Issued: Monday, 5 December, 2022 |
Last Revision: Monday, 5 December, 2022 |
Vendor: |
Product: |
Severity Level: |
Google has released a security update for its chrome browser used in windows, Mac and Linux remediating 28 vulnerabilities among which 8 are rated as high and 20 are medium by Chrome security severity, these vulnerabilities are related to memory safety bugs, including one out-of-bound write issue.
A new vulnerability related to chromium-based browser has been released by google, which is vulnerable to arbitrary code execution or escape the browser’s security sandbox. The exploit for this vulnerability CVE-2022-4262 is already exist and widely in use.
Successful exploitation could allow remote attackers to affects confidentiality and integrity.
CVE/Vulnerability | Affected Products | CVSS Score | Exploitable |
CVE-2022-4174 | V8 JavaScript | 8.6
| No |
CVE-2022-4175 | Use after free | ||
CVE-2022-4176 | Out of Bound Write | ||
CVE-2022-4177 | Use after free | ||
CVE-2022-4178 | Use after free | ||
CVE-2022-4179 | Use after free | ||
CVE-2022-4180 | Use after free | ||
CVE-2022-4181 | Use after free | ||
CVE-2022-4262 | arbitrary code execution | 8.8 | Yes |
Affected organizations are encouraged to update Google Chrome to the version 108.0.5359.94/.95 for Windows, and to version 108.0.5359.94for Mac/Linux platforms.