FreshPorts - VuXML

Google Chrome Releases reports:

3 security fixes in this release:

• [831963] Critical CVE-2018-6118: Use after free in Media Cache. Reported by Ned Williamson on 2018-04-12
• [837635] Various fixes from internal audits, fuzzing and other initiatives

< 66.0.3359.139

Chrome Releases reports:

This release contains 8 security fixes, including:

• [1142331] High CVE-2020-16037: Use after free in clipboard. Reported by Ryoya Tsukasaki on 2020-10-26
• [1138683] High CVE-2020-16038: Use after free in media. Reported by Khalil Zhani on 2020-10-14
• [1149177] High CVE-2020-16039: Use after free in extensions. Reported by Anonymous on 2020-11-15
• [1150649] High CVE-2020-16040: Insufficient data validation in V8. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-11-19
• [1151865] Medium CVE-2020-16041: Out of bounds read in networking. Reported by Sergei Glazunov and Mark Brand of Google Project Zero on 2020-11-23
• [1151890] Medium CVE-2020-16042: Uninitialized Use in V8. Reported by André Bargull on 2020-11-2

< 87.0.4280.88

Google Chrome Releases reports:

[106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping. Credit to miaubiz.

[117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to Sergey Glazunov.

[117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to miaubiz.

[117728] High CVE-2011-3069: Use-after-free in line box handling. Credit to miaubiz.

[118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to Google Chrome Security Team (SkyLined).

[118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).

[118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up window. Credit to Sergey Glazunov.

[118593] High CVE-2011-3073: Use-after-free in SVG resource handling. Credit to Arthur Gerkis.

[119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit to Slawomir Blazek.

[119525] High CVE-2011-3075: Use-after-free applying style command. Credit to miaubiz.

[120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to miaubiz.

[120189] Medium CVE-2011-3077: Read-after-free in script bindings. Credit to Google Chrome Security Team (Inferno).

< 18.0.1025.151

Google Chrome Releases reports:

[154983][154987] Critical CVE-2012-5112: SVG use-after-free and IPC arbitrary file write. Credit to Pinkie Pie.

< 22.0.1229.94

Google Chrome Releases reports:

4 security fixes in this release, including:

• [369525] High CVE-2014-3154: Use-after-free in filesystem api. Credit to Collin Payne.
• [369539] High CVE-2014-3155: Out-if-bounds read in SPDY. Credit to James March, Daniel Sommermann and Alan Frindell of Facebook.
• [369621] Medium CVE-2014-3156: Buffer overflow in clipboard. Credit to Atte Kettunen of OUSPG.
• [368980] CVE-2014-3157: Heap overflow in media.

< 35.0.1916.153

Google Chrome Releases reports:

Two vulnerabilities were fixed in this release:

• [530301] High CVE-2015-1303: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
• [531891] High CVE-2015-1304: Cross-origin bypass in V8. Credit to Mariusz Mlynski.

< 45.0.2454.101

< 45.0.2454.101

< 45.0.2454.101

Google Chrome Releases reports:

[117226] [117230] Critical CVE-2011-3046: UXSS and bad history navigation. Credit to Sergey Glazunov.

< 17.0.963.78

Chrome Releases reports:

This release contains 15 security fixes, including:

