021-30510 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Out of bounds read in Tab Groups in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page. CVE-2021-30511 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30511.html CVE-2021-30511 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Use after free in Notifications in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30512 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30512.html CVE-2021-30512 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30513 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30513.html CVE-2021-30513 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Use after free in Autofill in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30514 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30514.html CVE-2021-30514 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Use after free in File API in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30515 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30515.html CVE-2021-30515 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Heap buffer overflow in History in Google Chrome prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30516 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30516.html CVE-2021-30516 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30517 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30517.html CVE-2021-30517 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Heap buffer overflow in Reader Mode in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30518 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30518.html CVE-2021-30518 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Use after free in Payments in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious payments app to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30519 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30519.html CVE-2021-30519 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Use after free in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30520 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30520.html CVE-2021-30520 https://bugzilla.suse.com/1185908 SUSE Bug 1185908 Heap buffer overflow in Autofill in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. CVE-2021-30521 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30521.html CVE-2021-30521 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Use after free in WebAudio in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30522 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30522.html CVE-2021-30522 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Use after free in WebRTC in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet. CVE-2021-30523 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30523.html CVE-2021-30523 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Use after free in TabStrip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30524 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30524.html CVE-2021-30524 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Use after free in TabGroups in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30525 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30525.html CVE-2021-30525 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Out of bounds write in TabStrip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page. CVE-2021-30526 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30526.html CVE-2021-30526 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Use after free in WebUI in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30527 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30527.html CVE-2021-30527 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30528 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30528.html CVE-2021-30528 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Use after free in Bookmarks in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30529 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30529.html CVE-2021-30529 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Out of bounds memory access in WebAudio in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. CVE-2021-30530 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30530.html CVE-2021-30530 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2021-30531 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30531.html CVE-2021-30531 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2021-30532 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30532.html CVE-2021-30532 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted iframe. CVE-2021-30533 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30533.html CVE-2021-30533 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Insufficient policy enforcement in iFrameSandbox in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2021-30534 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30534.html CVE-2021-30534 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30535 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30535.html CVE-2021-30535 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Out of bounds read in V8 in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. CVE-2021-30536 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30536.html CVE-2021-30536 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Insufficient policy enforcement in cookies in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass cookie policy via a crafted HTML page. CVE-2021-30537 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30537.html CVE-2021-30537 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2021-30538 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30538.html CVE-2021-30538 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2021-30539 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30539.html CVE-2021-30539 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Incorrect security UI in payments in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2021-30540 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30540.html CVE-2021-30540 https://bugzilla.suse.com/1186458 SUSE Bug 1186458 Use after free in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30541 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30541.html CVE-2021-30541 https://bugzilla.suse.com/1188373 SUSE Bug 1188373 Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30544 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30544.html CVE-2021-30544 https://bugzilla.suse.com/1187141 SUSE Bug 1187141 Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30545 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30545.html CVE-2021-30545 https://bugzilla.suse.com/1187141 SUSE Bug 1187141 Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30546 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30546.html CVE-2021-30546 https://bugzilla.suse.com/1187141 SUSE Bug 1187141 Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2021-30547 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30547.html CVE-2021-30547 https://bugzilla.suse.com/1187141 SUSE Bug 1187141 https://bugzilla.suse.com/1188275 SUSE Bug 1188275 Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30548 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30548.html CVE-2021-30548 https://bugzilla.suse.com/1187141 SUSE Bug 1187141 Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30549 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30549.html CVE-2021-30549 https://bugzilla.suse.com/1187141 SUSE Bug 1187141 Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30550 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30550.html CVE-2021-30550 https://bugzilla.suse.com/1187141 SUSE Bug 1187141 Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30551 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30551.html CVE-2021-30551 https://bugzilla.suse.com/1187141 SUSE Bug 1187141 Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30552 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30552.html CVE-2021-30552 https://bugzilla.suse.com/1187141 SUSE Bug 1187141 Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30553 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30553.html CVE-2021-30553 https://bugzilla.suse.com/1187141 SUSE Bug 1187141 Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30554 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30554.html CVE-2021-30554 https://bugzilla.suse.com/1187481 SUSE Bug 1187481 Use after free in Sharing in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and user gesture. CVE-2021-30555 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30555.html CVE-2021-30555 https://bugzilla.suse.com/1187481 SUSE Bug 1187481 Use after free in WebAudio in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30556 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30556.html CVE-2021-30556 https://bugzilla.suse.com/1187481 SUSE Bug 1187481 Use after free in TabGroups in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30557 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30557.html CVE-2021-30557 https://bugzilla.suse.com/1187481 SUSE Bug 1187481 Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30559 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30559.html CVE-2021-30559 https://bugzilla.suse.com/1188373 SUSE Bug 1188373 Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30560 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30560.html CVE-2021-30560 https://bugzilla.suse.com/1188373 SUSE Bug 1188373 https://bugzilla.suse.com/1208574 SUSE Bug 1208574 https://bugzilla.suse.com/1211500 SUSE Bug 1211500 https://bugzilla.suse.com/1211501 SUSE Bug 1211501 https://bugzilla.suse.com/1211544 SUSE Bug 1211544 Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30561 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30561.html CVE-2021-30561 https://bugzilla.suse.com/1188373 SUSE Bug 1188373 Use after free in WebSerial in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30562 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30562.html CVE-2021-30562 https://bugzilla.suse.com/1188373 SUSE Bug 1188373 Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30563 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30563.html CVE-2021-30563 https://bugzilla.suse.com/1188373 SUSE Bug 1188373 Heap buffer overflow in WebXR in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30564 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30564.html CVE-2021-30564 https://bugzilla.suse.com/1188373 SUSE Bug 1188373 Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page. CVE-2021-30565 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30565.html CVE-2021-30565 Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit stack corruption via a crafted HTML page. CVE-2021-30566 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30566.html CVE-2021-30566 Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture. CVE-2021-30567 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30567.html CVE-2021-30567 Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30568 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30568.html CVE-2021-30568 Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30569 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30569.html CVE-2021-30569 Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-30571 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30571.html CVE-2021-30571 Use after free in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30572 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30572.html CVE-2021-30572 Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30573 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30573.html CVE-2021-30573 Use after free in protocol handling in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30574 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30574.html CVE-2021-30574 Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30575 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30575.html CVE-2021-30575 Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30576 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30576.html CVE-2021-30576 Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file. CVE-2021-30577 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30577.html CVE-2021-30577 Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. CVE-2021-30578 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30578.html CVE-2021-30578 Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30579 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30579.html CVE-2021-30579 Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30581 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30581.html CVE-2021-30581 Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-30582 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30582.html CVE-2021-30582 Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2021-30584 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30584.html CVE-2021-30584 Use after free in sensor handling in Google Chrome on Windows prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30585 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30585.html CVE-2021-30585 Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30588 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30588.html CVE-2021-30588 Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link. CVE-2021-30589 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30589.html CVE-2021-30589 Heap buffer overflow in Bookmarks in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30590 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30590.html CVE-2021-30590 https://bugzilla.suse.com/1189006 SUSE Bug 1189006 Use after free in File System API in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30591 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30591.html CVE-2021-30591 https://bugzilla.suse.com/1189006 SUSE Bug 1189006 Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page. CVE-2021-30592 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30592.html CVE-2021-30592 https://bugzilla.suse.com/1189006 SUSE Bug 1189006 Out of bounds read in Tab Strip in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page. CVE-2021-30593 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30593.html CVE-2021-30593 https://bugzilla.suse.com/1189006 SUSE Bug 1189006 Use after free in Page Info UI in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device. CVE-2021-30594 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30594.html CVE-2021-30594 https://bugzilla.suse.com/1189006 SUSE Bug 1189006 Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2021-30596 