Test ID:	1.3.6.1.4.1.25623.1.0.833465
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for chromium (openSUSE-SU-2022:10073-1)
Summary:	The remote host is missing an update for the 'chromium'; package(s) announced via the openSUSE-SU-2022:10073-1 advisory.
Description:	Summary: The remote host is missing an update for the 'chromium' package(s) announced via the openSUSE-SU-2022:10073-1 advisory. Vulnerability Insight: This update for chromium fixes the following issues: Chromium was updated to 103.0.5060.134 (boo#1201679): * CVE-2022-2477 : Use after free in Guest View * CVE-2022-2478 : Use after free in PDF * CVE-2022-2479 : Insufficient validation of untrusted input in File * CVE-2022-2480 : Use after free in Service Worker API * CVE-2022-2481: Use after free in Views * CVE-2022-2163: Use after free in Cast UI and Toolbar * Various fixes from internal audits, fuzzing and other initiatives Affected Software/OS: 'chromium' package(s) on openSUSE Backports SLE-15-SP4. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-2163 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5BQRTR4SIUNIHLLPWTGYSDNQK7DYCRSB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H2C4XOJVIILDXTOSMWJXHSQNEXFWSOD7/ https://security.gentoo.org/glsa/202208-25 https://security.gentoo.org/glsa/202208-35 https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop_19.html https://crbug.com/1308341 Common Vulnerability Exposure (CVE) ID: CVE-2022-2477 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YKLJ3B3D5BCVWE3QNP4N7HHF26OHD567/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ/ https://crbug.com/1336266 Common Vulnerability Exposure (CVE) ID: CVE-2022-2478 https://crbug.com/1335861 Common Vulnerability Exposure (CVE) ID: CVE-2022-2479 https://crbug.com/1329987 Common Vulnerability Exposure (CVE) ID: CVE-2022-2480 http://packetstormsecurity.com/files/168115/Chrome-content-ServiceWorkerVersion-MaybeTimeoutRequest-Heap-Use-After-Free.html https://crbug.com/1339844 Common Vulnerability Exposure (CVE) ID: CVE-2022-2481 https://crbug.com/1341603
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.