Vulnerabilities > CVE-2022-1145 - Use After Free vulnerability in Google Chrome
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interaction and profile destruction.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html
- https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html
- https://crbug.com/1304545
- https://crbug.com/1304545
- https://security.gentoo.org/glsa/202208-25
- https://security.gentoo.org/glsa/202208-25