GHSA-vv6j-ww6x-54gx

Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-vv6j-ww6x-54gx/GHSA-vv6j-ww6x-54gx.json

Aliases

CVE-2022-0609 ( DSA-5079-1 )

Published

2022-02-22T21:51:19Z

Modified

2023-03-28T05:37:52.983986Z

Details

CVE-2022-0609: Use after free in Animation

https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0609

Google is aware of reports that exploits for CVE-2022-0609 exist in the wild.

The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available.

There is currently little other public information on the issue other than it has been flagged as High severity.

References

Affected packages

NuGet / CefSharp.Common

CefSharp.Common

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

98.1.210

Affected versions

31.*

31.0.0-pre1

33.*

33.0.0

33.0.2

33.1.0-pre01

37.*

37.0.0

37.0.0-pre01

37.0.0-pre02

37.0.1

37.0.2

37.0.3

39.*

39.0.0

39.0.0-pre01

39.0.0-pre02

39.0.0-pre03

39.0.1

39.0.2

41.*

41.0.0

41.0.0-pre01

41.0.1

43.*

43.0.0

43.0.0-pre01

43.0.0-pre02

43.0.1

45.*

45.0.0

45.0.0-pre01

47.*

47.0.0

47.0.0-pre01

47.0.1

47.0.2

47.0.3

47.0.4

49.*

49.0.0

49.0.0-pre01

49.0.0-pre02

49.0.1

51.*

51.0.0

51.0.0-pre01

51.0.0-pre02

53.*

53.0.0

53.0.0-pre01

53.0.1

55.*

55.0.0

55.0.0-pre01

57.*

57.0.0

57.0.0-pre01

62.*

62.0.0-pre01

62.0.0-proprietary-codecs

62.0.0-proprietary-codecs2

63.*

63.0.0

63.0.0-pre01

63.0.0-pre02

63.0.0-pre03

63.0.1

63.0.2

63.0.3

65.*

65.0.0

65.0.0-pre01

65.0.0-pre02

65.0.1

67.*

67.0.0

67.0.0-pre01

69.*

69.0.0

69.0.0-pre01

71.*

71.0.0

71.0.0-pre01

71.0.1

71.0.2

73.*

73.1.120-pre01

73.1.130

75.*

75.1.140-pre01

75.1.141

75.1.142

75.1.143

79.*

79.1.310-pre

79.1.350

79.1.360

81.*

81.3.100

81.3.20-pre

83.*

83.3.120-pre

83.4.20

84.*

84.3.10-pre

84.4.10

85.*

85.3.120-pre

85.3.121

85.3.121-pre

85.3.130

86.*

86.0.240-pre

86.0.241

87.*

87.1.130-pre

87.1.131-pre

87.1.132

88.*

88.2.40-pre

88.2.90

89.*

89.0.140-pre

89.0.170

90.*

90.5.70-pre

90.6.50

90.6.70

91.*

91.1.160

91.1.210

91.1.211

91.1.230

91.1.60-pre

92.*

92.0.250-pre

92.0.251

92.0.260

93.*

93.1.110-pre

93.1.111

93.1.140

94.*

94.3.0-pre

94.4.110

94.4.20

94.4.50

95.*

95.7.140-pre

95.7.141

96.*

96.0.140-pre

96.0.141

96.0.142

96.0.170

96.0.180

97.*

97.1.10-pre

97.1.11

97.1.12

97.1.60

97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.OffScreen

CefSharp.OffScreen

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

98.1.210

Affected versions

37.*

37.0.0

37.0.0-pre01

37.0.0-pre02

37.0.1

39.*

39.0.0

39.0.0-pre01

39.0.0-pre02

39.0.0-pre03

39.0.1

39.0.2

41.*

41.0.0

41.0.0-pre01

41.0.1