• [1107433] High CVE-2020-6542: Use after free in ANGLE. Reported by Piotr Bania of Cisco Talos on 2020-07-20
• [1104046] High CVE-2020-6543: Use after free in task scheduling. Reported by Looben Yang on 2020-07-10
• [1108497] High CVE-2020-6544: Use after free in media. Reported by Tim Becker of Theori on 2020-07-22
• [1095584] High CVE-2020-6545: Use after free in audio. Reported by Anonymous on 2020-06-16
• [1100280] High CVE-2020-6546: Inappropriate implementation in installer. Reported by Andrew Hess (any1) on 2020-06-29
• [1102153] High CVE-2020-6547: Incorrect security UI in media. Reported by David Albert on 2020-07-05
• [1103827] High CVE-2020-6548: Heap buffer overflow in Skia. Reported by Choongwoo Han, Microsoft Browser Vulnerability Research on 2020-07-09
• [1105426] High CVE-2020-6549: Use after free in media. Reported by Sergei Glazunov of Google Project Zero on 2020-07-14
• [1106682] High CVE-2020-6550: Use after free in IndexedDB. Reported by Sergei Glazunov of Google Project Zero on 2020-07-17
• [1107815] High CVE-2020-6551: Use after free in WebXR. Reported by Sergei Glazunov of Google Project Zero on 2020-07-21
• [1108518] High CVE-2020-6552: Use after free in Blink. Reported by Tim Becker of Theori on 2020-07-22
• [1111307] High CVE-2020-6553: Use after free in offline mode. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-30
• [1094235] Medium CVE-2020-6554: Use after free in extensions. Reported by Anonymous on 2020-06-12
• [1105202] Medium CVE-2020-6555: Out of bounds read in WebGL. Reported by Marcin Towalski of Cisco Talos on 2020-07-13

< 84.0.4147.125

Chrome Releases reports:

This release contains 1 security fix:

• [1378239] High CVE-2022-3723: Type Confusion in V8. Reported by Jan VojteÅ¡ek, Milánek, and Przemek Gmerek of Avast on 2022-10-25

< 107.0.5304.87

< 107.0.5304.87

Chrome Releases reports:

This release contains 9 security fixes, including:

• [1234764] High CVE-2021-30598: Type Confusion in V8. Reported by Manfred Paul on 2021-07-30
• [1234770] High CVE-2021-30599: Type Confusion in V8. Reported by Manfred Paul on 2021-07-30
• [1231134] High CVE-2021-30600: Use after free in Printing. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-07-20
• [1234009] High CVE-2021-30601: Use after free in Extensions API. Reported by koocola(@alo_cook) and Nan Wang(@eternalsakura13) of 360 Alpha Lab on 2021-07-28
• [1230767] High CVE-2021-30602: Use after free in WebRTC. Reported by Marcin Towalski of Cisco Talos on 2021-07-19
• [1233564] High CVE-2021-30603: Race in WebAudio. Reported by Sergei Glazunov of Google Project Zero on 2021-07-27
• [1234829] High CVE-2021-30604: Use after free in ANGLE. Reported by Seong-Hwan Park (SeHwa) of SecunologyLab on 2021-07-30

< 92.0.4515.159

Google Chrome Releases reports:

[112983] Low CVE-2011-3083: Browser crash with video + FTP. Credit to Aki Helin of OUSPG.

[113496] Low CVE-2011-3084: Load links from internal pages in their own process. Credit to Brett Wilson of the Chromium development community.

[118374] Medium CVE-2011-3085: UI corruption with long autofilled values. Credit to "psaldorn".

[118642] High CVE-2011-3086: Use-after-free with style element. Credit to Arthur Gerkis.

[118664] Low CVE-2011-3087: Incorrect window navigation. Credit to Charlie Reis of the Chromium development community.

[120648] Medium CVE-2011-3088: Out-of-bounds read in hairline drawing. Credit to Aki Helin of OUSPG.

[120711] High CVE-2011-3089: Use-after-free in table handling. Credit to miaubiz.

[121223] Medium CVE-2011-3090: Race condition with workers. Credit to Arthur Gerkis.

[121734] High CVE-2011-3091: Use-after-free with indexed DB. Credit to Google Chrome Security Team (Inferno).

[122337] High CVE-2011-3092: Invalid write in v8 regex. Credit to Christian Holler.

[122585] Medium CVE-2011-3093: Out-of-bounds read in glyph handling. Credit to miaubiz.

[122586] Medium CVE-2011-3094: Out-of-bounds read in Tibetan handling. Credit to miaubiz.

[123481] High CVE-2011-3095: Out-of-bounds write in OGG container. Credit to Hannu Heikkinen.

[Linux only] [123530] Low CVE-2011-3096: Use-after-free in GTK omnibox handling. Credit to Arthur Gerkis.