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30596.html CVE-2021-30596 https://bugzilla.suse.com/1189006 SUSE Bug 1189006 Use after free in Browser UI in Google Chrome on Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device. CVE-2021-30597 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30597.html CVE-2021-30597 https://bugzilla.suse.com/1189006 SUSE Bug 1189006 Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2021-30598 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30598.html CVE-2021-30598 https://bugzilla.suse.com/1189490 SUSE Bug 1189490 Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. CVE-2021-30599 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30599.html CVE-2021-30599 https://bugzilla.suse.com/1189490 SUSE Bug 1189490 Use after free in Printing in Google Chrome prior to 92.0.4515.159 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30600 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30600.html CVE-2021-30600 https://bugzilla.suse.com/1189490 SUSE Bug 1189490 Use after free in Extensions API in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30601 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30601.html CVE-2021-30601 https://bugzilla.suse.com/1189490 SUSE Bug 1189490 Use after free in WebRTC in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to visit a malicious website to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30602 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30602.html CVE-2021-30602 https://bugzilla.suse.com/1189490 SUSE Bug 1189490 Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30603 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30603.html CVE-2021-30603 https://bugzilla.suse.com/1189490 SUSE Bug 1189490 Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30604 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30604.html CVE-2021-30604 https://bugzilla.suse.com/1189490 SUSE Bug 1189490 Chromium: CVE-2021-30606 Use after free in Blink CVE-2021-30606 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30606.html CVE-2021-30606 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30607 Use after free in Permissions CVE-2021-30607 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30607.html CVE-2021-30607 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30608 Use after free in Web Share CVE-2021-30608 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30608.html CVE-2021-30608 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30609 Use after free in Sign-In CVE-2021-30609 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30609.html CVE-2021-30609 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30610 Use after free in Extensions API CVE-2021-30610 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30610.html CVE-2021-30610 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30611 Use after free in WebRTC CVE-2021-30611 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30611.html CVE-2021-30611 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30612 Use after free in WebRTC CVE-2021-30612 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30612.html CVE-2021-30612 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30613 Use after free in Base internals CVE-2021-30613 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30613.html CVE-2021-30613 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip CVE-2021-30614 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30614.html CVE-2021-30614 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30615 Cross-origin data leak in Navigation CVE-2021-30615 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30615.html CVE-2021-30615 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30616 Use after free in Media CVE-2021-30616 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30616.html CVE-2021-30616 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30617 Policy bypass in Blink CVE-2021-30617 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30617.html CVE-2021-30617 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30618 Inappropriate implementation in DevTools CVE-2021-30618 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30618.html CVE-2021-30618 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30619 UI Spoofing in Autofill CVE-2021-30619 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30619.html CVE-2021-30619 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink CVE-2021-30620 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30620.html CVE-2021-30620 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30621 UI Spoofing in Autofill CVE-2021-30621 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30621.html CVE-2021-30621 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30622 Use after free in WebApp Installs CVE-2021-30622 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30622.html CVE-2021-30622 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30623 Use after free in Bookmarks CVE-2021-30623 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30623.html CVE-2021-30623 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Chromium: CVE-2021-30624 Use after free in Autofill CVE-2021-30624 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30624.html CVE-2021-30624 https://bugzilla.suse.com/1190096 SUSE Bug 1190096 Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30625 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30625.html CVE-2021-30625 https://bugzilla.suse.com/1190476 SUSE Bug 1190476 Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30626 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30626.html CVE-2021-30626 https://bugzilla.suse.com/1190476 SUSE Bug 1190476 Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30627 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30627.html CVE-2021-30627 https://bugzilla.suse.com/1190476 SUSE Bug 1190476 Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. CVE-2021-30628 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30628.html CVE-2021-30628 https://bugzilla.suse.com/1190476 SUSE Bug 1190476 Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30629 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30629.html CVE-2021-30629 https://bugzilla.suse.com/1190476 SUSE Bug 1190476 Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. CVE-2021-30630 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30630.html CVE-2021-30630 https://bugzilla.suse.com/1190476 SUSE Bug 1190476 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. CVE-2021-30631 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30631.html CVE-2021-30631 https://bugzilla.suse.com/1190476 SUSE Bug 1190476 Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-30632 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30632.html CVE-2021-30632 https://bugzilla.suse.com/1190476 SUSE Bug 1190476 Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-30633 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-30633.html CVE-2021-30633 https://bugzilla.suse.com/1190476 SUSE Bug 1190476 Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37956 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37956.html CVE-2021-37956 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37957 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37957.html CVE-2021-37957 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page. CVE-2021-37958 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37958.html CVE-2021-37958 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37959 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37959.html CVE-2021-37959 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. CVE-2021-37960 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37960.html CVE-2021-37960 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37961 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37961.html CVE-2021-37961 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37962 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37962.html CVE-2021-37962 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to bypass site isolation via a crafted HTML page. CVE-2021-37963 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37963.html CVE-2021-37963 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation attack via a crafted ONC file. CVE-2021-37964 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37964.html CVE-2021-37964 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-37965 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37965.html CVE-2021-37965 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2021-37966 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37966.html CVE-2021-37966 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. CVE-2021-37967 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37967.html CVE-2021-37967 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-37968 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37968.html CVE-2021-37968 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file. CVE-2021-37969 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37969.html CVE-2021-37969 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37970 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37970.html CVE-2021-37970 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2021-37971 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37971.html CVE-2021-37971 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37972 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37972.html CVE-2021-37972 https://bugzilla.suse.com/1190765 SUSE Bug 1190765 Use after free in Portals in Google Chrome prior to 94.0.4606.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-37973 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37973.html CVE-2021-37973 https://bugzilla.suse.com/1191166 SUSE Bug 1191166 Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37974 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37974.html CVE-2021-37974 https://bugzilla.suse.com/1191204 SUSE Bug 1191204 Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37975 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37975.html CVE-2021-37975 https://bugzilla.suse.com/1191204 SUSE Bug 1191204 Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2021-37976 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37976.html CVE-2021-37976 https://bugzilla.suse.com/1191204 SUSE Bug 1191204 Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37977 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37977.html CVE-2021-37977 https://bugzilla.suse.com/1191463 SUSE Bug 1191463 Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37978 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37978.html CVE-2021-37978 https://bugzilla.suse.com/1191463 SUSE Bug 1191463 heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37979 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37979.html CVE-2021-37979 https://bugzilla.suse.com/1191463 SUSE Bug 1191463 Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows. CVE-2021-37980 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37980.html CVE-2021-37980 https://bugzilla.suse.com/1191463 SUSE Bug 1191463 Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-37981 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37981.html CVE-2021-37981 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37982 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37982.html CVE-2021-37982 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37983 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37983.html CVE-2021-37983 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37984 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37984.html CVE-2021-37984 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37985 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37985.html CVE-2021-37985 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37986 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37986.html CVE-2021-37986 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37987 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37987.html CVE-2021-37987 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37988 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37988.html CVE-2021-37988 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page. CVE-2021-37989 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37989.html CVE-2021-37989 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app. CVE-2021-37990 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37990.html CVE-2021-37990 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37991 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37991.html CVE-2021-37991 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37992 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37992.html CVE-2021-37992 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37993 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37993.html CVE-2021-37993 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2021-37994 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37994.html CVE-2021-37994 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2021-37995 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37995.html CVE-2021-37995 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file. CVE-2021-37996 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37996.html CVE-2021-37996 https://bugzilla.suse.com/1191844 SUSE Bug 1191844 Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37997 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37997.html CVE-2021-37997 https://bugzilla.suse.com/1192184 SUSE Bug 1192184 Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-37998 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37998.html CVE-2021-37998 https://bugzilla.suse.com/1192184 SUSE Bug 1192184 Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page. CVE-2021-37999 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-37999.html CVE-2021-37999 https://bugzilla.suse.com/1192184 SUSE Bug 1192184 Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. CVE-2021-38000 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38000.html CVE-2021-38000 https://bugzilla.suse.com/1192184 SUSE Bug 1192184 Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-38001 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38001.html CVE-2021-38001 https://bugzilla.suse.com/1192184 SUSE Bug 1192184 Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-38002 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38002.html CVE-2021-38002 https://bugzilla.suse.com/1192184 SUSE Bug 1192184 Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-38003 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38003.html