43.*

43.0.0

43.0.0-pre01

43.0.0-pre02

43.0.1

45.*

45.0.0

45.0.0-pre01

47.*

47.0.0

47.0.0-pre01

47.0.1

47.0.2

47.0.3

47.0.4

49.*

49.0.0

49.0.0-pre01

49.0.0-pre02

49.0.1

51.*

51.0.0

51.0.0-pre01

51.0.0-pre02

53.*

53.0.0

53.0.0-pre01

53.0.1

55.*

55.0.0

55.0.0-pre01

57.*

57.0.0

57.0.0-pre01

62.*

62.0.0-pre01

62.0.0-proprietary-codecs

62.0.0-proprietary-codecs2

63.*

63.0.0

63.0.0-pre01

63.0.0-pre02

63.0.0-pre03

63.0.1

63.0.2

63.0.3

65.*

65.0.0

65.0.0-pre01

65.0.0-pre02

65.0.1

67.*

67.0.0

67.0.0-pre01

69.*

69.0.0

69.0.0-pre01

71.*

71.0.0

71.0.0-pre01

71.0.1

71.0.2

73.*

73.1.120-pre01

73.1.130

75.*

75.1.140-pre01

75.1.141

75.1.142

75.1.143

79.*

79.1.310-pre

79.1.350

79.1.360

81.*

81.3.100

81.3.20-pre

83.*

83.3.120-pre

83.4.20

84.*

84.3.10-pre

84.4.10

85.*

85.3.120-pre

85.3.121

85.3.121-pre

85.3.130

86.*

86.0.240-pre

86.0.241

87.*

87.1.130-pre

87.1.131-pre

87.1.132

88.*

88.2.40-pre

88.2.90

89.*

89.0.140-pre

89.0.170

90.*

90.5.70-pre

90.6.50

90.6.70

91.*

91.1.160

91.1.210

91.1.211

91.1.230

91.1.60-pre

92.*

92.0.250-pre

92.0.251

92.0.260

93.*

93.1.110-pre

93.1.111

93.1.140

94.*

94.3.0-pre

94.4.110

94.4.20

94.4.50

95.*

95.7.140-pre

95.7.141

96.*

96.0.140-pre

96.0.141

96.0.142

96.0.170

96.0.180

97.*

97.1.10-pre

97.1.11

97.1.12

97.1.60

97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.WinForms

CefSharp.WinForms

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

98.1.210

Affected versions

1.*

1.25.3

33.*

33.0.0

33.0.2

33.1.0-pre01

37.*

37.0.0

37.0.0-pre01

37.0.0-pre02

37.0.1

37.0.3

39.*

39.0.0

39.0.0-pre01

39.0.0-pre02

39.0.0-pre03

39.0.1

39.0.2

41.*

41.0.0

41.0.0-pre01

41.0.1

43.*

43.0.0

43.0.0-pre01

43.0.0-pre02

43.0.1

45.*

45.0.0

45.0.0-pre01

47.*

47.0.0

47.0.0-pre01

47.0.1

47.0.2

47.0.3

47.0.4

49.*

49.0.0

49.0.0-pre01

49.0.0-pre02

49.0.1

51.*

51.0.0

51.0.0-pre01

51.0.0-pre02

53.*

53.0.0

53.0.0-pre01

53.0.1

55.*

55.0.0

55.0.0-pre01

57.*

57.0.0

57.0.0-pre01

62.*

62.0.0-pre01

62.0.0-proprietary-codecs

62.0.0-proprietary-codecs2

63.*

63.0.0

63.0.0-pre01

63.0.0-pre02

63.0.0-pre03

63.0.1

63.0.2

63.0.3

65.*

65.0.0

65.0.0-pre01

65.0.0-pre02

65.0.1

67.*

67.0.0

67.0.0-pre01

69.*

69.0.0

69.0.0-pre01

71.*

71.0.0

71.0.0-pre01

71.0.1

71.0.2

73.*

73.1.120-pre01

73.1.130

75.*

75.1.140-pre01

75.1.141

75.1.142

75.1.143

79.*

79.1.310-pre

79.1.350

79.1.360

81.*

81.3.100

81.3.20-pre

83.*

83.3.120-pre

83.4.20

84.*

84.3.10-pre

84.4.10

85.*

85.3.120-pre

85.3.121

85.3.121-pre

85.3.130

86.*

86.0.240-pre

86.0.241

87.*

