GHSA-vv6j-ww6x-54gx

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-vv6j-ww6x-54gx/GHSA-vv6j-ww6x-54gx.json
Aliases
Published
2022-02-22T21:51:19Z
Modified
2023-03-28T05:37:52.983986Z
Details

CVE-2022-0609: Use after free in Animation

  • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0609

Google is aware of reports that exploits for CVE-2022-0609 exist in the wild.

The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available.

There is currently little other public information on the issue other than it has been flagged as High severity.

References

Affected packages

NuGet / CefSharp.Common

CefSharp.Common

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
98.1.210

Affected versions

31.*

31.0.0-pre1

33.*

33.0.0
33.0.2
33.1.0-pre01

37.*

37.0.0
37.0.0-pre01
37.0.0-pre02
37.0.1
37.0.2
37.0.3

39.*

39.0.0
39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.1
39.0.2

41.*

41.0.0
41.0.0-pre01
41.0.1

43.*

43.0.0
43.0.0-pre01
43.0.0-pre02
43.0.1

45.*

45.0.0
45.0.0-pre01

47.*

47.0.0
47.0.0-pre01
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0
49.0.0-pre01
49.0.0-pre02
49.0.1

51.*

51.0.0
51.0.0-pre01
51.0.0-pre02

53.*

53.0.0
53.0.0-pre01
53.0.1

55.*

55.0.0
55.0.0-pre01

57.*

57.0.0
57.0.0-pre01

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0
63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.1
63.0.2
63.0.3

65.*

65.0.0
65.0.0-pre01
65.0.0-pre02
65.0.1

67.*

67.0.0
67.0.0-pre01

69.*

69.0.0
69.0.0-pre01

71.*

71.0.0
71.0.0-pre01
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.100
81.3.20-pre

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121
85.3.121-pre
85.3.130

86.*

86.0.240-pre
86.0.241

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.160
91.1.210
91.1.211
91.1.230
91.1.60-pre

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.110
94.4.20
94.4.50

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.OffScreen

CefSharp.OffScreen

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
98.1.210

Affected versions

37.*

37.0.0
37.0.0-pre01
37.0.0-pre02
37.0.1

39.*

39.0.0
39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.1
39.0.2

41.*

41.0.0
41.0.0-pre01
41.0.1

43.*

43.0.0
43.0.0-pre01
43.0.0-pre02
43.0.1

45.*

45.0.0
45.0.0-pre01

47.*

47.0.0
47.0.0-pre01
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0
49.0.0-pre01
49.0.0-pre02
49.0.1

51.*

51.0.0
51.0.0-pre01
51.0.0-pre02

53.*

53.0.0
53.0.0-pre01
53.0.1

55.*

55.0.0
55.0.0-pre01

57.*

57.0.0
57.0.0-pre01

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0
63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.1
63.0.2
63.0.3

65.*

65.0.0
65.0.0-pre01
65.0.0-pre02
65.0.1

67.*

67.0.0
67.0.0-pre01

69.*

69.0.0
69.0.0-pre01

71.*

71.0.0
71.0.0-pre01
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.100
81.3.20-pre

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121
85.3.121-pre
85.3.130

86.*

86.0.240-pre
86.0.241

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.160
91.1.210
91.1.211
91.1.230
91.1.60-pre

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.110
94.4.20
94.4.50

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.WinForms

CefSharp.WinForms

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
98.1.210

Affected versions

1.*

1.25.3

33.*

33.0.0
33.0.2
33.1.0-pre01

37.*

37.0.0
37.0.0-pre01
37.0.0-pre02
37.0.1
37.0.3

39.*

39.0.0
39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.1
39.0.2

41.*

41.0.0
41.0.0-pre01
41.0.1

43.*

43.0.0
43.0.0-pre01
43.0.0-pre02
43.0.1

45.*

45.0.0
45.0.0-pre01

47.*

47.0.0
47.0.0-pre01
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0
49.0.0-pre01
49.0.0-pre02
49.0.1

51.*

51.0.0
51.0.0-pre01
51.0.0-pre02

53.*

53.0.0
53.0.0-pre01
53.0.1

55.*

55.0.0
55.0.0-pre01

57.*

57.0.0
57.0.0-pre01

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0
63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.1
63.0.2
63.0.3