CVE-2021-38003 https://bugzilla.suse.com/1192184 SUSE Bug 1192184 Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-38005 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38005.html CVE-2021-38005 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-38006 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38006.html CVE-2021-38006 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-38007 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38007.html CVE-2021-38007 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-38008 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38008.html CVE-2021-38008 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-38009 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38009.html CVE-2021-38009 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. CVE-2021-38010 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38010.html CVE-2021-38010 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-38011 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38011.html CVE-2021-38011 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-38012 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38012.html CVE-2021-38012 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-38013 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38013.html CVE-2021-38013 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-38014 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38014.html CVE-2021-38014 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. CVE-2021-38015 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38015.html CVE-2021-38015 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page. CVE-2021-38016 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38016.html CVE-2021-38016 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2021-38017 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38017.html CVE-2021-38017 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2021-38018 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38018.html CVE-2021-38018 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-38019 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38019.html CVE-2021-38019 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2021-38020 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38020.html CVE-2021-38020 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2021-38021 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38021.html CVE-2021-38021 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-38022 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-38022.html CVE-2021-38022 https://bugzilla.suse.com/1192734 SUSE Bug 1192734 Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. CVE-2021-4052 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4052.html CVE-2021-4052 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4053 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4053.html CVE-2021-4053 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. CVE-2021-4054 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4054.html CVE-2021-4054 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. CVE-2021-4055 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4055.html CVE-2021-4055 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4056 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4056.html CVE-2021-4056 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4057 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4057.html CVE-2021-4057 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4058 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4058.html CVE-2021-4058 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-4059 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4059.html CVE-2021-4059 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4061 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4061.html CVE-2021-4061 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4062 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4062.html CVE-2021-4062 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4063 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4063.html CVE-2021-4063 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4064 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4064.html CVE-2021-4064 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4065 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4065.html CVE-2021-4065 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4066 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4066.html CVE-2021-4066 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4067 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4067.html CVE-2021-4067 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2021-4068 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4068.html CVE-2021-4068 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4078 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4078.html CVE-2021-4078 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets. CVE-2021-4079 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4079.html CVE-2021-4079 https://bugzilla.suse.com/1193519 SUSE Bug 1193519 Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2021-4098 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4098.html CVE-2021-4098 https://bugzilla.suse.com/1193713 SUSE Bug 1193713 Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4099 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4099.html CVE-2021-4099 https://bugzilla.suse.com/1193713 SUSE Bug 1193713 Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4100 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4100.html CVE-2021-4100 https://bugzilla.suse.com/1193713 SUSE Bug 1193713 Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4101 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4101.html CVE-2021-4101 https://bugzilla.suse.com/1193713 SUSE Bug 1193713 Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2021-4102 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-4102.html CVE-2021-4102 https://bugzilla.suse.com/1193713 SUSE Bug 1193713 Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0096 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0096.html CVE-2022-0096 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page. CVE-2022-0097 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0097.html CVE-2022-0097 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures. CVE-2022-0098 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0098.html CVE-2022-0098 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture. CVE-2022-0099 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0099.html CVE-2022-0099 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0100 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0100.html CVE-2022-0100 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture. CVE-2022-0101 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0101.html CVE-2022-0101 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0102 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0102.html CVE-2022-0102 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0103 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0103.html CVE-2022-0103 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0104 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0104.html CVE-2022-0104 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Use after free in PDF Accessibility in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0105 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0105.html CVE-2022-0105 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Use after free in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0106 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0106.html CVE-2022-0106 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0107 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0107.html CVE-2022-0107 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-0108 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0108.html CVE-2022-0108 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1210731 SUSE Bug 1210731 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. CVE-2022-0109 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0109.html CVE-2022-0109 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2022-0110 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0110.html CVE-2022-0110 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to incorrectly set origin via a crafted HTML page. CVE-2022-0111 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0111.html CVE-2022-0111 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL. CVE-2022-0112 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0112.html CVE-2022-0112 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-0113 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0113.html CVE-2022-0113 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page and virtual serial port driver. CVE-2022-0114 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0114.html CVE-2022-0114 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2022-0115 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0115.html CVE-2022-0115 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2022-0116 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0116.html CVE-2022-0116 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-0117 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0117.html CVE-2022-0117 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Inappropriate implementation in WebShare in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2022-0118 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0118.html CVE-2022-0118 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website. CVE-2022-0120 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0120.html CVE-2022-0120 https://bugzilla.suse.com/1194331 SUSE Bug 1194331 https://bugzilla.suse.com/1213802 SUSE Bug 1213802 Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0289 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0289.html CVE-2022-0289 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2022-0290 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0290.html CVE-2022-0290 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. CVE-2022-0291 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0291.html CVE-2022-0291 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. CVE-2022-0292 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0292.html CVE-2022-0292 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0293 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0293.html CVE-2022-0293 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. CVE-2022-0294 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0294.html CVE-2022-0294 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0295 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0295.html CVE-2022-0295 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0296 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0296.html CVE-2022-0296 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0297 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0297.html CVE-2022-0297 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0298 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0298.html CVE-2022-0298 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0300 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0300.html CVE-2022-0300 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0301 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0301.html CVE-2022-0301 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0302 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0302.html CVE-2022-0302 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2022-0303 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0303.html CVE-2022-0303 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0304 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0304.html CVE-2022-0304 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. CVE-2022-0305 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0305.html CVE-2022-0305 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0306 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0306.html CVE-2022-0306 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0307 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0307.html CVE-2022-0307 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0308 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0308.html CVE-2022-0308 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2022-0309 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0309.html CVE-2022-0309 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. CVE-2022-0310 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0310.html CVE-2022-0310 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0311 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0311.html CVE-2022-0311 https://bugzilla.suse.com/1194919 SUSE Bug 1194919 Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2022-0452 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0452.html CVE-2022-0452 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Use after free in Reader Mode in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0453 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0453.html CVE-2022-0453 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Heap buffer overflow in ANGLE in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0454 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0454.html CVE-2022-0454 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 98.0.4758.