87.1.130-pre

87.1.131-pre

87.1.132

88.*

88.2.40-pre

88.2.90

89.*

89.0.140-pre

89.0.170

90.*

90.5.70-pre

90.6.50

90.6.70

91.*

91.1.160

91.1.210

91.1.211

91.1.230

91.1.60-pre

92.*

92.0.250-pre

92.0.251

92.0.260

93.*

93.1.110-pre

93.1.111

93.1.140

94.*

94.3.0-pre

94.4.110

94.4.20

94.4.50

95.*

95.7.140-pre

95.7.141

96.*

96.0.140-pre

96.0.141

96.0.142

96.0.170

96.0.180

97.*

97.1.10-pre

97.1.11

97.1.12

97.1.60

97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.Wpf

CefSharp.Wpf

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

98.1.210

Affected versions

1.*

1.25.2-perlun0

1.25.3

1.25.4

1.25.5

1.25.6

1.25.7

1.25.8

3.*

3.29.0-pre0

31.*

31.0.0-pre1

33.*

33.0.0

33.0.2

33.1.0-pre01

37.*

37.0.0

37.0.0-pre01

37.0.0-pre02

37.0.1

37.0.3

39.*

39.0.0

39.0.0-pre01

39.0.0-pre02

39.0.0-pre03

39.0.1

39.0.2

41.*

41.0.0

41.0.0-pre01

41.0.1

43.*

43.0.0

43.0.0-pre01

43.0.0-pre02

43.0.1

45.*

45.0.0

45.0.0-pre01

47.*

47.0.0

47.0.0-pre01

47.0.1

47.0.2

47.0.3

47.0.4

49.*

49.0.0

49.0.0-pre01

49.0.0-pre02

49.0.1

51.*

51.0.0

51.0.0-pre01

51.0.0-pre02

53.*

53.0.0

53.0.0-pre01

53.0.1

55.*

55.0.0

55.0.0-pre01

57.*

57.0.0

57.0.0-pre01

62.*

62.0.0-pre01

62.0.0-proprietary-codecs

62.0.0-proprietary-codecs2

63.*

63.0.0

63.0.0-pre01

63.0.0-pre02

63.0.0-pre03

63.0.1

63.0.2

63.0.3

65.*

65.0.0

65.0.0-pre01

65.0.0-pre02

65.0.1

67.*

67.0.0

67.0.0-pre01

69.*

69.0.0

69.0.0-pre01

71.*

71.0.0

71.0.0-pre01

71.0.1

71.0.2

73.*

73.1.120-pre01

73.1.130

75.*

75.1.140-pre01

75.1.141

75.1.142

75.1.143

79.*

79.1.310-pre

79.1.350

79.1.360

81.*

81.3.100

81.3.20-pre

83.*

83.3.120-pre

83.4.20

84.*

84.3.10-pre

84.4.10

85.*

85.3.120-pre

85.3.121

85.3.121-pre

85.3.130

86.*

86.0.240-pre

86.0.241

87.*

87.1.130-pre

87.1.131-pre

87.1.132

88.*

88.2.40-pre

88.2.90

89.*

89.0.140-pre

89.0.170

90.*

90.5.70-pre

90.6.50

90.6.70

91.*

91.1.160

91.1.210

91.1.211

91.1.230

91.1.60-pre

92.*

92.0.250-pre

92.0.251

92.0.260

93.*

93.1.110-pre

93.1.111

93.1.140

94.*

94.3.0-pre

94.4.110

94.4.20

94.4.50

95.*

95.7.140-pre

95.7.141

96.*

96.0.140-pre

96.0.141

96.0.142

96.0.170

96.0.180

97.*

97.1.10-pre

97.1.11

97.1.12

97.1.60

97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.Wpf.HwndHost

CefSharp.Wpf.HwndHost

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

98.1.210

Affected versions

83.*

83.4.20-pre

84.*

84.4.10

85.*

85.3.121

85.3.130

86.*

86.0.241

88.*

88.2.90

89.*

89.0.170

90.*

90.6.50

90.6.70

91.*

91.1.160

91.1.210

91.1.211

91.1.230

92.*

92.0.260

93.*

93.1.140

94.*

94.4.110