65.*

65.0.0
65.0.0-pre01
65.0.0-pre02
65.0.1

67.*

67.0.0
67.0.0-pre01

69.*

69.0.0
69.0.0-pre01

71.*

71.0.0
71.0.0-pre01
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.100
81.3.20-pre

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121
85.3.121-pre
85.3.130

86.*

86.0.240-pre
86.0.241

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.160
91.1.210
91.1.211
91.1.230
91.1.60-pre

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.110
94.4.20
94.4.50

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.Wpf

CefSharp.Wpf

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
98.1.210

Affected versions

1.*

1.25.2-perlun0
1.25.3
1.25.4
1.25.5
1.25.6
1.25.7
1.25.8

3.*

3.29.0-pre0

31.*

31.0.0-pre1

33.*

33.0.0
33.0.2
33.1.0-pre01

37.*

37.0.0
37.0.0-pre01
37.0.0-pre02
37.0.1
37.0.3

39.*

39.0.0
39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.1
39.0.2

41.*

41.0.0
41.0.0-pre01
41.0.1

43.*

43.0.0
43.0.0-pre01
43.0.0-pre02
43.0.1

45.*

45.0.0
45.0.0-pre01

47.*

47.0.0
47.0.0-pre01
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0
49.0.0-pre01
49.0.0-pre02
49.0.1

51.*

51.0.0
51.0.0-pre01
51.0.0-pre02

53.*

53.0.0
53.0.0-pre01
53.0.1

55.*

55.0.0
55.0.0-pre01

57.*

57.0.0
57.0.0-pre01

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0
63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.1
63.0.2
63.0.3

65.*

65.0.0
65.0.0-pre01
65.0.0-pre02
65.0.1

67.*

67.0.0
67.0.0-pre01

69.*

69.0.0
69.0.0-pre01

71.*

71.0.0
71.0.0-pre01
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.100
81.3.20-pre

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121
85.3.121-pre
85.3.130

86.*

86.0.240-pre
86.0.241

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.160
91.1.210
91.1.211
91.1.230
91.1.60-pre

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.110
94.4.20
94.4.50

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.Wpf.HwndHost

CefSharp.Wpf.HwndHost

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
98.1.210

Affected versions

83.*

83.4.20-pre

84.*

84.4.10

85.*

85.3.121
85.3.130

86.*

86.0.241

88.*

88.2.90

89.*

89.0.170

90.*

90.6.50
90.6.70

91.*

91.1.160
91.1.210
91.1.211
91.1.230

92.*

92.0.260

93.*

93.1.140

94.*

94.4.110
94.4.50

95.*

95.7.141

96.*

96.0.170
96.0.180

97.*

97.1.11
97.1.61

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.Common.NETCore

CefSharp.Common.NETCore

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
98.1.210

Affected versions

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.160
91.1.210
91.1.211
91.1.230
91.1.60-pre

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.110
94.4.20
94.4.50

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.OffScreen.NETCore

CefSharp.OffScreen.NETCore

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
98.1.210

Affected versions

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.160
91.1.210
91.1.211
91.1.230
91.1.60-pre

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.110
94.4.20
94.4.50

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.WinForms.NETCore

CefSharp.WinForms.NETCore

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
98.1.210

Affected versions

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.160
91.1.210
91.1.211
91.1.230
91.1.60-pre

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.110
94.4.20
94.4.50

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}

NuGet / CefSharp.Wpf.NETCore

CefSharp.Wpf.NETCore

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Fixed
98.1.210

Affected versions

87.*

87.1.130-pre
87.1.131-pre
87.1.132

88.*

88.2.40-pre
88.2.90

89.*

89.0.140-pre
89.0.170

90.*

90.5.70-pre
90.6.50
90.6.70

91.*

91.1.160
91.1.210
91.1.211
91.1.230
91.1.60-pre

92.*

92.0.250-pre
92.0.251
92.0.260

93.*

93.1.110-pre
93.1.111
93.1.140

94.*

94.3.0-pre
94.4.110
94.4.20
94.4.50

95.*

95.7.140-pre
95.7.141

96.*

96.0.140-pre
96.0.141
96.0.142
96.0.170
96.0.180

97.*

97.1.10-pre
97.1.11
97.1.12
97.1.60
97.1.61

98.*

98.1.190

Database specific

{
    "last_known_affected_version_range": "<= 98.1.190"
}