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2022-0455 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0455.html CVE-2022-0455 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via profile destruction. CVE-2022-0456 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0456.html CVE-2022-0456 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0457 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0457.html CVE-2022-0457 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0459 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0459.html CVE-2022-0459 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Use after free in Window Dialogue in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0460 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0460.html CVE-2022-0460 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass iframe sandbox via a crafted HTML page. CVE-2022-0461 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0461.html CVE-2022-0461 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Inappropriate implementation in Scroll in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-0462 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0462.html CVE-2022-0462 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. CVE-2022-0463 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0463.html CVE-2022-0463 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. CVE-2022-0464 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0464.html CVE-2022-0464 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Use after free in Extensions in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via user interaction. CVE-2022-0465 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0465.html CVE-2022-0465 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page. CVE-2022-0466 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0466.html CVE-2022-0466 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2022-0467 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0467.html CVE-2022-0467 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0468 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0468.html CVE-2022-0468 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0469 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0469.html CVE-2022-0469 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0470 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0470.html CVE-2022-0470 https://bugzilla.suse.com/1195420 SUSE Bug 1195420 Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0603 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0603.html CVE-2022-0603 https://bugzilla.suse.com/1195986 SUSE Bug 1195986 Heap buffer overflow in Tab Groups in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0604 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0604.html CVE-2022-0604 https://bugzilla.suse.com/1195986 SUSE Bug 1195986 Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0605 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0605.html CVE-2022-0605 https://bugzilla.suse.com/1195986 SUSE Bug 1195986 Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0606 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0606.html CVE-2022-0606 https://bugzilla.suse.com/1195986 SUSE Bug 1195986 Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0607 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0607.html CVE-2022-0607 https://bugzilla.suse.com/1195986 SUSE Bug 1195986 Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0608 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0608.html CVE-2022-0608 https://bugzilla.suse.com/1195986 SUSE Bug 1195986 Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0609 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0609.html CVE-2022-0609 https://bugzilla.suse.com/1195986 SUSE Bug 1195986 Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0610 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0610.html CVE-2022-0610 https://bugzilla.suse.com/1195986 SUSE Bug 1195986 Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0789 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0789.html CVE-2022-0789 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page. CVE-2022-0790 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0790.html CVE-2022-0790 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions. CVE-2022-0791 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0791.html CVE-2022-0791 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0792 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0792.html CVE-2022-0792 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension. CVE-2022-0793 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0793.html CVE-2022-0793 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0794 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0794.html CVE-2022-0794 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0795 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0795.html CVE-2022-0795 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0796 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0796.html CVE-2022-0796 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. CVE-2022-0797 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0797.html CVE-2022-0797 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. CVE-2022-0798 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0798.html CVE-2022-0798 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file. CVE-2022-0799 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0799.html CVE-2022-0799 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0800 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0800.html CVE-2022-0800 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. (Chrome security severity: Medium) CVE-2022-0801 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0801.html CVE-2022-0801 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2022-0802 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0802.html CVE-2022-0802 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2022-0803 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0803.html CVE-2022-0803 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2022-0804 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0804.html CVE-2022-0804 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. CVE-2022-0805 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0805.html CVE-2022-0805 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page. CVE-2022-0806 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0806.html CVE-2022-0806 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. CVE-2022-0807 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0807.html CVE-2022-0807 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions. CVE-2022-0808 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0808.html CVE-2022-0808 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0809 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0809.html CVE-2022-0809 https://bugzilla.suse.com/1196641 SUSE Bug 1196641 Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0971 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0971.html CVE-2022-0971 https://bugzilla.suse.com/1197163 SUSE Bug 1197163 Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0972 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0972.html CVE-2022-0972 https://bugzilla.suse.com/1197163 SUSE Bug 1197163 Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0973 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0973.html CVE-2022-0973 https://bugzilla.suse.com/1197163 SUSE Bug 1197163 Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0974 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0974.html CVE-2022-0974 https://bugzilla.suse.com/1197163 SUSE Bug 1197163 Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0975 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0975.html CVE-2022-0975 https://bugzilla.suse.com/1197163 SUSE Bug 1197163 Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0976 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0976.html CVE-2022-0976 https://bugzilla.suse.com/1197163 SUSE Bug 1197163 Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0977 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0977.html CVE-2022-0977 https://bugzilla.suse.com/1197163 SUSE Bug 1197163 Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0978 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0978.html CVE-2022-0978 https://bugzilla.suse.com/1197163 SUSE Bug 1197163 Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-0979 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0979.html CVE-2022-0979 https://bugzilla.suse.com/1197163 SUSE Bug 1197163 Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. CVE-2022-0980 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0980.html CVE-2022-0980 https://bugzilla.suse.com/1197163 SUSE Bug 1197163 Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1096 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1096.html CVE-2022-1096 https://bugzilla.suse.com/1197552 SUSE Bug 1197552 Use after free in Portals in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. CVE-2022-1125 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1125.html CVE-2022-1125 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Use after free in QR Code Generator in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. CVE-2022-1127 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1127.html CVE-2022-1127 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page. CVE-2022-1128 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1128.html CVE-2022-1128 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2022-1129 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1129.html CVE-2022-1129 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to send arbitrary intents from any app via a malicious app. CVE-2022-1130 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1130.html CVE-2022-1130 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Use after free in Cast UI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1131 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1131.html CVE-2022-1131 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device. CVE-2022-1132 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1132.html CVE-2022-1132 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Use after free in WebRTC Perf in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1133 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1133.html CVE-2022-1133 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1134 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1134.html CVE-2022-1134 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Use after free in Shopping Cart in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via standard feature user interaction. CVE-2022-1135 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1135.html CVE-2022-1135 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Use after free in Tab Strip in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific set of user gestures. CVE-2022-1136 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1136.html CVE-2022-1136 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page. CVE-2022-1137 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1137.html CVE-2022-1137 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2022-1138 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1138.html CVE-2022-1138 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-1139 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1139.html CVE-2022-1139 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture. CVE-2022-1141 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1141.html CVE-2022-1141 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. CVE-2022-1142 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1142.html CVE-2022-1142 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. CVE-2022-1143 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1143.html CVE-2022-1143 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Use after free in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. CVE-2022-1144 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1144.html CVE-2022-1144 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interaction and profile destruction. CVE-2022-1145 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1145.html CVE-2022-1145 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-1146 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1146.html CVE-2022-1146 https://bugzilla.suse.com/1197680 SUSE Bug 1197680 Type confusion in V8 in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1232 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1232.html CVE-2022-1232 https://bugzilla.suse.com/1198053 SUSE Bug 1198053 Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1305 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1305.html CVE-2022-1305 https://bugzilla.suse.com/1198361 SUSE Bug 1198361 Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2022-1306 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1306.html CVE-2022-1306 https://bugzilla.suse.com/1198361 SUSE Bug 1198361 Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2022-1307 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1307.html CVE-2022-1307 https://bugzilla.suse.com/1198361 SUSE Bug 1198361 Use after free in BFCache in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1308 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1308.html CVE-2022-1308 https://bugzilla.suse.com/1198361 SUSE Bug 1198361 Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2022-1309 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1309.html CVE-2022-1309 https://bugzilla.suse.com/1198361 SUSE Bug 1198361 Use after free in regular expressions in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1310 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1310.html CVE-2022-1310 https://bugzilla.suse.com/1198361 SUSE Bug 1198361 Use after free in shell in Google Chrome on ChromeOS prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1311 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1311.html CVE-2022-1311 https://bugzilla.suse.com/1198361 SUSE Bug 1198361 Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. CVE-2022-1312 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1312.html CVE-2022-1312 https://bugzilla.suse.com/1198361 SUSE Bug 1198361 Use after free in tab groups in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1313 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1313.html CVE-2022-1313 https://bugzilla.suse.com/1198361 SUSE Bug 1198361 Type confusion in V8 in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1314 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1314.html CVE-2022-1314 https://bugzilla.suse.com/1198361 SUSE Bug 1198361 Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1364 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1364.html CVE-2022-1364 https://bugzilla.suse.com/1198509 SUSE Bug 1198509 Use after free in Vulkan in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1477 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1477.html CVE-2022-1477 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Use after free in SwiftShader in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1478 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1478.html CVE-2022-1478 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Use after free in ANGLE in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1479 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1479.html CVE-2022-1479 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. CVE-2022-1480 