94.4.50

95.*

95.7.141

96.*

96.0.170

96.0.180

97.*

97.1.11

97.1.61

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.Common.NETCore

CefSharp.Common.NETCore

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

98.1.210

Affected versions

87.*

87.1.130-pre

87.1.131-pre

87.1.132

88.*

88.2.40-pre

88.2.90

89.*

89.0.140-pre

89.0.170

90.*

90.5.70-pre

90.6.50

90.6.70

91.*

91.1.160

91.1.210

91.1.211

91.1.230

91.1.60-pre

92.*

92.0.250-pre

92.0.251

92.0.260

93.*

93.1.110-pre

93.1.111

93.1.140

94.*

94.3.0-pre

94.4.110

94.4.20

94.4.50

95.*

95.7.140-pre

95.7.141

96.*

96.0.140-pre

96.0.141

96.0.142

96.0.170

96.0.180

97.*

97.1.10-pre

97.1.11

97.1.12

97.1.60

97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.OffScreen.NETCore

CefSharp.OffScreen.NETCore

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

98.1.210

Affected versions

87.*

87.1.130-pre

87.1.131-pre

87.1.132

88.*

88.2.40-pre

88.2.90

89.*

89.0.140-pre

89.0.170

90.*

90.5.70-pre

90.6.50

90.6.70

91.*

91.1.160

91.1.210

91.1.211

91.1.230

91.1.60-pre

92.*

92.0.250-pre

92.0.251

92.0.260

93.*

93.1.110-pre

93.1.111

93.1.140

94.*

94.3.0-pre

94.4.110

94.4.20

94.4.50

95.*

95.7.140-pre

95.7.141

96.*

96.0.140-pre

96.0.141

96.0.142

96.0.170

96.0.180

97.*

97.1.10-pre

97.1.11

97.1.12

97.1.60

97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.WinForms.NETCore

CefSharp.WinForms.NETCore

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

98.1.210

Affected versions

87.*

87.1.130-pre

87.1.131-pre

87.1.132

88.*

88.2.40-pre

88.2.90

89.*

89.0.140-pre

89.0.170

90.*

90.5.70-pre

90.6.50

90.6.70

91.*

91.1.160

91.1.210

91.1.211

91.1.230

91.1.60-pre

92.*

92.0.250-pre

92.0.251

92.0.260

93.*

93.1.110-pre

93.1.111

93.1.140

94.*

94.3.0-pre

94.4.110

94.4.20

94.4.50

95.*

95.7.140-pre

95.7.141

96.*

96.0.140-pre

96.0.141

96.0.142

96.0.170

96.0.180

97.*

97.1.10-pre

97.1.11

97.1.12

97.1.60

97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.Wpf.NETCore

CefSharp.Wpf.NETCore

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

98.1.210

Affected versions

87.*

87.1.130-pre

87.1.131-pre

87.1.132

88.*

88.2.40-pre

88.2.90

89.*

89.0.140-pre

89.0.170

90.*

90.5.70-pre

90.6.50

90.6.70

91.*

91.1.160

91.1.210

91.1.211

91.1.230

91.1.60-pre

92.*

92.0.250-pre

92.0.251

92.0.260

93.*

93.1.110-pre

93.1.111

93.1.140

94.*

94.3.0-pre

94.4.110

94.4.20

94.4.50

95.*

95.7.140-pre

95.7.141

96.*

96.0.140-pre

96.0.141

96.0.142

96.0.170

96.0.180

97.*

97.1.10-pre

97.1.11

97.1.12

97.1.60

97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}