Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
{ "binaries": [ { "binary_name": "chromium-browser", "binary_version": "107.0.5304.87-0ubuntu11.18.04.1" }, { "binary_name": "chromium-browser-dbgsym", "binary_version": "107.0.5304.87-0ubuntu11.18.04.1" }, { "binary_name": "chromium-browser-l10n", "binary_version": "107.0.5304.87-0ubuntu11.18.04.1" }, { "binary_name": "chromium-chromedriver", "binary_version": "107.0.5304.87-0ubuntu11.18.04.1" }, { "binary_name": "chromium-chromedriver-dbgsym", "binary_version": "107.0.5304.87-0ubuntu11.18.04.1" }, { "binary_name": "chromium-codecs-ffmpeg", "binary_version": "107.0.5304.87-0ubuntu11.18.04.1" }, { "binary_name": "chromium-codecs-ffmpeg-dbgsym", "binary_version": "107.0.5304.87-0ubuntu11.18.04.1" }, { "binary_name": "chromium-codecs-ffmpeg-extra", "binary_version": "107.0.5304.87-0ubuntu11.18.04.1" }, { "binary_name": "chromium-codecs-ffmpeg-extra-dbgsym", "binary_version": "107.0.5304.87-0ubuntu11.18.04.1" } ], "availability": "No subscription required", "ubuntu_priority": "medium" }