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1480.html CVE-2022-1480 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1481 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1481.html CVE-2022-1481 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Inappropriate implementation in WebGL in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1482 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1482.html CVE-2022-1482 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Heap buffer overflow in WebGPU in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1483 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1483.html CVE-2022-1483 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1484 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1484.html CVE-2022-1484 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1485 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1485.html CVE-2022-1485 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Type confusion in V8 in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2022-1486 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1486.html CVE-2022-1486 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test. CVE-2022-1487 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1487.html CVE-2022-1487 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Inappropriate implementation in Extensions API in Google Chrome prior to 101.0.4951.41 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. CVE-2022-1488 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1488.html CVE-2022-1488 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. CVE-2022-1489 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1489.html CVE-2022-1489 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Use after free in Browser Switcher in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1490 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1490.html CVE-2022-1490 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Use after free in Bookmarks in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. CVE-2022-1491 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1491.html CVE-2022-1491 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page. CVE-2022-1492 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1492.html CVE-2022-1492 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. CVE-2022-1493 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1493.html CVE-2022-1493 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass trusted types policy via a crafted HTML page. CVE-2022-1494 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1494.html CVE-2022-1494 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Incorrect security UI in Downloads in Google Chrome on Android prior to 101.0.4951.41 allowed a remote attacker to spoof the APK downloads dialog via a crafted HTML page. CVE-2022-1495 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1495.html CVE-2022-1495 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. CVE-2022-1496 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1496.html CVE-2022-1496 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Inappropriate implementation in Input in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to spoof the contents of cross-origin websites via a crafted HTML page. CVE-2022-1497 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1497.html CVE-2022-1497 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-1498 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1498.html CVE-2022-1498 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page. CVE-2022-1499 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1499.html CVE-2022-1499 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2022-1500 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1500.html CVE-2022-1500 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Inappropriate implementation in iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-1501 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1501.html CVE-2022-1501 https://bugzilla.suse.com/1198917 SUSE Bug 1198917 Use after free in Sharesheet in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions. CVE-2022-1633 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1633.html CVE-2022-1633 https://bugzilla.suse.com/1199409 SUSE Bug 1199409 Use after free in Browser UI in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who had convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific user interactions. CVE-2022-1634 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1634.html CVE-2022-1634 https://bugzilla.suse.com/1199409 SUSE Bug 1199409 Use after free in Permission Prompts in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions. CVE-2022-1635 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1635.html CVE-2022-1635 https://bugzilla.suse.com/1199409 SUSE Bug 1199409 Use after free in Performance APIs in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1636 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1636.html CVE-2022-1636 https://bugzilla.suse.com/1199409 SUSE Bug 1199409 Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-1637 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1637.html CVE-2022-1637 https://bugzilla.suse.com/1199409 SUSE Bug 1199409 Heap buffer overflow in V8 Internationalization in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1638 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1638.html CVE-2022-1638 https://bugzilla.suse.com/1199409 SUSE Bug 1199409 Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1639 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1639.html CVE-2022-1639 https://bugzilla.suse.com/1199409 SUSE Bug 1199409 Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1640 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1640.html CVE-2022-1640 https://bugzilla.suse.com/1199409 SUSE Bug 1199409 Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction. CVE-2022-1641 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1641.html CVE-2022-1641 https://bugzilla.suse.com/1199409 SUSE Bug 1199409 Use after free in Indexed DB in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. CVE-2022-1853 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1853.html CVE-2022-1853 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1854 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1854.html CVE-2022-1854 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1855 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1855.html CVE-2022-1855 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Use after free in User Education in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension or specific user interaction. CVE-2022-1856 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1856.html CVE-2022-1856 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. CVE-2022-1857 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1857.html CVE-2022-1857 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Out of bounds read in DevTools in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform an out of bounds memory read via specific user interaction. CVE-2022-1858 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1858.html CVE-2022-1858 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Use after free in Performance Manager in Google Chrome prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1859 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1859.html CVE-2022-1859 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user interactions. CVE-2022-1860 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1860.html CVE-2022-1860 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific user interaction. CVE-2022-1861 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1861.html CVE-2022-1861 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Inappropriate implementation in Extensions in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass profile restrictions via a crafted HTML page. CVE-2022-1862 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1862.html CVE-2022-1862 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. CVE-2022-1863 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1863.html CVE-2022-1863 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. CVE-2022-1864 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1864.html CVE-2022-1864 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. CVE-2022-1865 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1865.html CVE-2022-1865 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions. CVE-2022-1866 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1866.html CVE-2022-1866 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass same origin policy via a crafted clipboard content. CVE-2022-1867 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1867.html CVE-2022-1867 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Inappropriate implementation in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. CVE-2022-1868 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1868.html CVE-2022-1868 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Type Confusion in V8 in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1869 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1869.html CVE-2022-1869 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. CVE-2022-1870 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1870.html CVE-2022-1870 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted HTML page. CVE-2022-1871 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1871.html CVE-2022-1871 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page. CVE-2022-1872 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1872.html CVE-2022-1872 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-1873 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1873.html CVE-2022-1873 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page. CVE-2022-1874 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1874.html CVE-2022-1874 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-1875 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1875.html CVE-2022-1875 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1876 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-1876.html CVE-2022-1876 https://bugzilla.suse.com/1199893 SUSE Bug 1199893 Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2007 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2007.html CVE-2022-2007 https://bugzilla.suse.com/1200423 SUSE Bug 1200423 Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2008 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2008.html CVE-2022-2008 https://bugzilla.suse.com/1200423 SUSE Bug 1200423 Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2022-2010 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2010.html CVE-2022-2010 https://bugzilla.suse.com/1200423 SUSE Bug 1200423 Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2011 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2011.html CVE-2022-2011 https://bugzilla.suse.com/1200423 SUSE Bug 1200423 Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2156 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2156.html CVE-2022-2156 https://bugzilla.suse.com/1200783 SUSE Bug 1200783 Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2157 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2157.html CVE-2022-2157 https://bugzilla.suse.com/1200783 SUSE Bug 1200783 Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2158 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2158.html CVE-2022-2158 https://bugzilla.suse.com/1200783 SUSE Bug 1200783 Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page. CVE-2022-2160 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2160.html CVE-2022-2160 https://bugzilla.suse.com/1200783 SUSE Bug 1200783 Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who convinced the user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. CVE-2022-2161 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2161.html CVE-2022-2161 https://bugzilla.suse.com/1200783 SUSE Bug 1200783 Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page. CVE-2022-2162 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2162.html CVE-2022-2162 https://bugzilla.suse.com/1200783 SUSE Bug 1200783 Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction. CVE-2022-2163 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2163.html CVE-2022-2163 https://bugzilla.suse.com/1200783 SUSE Bug 1200783 https://bugzilla.suse.com/1201679 SUSE Bug 1201679 Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page. CVE-2022-2164 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2164.html CVE-2022-2164 https://bugzilla.suse.com/1200783 SUSE Bug 1200783 Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. CVE-2022-2165 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2165.html CVE-2022-2165 https://bugzilla.suse.com/1200783 SUSE Bug 1200783 Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2294 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2294.html CVE-2022-2294 https://bugzilla.suse.com/1201216 SUSE Bug 1201216 https://bugzilla.suse.com/1201980 SUSE Bug 1201980 Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2295 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2295.html CVE-2022-2295 https://bugzilla.suse.com/1201216 SUSE Bug 1201216 Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions. CVE-2022-2296 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2296.html CVE-2022-2296 https://bugzilla.suse.com/1201216 SUSE Bug 1201216 Use after free in Guest View in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2477 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2477.html CVE-2022-2477 https://bugzilla.suse.com/1201679 SUSE Bug 1201679 Use after free in PDF in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2478 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2478.html CVE-2022-2478 https://bugzilla.suse.com/1201679 SUSE Bug 1201679 Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page. CVE-2022-2479 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2479.html CVE-2022-2479 https://bugzilla.suse.com/1201679 SUSE Bug 1201679 Use after free in Service Worker API in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2480 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2480.html CVE-2022-2480 https://bugzilla.suse.com/1201679 SUSE Bug 1201679 Use after free in Views in Google Chrome prior to 103.0.5060.134 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via UI interaction. CVE-2022-2481 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2481.html CVE-2022-2481 https://bugzilla.suse.com/1201679 SUSE Bug 1201679 Use after free in Omnibox