GHSA-vv6j-ww6x-54gx

Suggest an improvement
Source
https://github.com/advisories/GHSA-vv6j-ww6x-54gx
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-vv6j-ww6x-54gx/GHSA-vv6j-ww6x-54gx.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-vv6j-ww6x-54gx
Aliases
Published
2022-02-22T21:51:19Z
Modified
2023-11-08T04:07:36.901162Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Use after free in Animation
Details

CVE-2022-0609: Use after free in Animation

  • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0609

Google is aware of reports that exploits for CVE-2022-0609 exist in the wild.

The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available.

There is currently little other public information on the issue other than it has been flagged as High severity.

Database specific
{
    "nvd_published_at": "2022-04-05T00:15:00Z",
    "github_reviewed_at": "2022-02-22T21:51:19Z",
    "severity": "HIGH",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-416"
    ]
}
References

Affected packages

NuGet / CefSharp.Common

Package

Name
CefSharp.Common
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.Common

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
98.1.210

Affected versions

31.*

31.0.0-pre1

33.*

33.0.0
33.0.2
33.1.0-pre01

37.*

37.0.0-pre01
37.0.0-pre02
37.0.0
37.0.1
37.0.2
37.0.3

39.*

39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.0
39.0.1
39.0.2

41.*

41.0.0-pre01
41.0.0
41.0.1

43.*

43.0.0-pre01
43.0.0-pre02
43.0.0
43.0.1

45.*

45.0.0-pre01
45.0.0

47.*

47.0.0-pre01
47.0.0
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0-pre01
49.0.0-pre02
49.0.0
49.0.1

51.*

51.0.0-pre01
51.0.0-pre02
51.0.0

53.*

53.0.0-pre01
53.0.0
53.0.1

55.*

55.0.0-pre01
55.0.0

57.*

57.0.0-pre01
57.0.0

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.0
63.0.1
63.0.2
63.0.3

65.*

65.0.0-pre01
65.0.0-pre02
65.0.0
65.0.1

67.*

67.0.0-pre01
67.0.0

69.*

69.0.0-pre01
69.0.0

71.*

71.0.0-pre01
71.0.0
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.20-pre
81.3.100

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121-pre
85.3.121
85.3.130

86.*

86.0.240-pre
86.0.241

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.OffScreen

Package

Name
CefSharp.OffScreen
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.OffScreen

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
98.1.210

Affected versions

37.*

37.0.0-pre01
37.0.0-pre02
37.0.0
37.0.1

39.*

39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.0
39.0.1
39.0.2

41.*

41.0.0-pre01
41.0.0
41.0.1

43.*

43.0.0-pre01
43.0.0-pre02
43.0.0
43.0.1

45.*

45.0.0-pre01
45.0.0

47.*

47.0.0-pre01
47.0.0
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0-pre01
49.0.0-pre02
49.0.0
49.0.1

51.*

51.0.0-pre01
51.0.0-pre02
51.0.0

53.*

53.0.0-pre01
53.0.0
53.0.1

55.*

55.0.0-pre01
55.0.0

57.*

57.0.0-pre01
57.0.0

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.0
63.0.1
63.0.2
63.0.3

65.*

65.0.0-pre01
65.0.0-pre02
65.0.0
65.0.1

67.*

67.0.0-pre01
67.0.0

69.*

69.0.0-pre01
69.0.0

71.*

71.0.0-pre01
71.0.0
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.20-pre
81.3.100

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121-pre
85.3.121
85.3.130

86.*

86.0.240-pre
86.0.241

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.WinForms

Package

Name
CefSharp.WinForms
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.WinForms

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
98.1.210

Affected versions

1.*

1.25.3

33.*

33.0.0
33.0.2
33.1.0-pre01

37.*

37.0.0-pre01
37.0.0-pre02
37.0.0
37.0.1
37.0.3

39.*

39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.0
39.0.1
39.0.2

41.*

41.0.0-pre01
41.0.0
41.0.1

43.*

43.0.0-pre01
43.0.0-pre02
43.0.0
43.0.1

45.*

45.0.0-pre01
45.0.0

47.*

47.0.0-pre01
47.0.0
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0-pre01
49.0.0-pre02
49.0.0
49.0.1

51.*

51.0.0-pre01
51.0.0-pre02
51.0.0

53.*

53.0.0-pre01
53.0.0
53.0.1

55.*

55.0.0-pre01
55.0.0

57.*

57.0.0-pre01
57.0.0

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.0
63.0.1
63.0.2
63.0.3

65.*

65.0.0-pre01
65.0.0-pre02
65.0.0
65.0.1

67.*

67.0.0-pre01
67.0.0

69.*

69.0.0-pre01
69.0.0

71.*

71.0.0-pre01
71.0.0
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.20-pre
81.3.100

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121-pre
85.3.121
85.3.130

86.*

86.0.240-pre
86.0.241

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.Wpf

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
98.1.210

Affected versions

1.*

1.25.2-perlun0
1.25.3
1.25.4
1.25.5
1.25.6
1.25.7
1.25.8

3.*

3.29.0-pre0

31.*

31.0.0-pre1

33.*

33.0.0
33.0.2
33.1.0-pre01

37.*

37.0.0-pre01
37.0.0-pre02
37.0.0
37.0.1
37.0.3

39.*

39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.0
39.0.1
39.0.2

41.*

41.0.0-pre01
41.0.0
41.0.1

43.*

43.0.0-pre01
43.0.0-pre02
43.0.0
43.0.1

45.*

45.0.0-pre01
45.0.0

47.*

47.0.0-pre01
47.0.0
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0-pre01
49.0.0-pre02
49.0.0
49.0.1

51.*

51.0.0-pre01
51.0.0-pre02
51.0.0

53.*

53.0.0-pre01
53.0.0
53.0.1

55.*

55.0.0-pre01
55.0.0

57.*

57.0.0-pre01
57.0.0

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.0
63.0.1
63.0.2
63.0.3

65.*

65.0.0-pre01
65.0.0-pre02
65.0.0
65.0.1

67.*

67.0.0-pre01
67.0.0

69.*

69.0.0-pre01
69.0.0

71.*

71.0.0-pre01
71.0.0
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.20-pre
81.3.100

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121-pre
85.3.121
85.3.130

86.*

86.0.240-pre
86.0.241

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.Wpf.HwndHost

Package

Name
CefSharp.Wpf.HwndHost
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.Wpf.HwndHost

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
98.1.210

Affected versions

83.*

83.4.20-pre

84.*

84.4.10

85.*

85.3.121
85.3.130

86.*

86.0.241

88.*

88.2.90

89.*

89.0.170

90.*

90.6.50
90.6.70

91.*

91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.260

93.*

93.1.140

94.*

94.4.50
94.4.110

95.*

95.7.141

96.*

96.0.170
96.0.180

97.*

97.1.11
97.1.61

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.Common.NETCore

Package

Name
CefSharp.Common.NETCore
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.Common.NETCore

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
98.1.210

Affected versions

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.OffScreen.NETCore

Package

Name
CefSharp.OffScreen.NETCore
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.OffScreen.NETCore

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
98.1.210

Affected versions

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.WinForms.NETCore

Package

Name
CefSharp.WinForms.NETCore
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.WinForms.NETCore

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
98.1.210

Affected versions

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.Wpf.NETCore

Package

Name
CefSharp.Wpf.NETCore
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.Wpf.NETCore

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
98.1.210

Affected versions

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.60-pre
91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.20
94.4.50
94.4.110

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}