in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2603 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2603.html CVE-2022-2603 Use after free in Safe Browsing in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2604 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2604.html CVE-2022-2604 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Out of bounds read in Dawn in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2605 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2605.html CVE-2022-2605 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Use after free in Managed devices API in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enable a specific Enterprise policy to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2606 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2606.html CVE-2022-2606 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Use after free in Tab Strip in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. CVE-2022-2607 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2607.html CVE-2022-2607 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Use after free in Overview Mode in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. CVE-2022-2608 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2608.html CVE-2022-2608 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. CVE-2022-2609 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2609.html CVE-2022-2609 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Insufficient policy enforcement in Background Fetch in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-2610 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2610.html CVE-2022-2610 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. CVE-2022-2611 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2611.html CVE-2022-2611 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. CVE-2022-2612 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2612.html CVE-2022-2612 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Use after free in Input in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific UI interactions. CVE-2022-2613 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2613.html CVE-2022-2613 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2614 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2614.html CVE-2022-2614 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-2615 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2615.html CVE-2022-2615 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the Omnibox (URL bar) via a crafted Chrome Extension. CVE-2022-2616 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2616.html CVE-2022-2616 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions. CVE-2022-2617 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2617.html CVE-2022-2617 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Insufficient validation of untrusted input in Internals in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a malicious file . CVE-2022-2618 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2618.html CVE-2022-2618 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Insufficient validation of untrusted input in Settings in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted HTML page. CVE-2022-2619 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2619.html CVE-2022-2619 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Use after free in WebUI in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. CVE-2022-2620 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2620.html CVE-2022-2620 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Use after free in Extensions in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions. CVE-2022-2621 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2621.html CVE-2022-2621 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Insufficient validation of untrusted input in Safe Browsing in Google Chrome on Windows prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a crafted file. CVE-2022-2622 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2622.html CVE-2022-2622 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. CVE-2022-2623 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2623.html CVE-2022-2623 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Heap buffer overflow in PDF in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. CVE-2022-2624 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2624.html CVE-2022-2624 https://bugzilla.suse.com/1202075 SUSE Bug 1202075 Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2852 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2852.html CVE-2022-2852 https://bugzilla.suse.com/1202509 SUSE Bug 1202509 Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2853 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2853.html CVE-2022-2853 https://bugzilla.suse.com/1202509 SUSE Bug 1202509 Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2854 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2854.html CVE-2022-2854 https://bugzilla.suse.com/1202509 SUSE Bug 1202509 Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2855 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2855.html CVE-2022-2855 https://bugzilla.suse.com/1202509 SUSE Bug 1202509 Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page. CVE-2022-2856 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2856.html CVE-2022-2856 https://bugzilla.suse.com/1202509 SUSE Bug 1202509 Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-2857 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2857.html CVE-2022-2857 https://bugzilla.suse.com/1202509 SUSE Bug 1202509 Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. CVE-2022-2858 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2858.html CVE-2022-2858 https://bugzilla.suse.com/1202509 SUSE Bug 1202509 Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. CVE-2022-2859 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2859.html CVE-2022-2859 https://bugzilla.suse.com/1202509 SUSE Bug 1202509 Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions via a crafted HTML page. CVE-2022-2860 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2860.html CVE-2022-2860 https://bugzilla.suse.com/1202509 SUSE Bug 1202509 Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts into WebUI via a crafted HTML page. CVE-2022-2861 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-2861.html CVE-2022-2861 https://bugzilla.suse.com/1202509 SUSE Bug 1202509 Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3038 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3038.html CVE-2022-3038 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3039 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3039.html CVE-2022-3039 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3040 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3040.html CVE-2022-3040 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3041 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3041.html CVE-2022-3041 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3042 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3042.html CVE-2022-3042 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3043 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3043.html CVE-2022-3043 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Inappropriate implementation in Site Isolation in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. CVE-2022-3044 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3044.html CVE-2022-3044 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3045 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3045.html CVE-2022-3045 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3046 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3046.html CVE-2022-3046 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page. CVE-2022-3047 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3047.html CVE-2022-3047 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device. CVE-2022-3048 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3048.html CVE-2022-3048 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3049 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3049.html CVE-2022-3049 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. CVE-2022-3050 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3050.html CVE-2022-3050 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. CVE-2022-3051 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3051.html CVE-2022-3051 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. CVE-2022-3052 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3052.html CVE-2022-3052 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a remote attacker to restrict user navigation via a crafted HTML page. CVE-2022-3053 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3053.html CVE-2022-3053 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Insufficient policy enforcement in DevTools in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3054 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3054.html CVE-2022-3054 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. CVE-2022-3055 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3055.html CVE-2022-3055 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to bypass content security policy via a crafted HTML page. CVE-2022-3056 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3056.html CVE-2022-3056 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Inappropriate implementation in iframe Sandbox in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVE-2022-3057 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3057.html CVE-2022-3057 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction. CVE-2022-3058 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3058.html CVE-2022-3058 https://bugzilla.suse.com/1202964 SUSE Bug 1202964 Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction. CVE-2022-3071 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3071.html CVE-2022-3071 Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. CVE-2022-3075 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3075.html CVE-2022-3075 https://bugzilla.suse.com/1203102 SUSE Bug 1203102 Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) CVE-2022-3195 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3195.html CVE-2022-3195 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) CVE-2022-3196 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3196.html CVE-2022-3196 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) CVE-2022-3197 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3197.html CVE-2022-3197 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) CVE-2022-3198 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3198.html CVE-2022-3198 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3199 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3199.html CVE-2022-3199 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3200 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3200.html CVE-2022-3200 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High) CVE-2022-3201 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3201.html CVE-2022-3201 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3304 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3304.html CVE-2022-3304 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3305 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3305.html CVE-2022-3305 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3306 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3306.html CVE-2022-3306 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3307 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3307.html CVE-2022-3307 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Insufficient policy enforcement in developer tools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-3308 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3308.html CVE-2022-3308 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Use after free in assistant in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: Medium) CVE-2022-3309 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3309.html CVE-2022-3309 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. (Chromium security severity: Medium) CVE-2022-3310 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3310.html CVE-2022-3310 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Use after free in import in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-3311 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3311.html CVE-2022-3311 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. (Chromium security severity: Medium) CVE-2022-3312 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3312.html CVE-2022-3312 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Incorrect security UI in full screen in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-3313 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3313.html CVE-2022-3313 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Use after free in logging in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-3314 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3314.html CVE-2022-3314 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Type confusion in Blink in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) CVE-2022-3315 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3315.html CVE-2022-3315 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass security feature via a crafted HTML page. (Chromium security severity: Low) CVE-2022-3316 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3316.html CVE-2022-3316 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 106.0.5249.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) CVE-2022-3317 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3317.html CVE-2022-3317 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption via UI interaction. (Chromium security severity: Low) CVE-2022-3318 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3318.html CVE-2022-3318 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3370 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3370.html CVE-2022-3370 Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) CVE-2022-3373 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3373.html CVE-2022-3373 Use after free in Skia in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3445 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3445.html CVE-2022-3445 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Heap buffer overflow in WebSQL in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3446 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3446.html CVE-2022-3446 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) CVE-2022-3447 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3447.html CVE-2022-3447 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3448 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3448.html CVE-2022-3448 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High) CVE-2022-3449 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3449.html CVE-2022-3449 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Use after free in Peer Connection in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3450 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3450.html CVE-2022-3450 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3652 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3652.html CVE-2022-3652 https://bugzilla.suse.com/1204732 SUSE Bug 1204732 Heap buffer overflow in Vulkan in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3653 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3653.html CVE-2022-3653 https://bugzilla.suse.com/1204732 SUSE Bug 1204732 Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3654 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3654.html CVE-2022-3654 https://bugzilla.suse.com/1204732 SUSE Bug 1204732 Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-3655 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3655.html CVE-2022-3655 https://bugzilla.suse.com/1204732 SUSE Bug 1204732 Insufficient data validation in File System in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-3656 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3656.html CVE-2022-3656 https://bugzilla.suse.com/1204732 SUSE Bug 1204732 Use after free in Extensions in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) CVE-2022-3657 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3657.html CVE-2022-3657 https://bugzilla.suse.com/1204732 SUSE Bug 1204732 Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium) CVE-2022-3658 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3658.html CVE-2022-3658 https://bugzilla.suse.com/1204732 SUSE Bug 1204732 Use after free in Accessibility in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chromium security severity: Medium) CVE-2022-3659 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3659.html CVE-2022-3659 https://bugzilla.suse.com/1204732 SUSE Bug 1204732 Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 107.0.5304.62 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-3660 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3660.html CVE-2022-3660 https://bugzilla.suse.com/1204732 SUSE Bug 1204732 Insufficient data validation in Extensions in Google Chrome prior to 107.0.5304.62 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome extension. (Chromium security severity: Low) CVE-2022-3661 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3661.html CVE-2022-3661 https://bugzilla.suse.com/1204732 SUSE Bug 1204732 Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3723 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3723.html CVE-2022-3723 https://bugzilla.suse.com/1204819 SUSE Bug 1204819 Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3885 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3885.html CVE-2022-3885 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3886 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3886.html CVE-2022-3886 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3887 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3887.html CVE-2022-3887 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3888 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3888.html CVE-2022-3888 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3889 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3889.html CVE-2022-3889 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVE-2022-3890 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-3890.html CVE-2022-3890 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVE-2022-4135 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4135.html CVE-2022-4135 https://bugzilla.suse.com/1205736 SUSE Bug 1205736 Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4174 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4174.html CVE-2022-4174 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Use after free in Camera Capture in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4175 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4175.html CVE-2022-4175 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: High) CVE-2022-4176 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4176.html CVE-2022-4176 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Use after free in Extensions in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install an extension to potentially exploit heap corruption via a crafted Chrome Extension and UI interaction. (Chromium security severity: High) CVE-2022-4177 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4177.html CVE-2022-4177 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4178 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4178.html CVE-2022-4178 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Use after free in Audio in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High) CVE-2022-4179 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4179.html CVE-2022-4179 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High) CVE-2022-4180 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4180.html CVE-2022-4180 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4181 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4181.html CVE-2022-4181 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Inappropriate implementation in Fenced Frames in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass fenced frame restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-4182 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4182.html CVE-2022-4182 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Insufficient policy enforcement in Popup Blocker in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-4183 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4183.html CVE-2022-4183 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Insufficient policy enforcement in Autofill in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-4184 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4184.html CVE-2022-4184 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-4185 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4185.html CVE-2022-4185 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Insufficient validation of untrusted input in Downloads in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass Downloads restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-4186 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4186.html CVE-2022-4186 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-4187 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4187.html CVE-2022-4187 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-4188 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4188.html CVE-2022-4188 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium) CVE-2022-4189 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4189.html CVE-2022-4189 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Insufficient data validation in Directory in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-4190 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4190.html CVE-2022-4190 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via profile destruction. (Chromium security severity: Medium) CVE-2022-4191 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4191.html CVE-2022-4191 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Use after free in Live Caption in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: Medium) CVE-2022-4192 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4192.html CVE-2022-4192 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Insufficient policy enforcement in File System API in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-4193 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4193.html CVE-2022-4193 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Use after free in Accessibility in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-4194 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4194.html CVE-2022-4194 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass Safe Browsing warnings via a malicious file. (Chromium security severity: Medium) CVE-2022-4195 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4195.html CVE-2022-4195 https://bugzilla.suse.com/1205871 SUSE Bug 1205871 Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4262 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4262.html CVE-2022-4262 https://bugzilla.suse.com/1205999 SUSE Bug 1205999 Use after free in Blink Media in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4436 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4436.html CVE-2022-4436 https://bugzilla.suse.com/1206403 SUSE Bug 1206403 Use after free in Mojo IPC in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4437 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4437.html CVE-2022-4437 https://bugzilla.suse.com/1206403 SUSE Bug 1206403 Use after free in Blink Frames in Google Chrome prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4438 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4438.html CVE-2022-4438 https://bugzilla.suse.com/1206403 SUSE Bug 1206403 Use after free in Aura in Google Chrome on Windows prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chromium security severity: High) CVE-2022-4439 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4439.html CVE-2022-4439 https://bugzilla.suse.com/1206403 SUSE Bug 1206403 Use after free in Profiles in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-4440 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-4440.html CVE-2022-4440 https://bugzilla.suse.com/1206403 SUSE Bug 1206403 Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0128 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0128.html CVE-2023-0128 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and specific interactions. (Chromium security severity: High) CVE-2023-0129 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0129.html CVE-2023-0129 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0130 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0130.html CVE-2023-0130 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0131 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0131.html CVE-2023-0131 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Inappropriate implementation in in Permission prompts in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to force acceptance of a permission prompt via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0132 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0132.html CVE-2023-0132 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypass main origin permission delegation via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0133 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0133.html CVE-2023-0133 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database corruption and a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0134 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0134.html CVE-2023-0134 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database corruption and a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0135 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0135.html CVE-2023-0135 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to execute incorrect security UI via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0136 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0136.html CVE-2023-0136 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0137 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0137.html CVE-2023-0137 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) CVE-2023-0138 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0138.html CVE-2023-0138 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to bypass download restrictions via a crafted HTML page. (Chromium security severity: Low) CVE-2023-0139 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0139.html CVE-2023-0139 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Inappropriate implementation in in File System API in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Low) CVE-2023-0140 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0140.html CVE-2023-0140 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Insufficient policy enforcement in CORS in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) CVE-2023-0141 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0141.html CVE-2023-0141 https://bugzilla.suse.com/1207018 SUSE Bug 1207018 Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0471 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0471.html CVE-2023-0471 https://bugzilla.suse.com/1207512 SUSE Bug 1207512 Use after free in WebRTC in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0472 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0472.html CVE-2023-0472 https://bugzilla.suse.com/1207512 SUSE Bug 1207512 Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0473 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0473.html CVE-2023-0473 https://bugzilla.suse.com/1207512 SUSE Bug 1207512 Use after free in GuestView in Google Chrome prior to 109.0.5414.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a Chrome web app. (Chromium security severity: Medium) CVE-2023-0474 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0474.html CVE-2023-0474 https://bugzilla.suse.com/1207512 SUSE Bug 1207512 Type confusion in V8 in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0696 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0696.html CVE-2023-0696 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 110.0.5481.77 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: High) CVE-2023-0697 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0697.html CVE-2023-0697 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Out of bounds read in WebRTC in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) CVE-2023-0698 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0698.html CVE-2023-0698 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Use after free in GPU in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page and browser shutdown. (Chromium security severity: Medium) CVE-2023-0699 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0699.html CVE-2023-0699 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0700 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0700.html CVE-2023-0700 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Heap buffer overflow in WebUI in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interaction . (Chromium security severity: Medium) CVE-2023-0701 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0701.html CVE-2023-0701 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Type confusion in Data Transfer in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0702 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0702.html CVE-2023-0702 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: Medium) CVE-2023-0703 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0703.html CVE-2023-0703 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass same origin policy and proxy settings via a crafted HTML page. (Chromium security severity: Low) CVE-2023-0704 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0704.html CVE-2023-0704 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Integer overflow in Core in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who had one a race condition to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) CVE-2023-0705 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0705.html CVE-2023-0705 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Use after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0927 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0927.html CVE-2023-0927 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in SwiftShader in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0928 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0928.html CVE-2023-0928 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in Vulkan in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0929 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0929.html CVE-2023-0929 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Heap buffer overflow in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0930 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0930.html CVE-2023-0930 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0931 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0931.html CVE-2023-0931 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in WebRTC in Google Chrome on Windows prior to 110.0.5481.177 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0932 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0932.html CVE-2023-0932 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Integer overflow in PDF in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) CVE-2023-0933 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0933.html CVE-2023-0933 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in Prompts in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) CVE-2023-0941 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-0941.html CVE-2023-0941 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in Swiftshader in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1213 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1213.html CVE-2023-1213 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1214 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1214.html CVE-2023-1214 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1215 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1215.html CVE-2023-1215 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Use after free in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had convienced the user to engage in direct UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1216 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1216.html CVE-2023-1216 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Stack buffer overflow in Crash reporting in Google Chrome on Windows prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) CVE-2023-1217 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1217.html CVE-2023-1217 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Use after free in WebRTC in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1218 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1218.html CVE-2023-1218 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Heap buffer overflow in Metrics in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1219 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1219.html CVE-2023-1219 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Heap buffer overflow in UMA in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1220 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1220.html CVE-2023-1220 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Extensions API in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium) CVE-2023-1221 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1221.html CVE-2023-1221 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1222 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1222.html CVE-2023-1222 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Autofill in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1223 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1223.html CVE-2023-1223 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1224 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1224.html CVE-2023-1224 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 111.0.5563.64 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1225 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1225.html CVE-2023-1225 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1226 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1226.html CVE-2023-1226 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Use after free in Core in Google Chrome on Lacros prior to 111.0.5563.64 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium) CVE-2023-1227 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1227.html CVE-2023-1227 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1228 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1228.html CVE-2023-1228 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1229 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1229.html CVE-2023-1229 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious WebApp to spoof the contents of the PWA installer via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1230 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1230.html CVE-2023-1230 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Inappropriate implementation in Autofill in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to potentially spoof the contents of the omnibox via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1231 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1231.html CVE-2023-1231 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to obtain potentially sensitive information from API via a crafted HTML page. (Chromium security severity: Low) CVE-2023-1232 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1232.html CVE-2023-1232 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from API via a crafted Chrome Extension. (Chromium security severity: Low) CVE-2023-1233 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1233.html CVE-2023-1233 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Inappropriate implementation in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) CVE-2023-1234 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1234.html CVE-2023-1234 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. (Chromium security severity: Low) CVE-2023-1235 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1235.html CVE-2023-1235 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Inappropriate implementation in Internals in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to spoof the origin of an iframe via a crafted HTML page. (Chromium security severity: Low) CVE-2023-1236 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1236.html CVE-2023-1236 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1528 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1528.html CVE-2023-1528 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High) CVE-2023-1529 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1529.html CVE-2023-1529 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1530 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1530.html CVE-2023-1530 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1531 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1531.html CVE-2023-1531 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1532 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1532.html CVE-2023-1532 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1533 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1533.html CVE-2023-1533 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1534 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1534.html CVE-2023-1534 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1810 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1810.html CVE-2023-1810 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1811 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1811.html CVE-2023-1811 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1812 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1812.html CVE-2023-1812 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1813 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1813.html CVE-2023-1813 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass download checking via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1814 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1814.html CVE-2023-1814 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Use after free in Networking APIs in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1815 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1815.html CVE-2023-1815 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Incorrect security UI in Picture In Picture in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially perform navigation spoofing via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1816 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1816.html CVE-2023-1816 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Insufficient policy enforcement in Intents in Google Chrome on Android prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1817 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1817.html CVE-2023-1817 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Use after free in Vulkan in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1818 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1818.html CVE-2023-1818 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Out of bounds read in Accessibility in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1819 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1819.html CVE-2023-1819 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1820 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1820.html CVE-2023-1820 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low) CVE-2023-1821 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1821.html CVE-2023-1821 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) CVE-2023-1822 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1822.html CVE-2023-1822 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) CVE-2023-1823 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-1823.html CVE-2023-1823 https://bugzilla.suse.com/1210126 SUSE Bug 1210126 Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-2033 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2033.html CVE-2023-2033 https://bugzilla.suse.com/1210478 SUSE Bug 1210478 Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-2133 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2133.html CVE-2023-2133 https://bugzilla.suse.com/1210618 SUSE Bug 1210618 Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-2134 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2134.html CVE-2023-2134 https://bugzilla.suse.com/1210618 SUSE Bug 1210618 Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-2135 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2135.html CVE-2023-2135 https://bugzilla.suse.com/1210618 SUSE Bug 1210618 Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVE-2023-2136 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2136.html CVE-2023-2136 https://bugzilla.suse.com/1210618 SUSE Bug 1210618 Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-2137 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2137.html CVE-2023-2137 https://bugzilla.suse.com/1210618 SUSE Bug 1210618 https://bugzilla.suse.com/1210660 SUSE Bug 1210660 Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-2459 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2459.html CVE-2023-2459 https://bugzilla.suse.com/1211036 SUSE Bug 1211036 Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-2460 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2460.html CVE-2023-2460 https://bugzilla.suse.com/1211036 SUSE Bug 1211036 Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium) CVE-2023-2461 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2461.html CVE-2023-2461 https://bugzilla.suse.com/1211036 SUSE Bug 1211036 Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-2462 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2462.html CVE-2023-2462 https://bugzilla.suse.com/1211036 SUSE Bug 1211036 Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-2463 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2463.html CVE-2023-2463 https://bugzilla.suse.com/1211036 SUSE Bug 1211036 Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-2464 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2464.html CVE-2023-2464 https://bugzilla.suse.com/1211036 SUSE Bug 1211036 Inappropriate implementation in CORS in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-2465 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2465.html CVE-2023-2465 https://bugzilla.suse.com/1211036 SUSE Bug 1211036 Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: Low) CVE-2023-2466 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2466.html CVE-2023-2466 https://bugzilla.suse.com/1211036 SUSE Bug 1211036 Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page. (Chromium security severity: Low) CVE-2023-2467 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2467.html CVE-2023-2467 https://bugzilla.suse.com/1211036 SUSE Bug 1211036 Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. (Chromium security severity: Low) CVE-2023-2468 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2468.html CVE-2023-2468 https://bugzilla.suse.com/1211036 SUSE Bug 1211036