[123733] [124182] High CVE-2011-3097: Out-of-bounds write in sampled functions with PDF. Credit to Kostya Serebryany of Google and Evgeniy Stepanov of Google.

[124479] High CVE-2011-3099: Use-after-free in PDF with corrupt font encoding name. Credit to Mateusz Jurczyk of Google Security Team and Gynvael Coldwind of Google Security Team.

[124652] Medium CVE-2011-3100: Out-of-bounds read drawing dash paths. Credit to Google Chrome Security Team (Inferno).

< 19.0.1084.46

Chrome Releases reports:

This release contains 20 security fixes, including:

• [1358907] High CVE-2022-3304: Use after free in CSS. Reported by Anonymous on 2022-09-01
• [1343104] High CVE-2022-3201: Insufficient validation of untrusted input in Developer Tools. Reported by NDevTK on 2022-07-09
• [1319229] High CVE-2022-3305: Use after free in Survey. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-24
• [1320139] High CVE-2022-3306: Use after free in Survey. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-27
• [1323488] High CVE-2022-3307: Use after free in Media. Reported by Anonymous Telecommunications Corp. Ltd. on 2022-05-08
• [1342722] Medium CVE-2022-3308: Insufficient policy enforcement in Developer Tools. Reported by Andrea Cappa (zi0Black) @ Shielder on 2022-07-08
• [1348415] Medium CVE-2022-3309: Use after free in Assistant. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab on 2022-07-29
• [1240065] Medium CVE-2022-3310: Insufficient policy enforcement in Custom Tabs. Reported by Ashwin Agrawal from Optus, Sydney on 2021-08-16
• [1302813] Medium CVE-2022-3311: Use after free in Import. Reported by Samet Bekmezci @sametbekmezci on 2022-03-04
• [1303306] Medium CVE-2022-3312: Insufficient validation of untrusted input in VPN. Reported by Andr.Ess on 2022-03-06
• [1317904] Medium CVE-2022-3313: Incorrect security UI in Full Screen. Reported by Irvan Kurniawan (sourc7) on 2022-04-20
• [1328708] Medium CVE-2022-3314: Use after free in Logging. Reported by Anonymous on 2022-05-24
• [1322812] Medium CVE-2022-3315: Type confusion in Blink. Reported by Anonymous on 2022-05-05
• [1333623] Low CVE-2022-3316: Insufficient validation of untrusted input in Safe Browsing. Reported by Sven Dysthe (@svn_dy) on 2022-06-07
• [1300539] Low CVE-2022-3317: Insufficient validation of untrusted input in Intents. Reported by Hafiizh on 2022-02-24
• [1318791] Low CVE-2022-3318: Use after free in ChromeOS Notifications. Reported by GraVity0 on 2022-04-22

< 106.0.5249.61

Chrome Releases reports:

This release contains 22 security fixes, including:

• [1267661] High CVE-2021-4052: Use after free in web apps. Reported by Wei Yuan of MoyunSec VLab on 2021-11-07
• [1267791] High CVE-2021-4053: Use after free in UI. Reported by Rox on 2021-11-08
• [1265806] High CVE-2021-4079: Out of bounds write in WebRTC. Reported by Brendon Tiszka on 2021-11-01
• [1239760] High CVE-2021-4054: Incorrect security UI in autofill. Reported by Alesandro Ortiz on 2021-08-13
• [1268738] High CVE-2021-4078: Type confusion in V8. Reported by Nan Wang (@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2021-11-09
• [1266510] High CVE-2021-4055: Heap buffer overflow in extensions. Reported by Chen Rong on 2021-11-03
• [1260939] High CVE-2021-4056: Type Confusion in loader. Reported by @__R0ng of 360 Alpha Lab on 2021-10-18
• [1262183] High CVE-2021-4057: Use after free in file API. Reported by Sergei Glazunov of Google Project Zero on 2021-10-21
• [1267496] High CVE-2021-4058: Heap buffer overflow in ANGLE. Reported by Abraruddin Khan and Omair on 2021-11-06
• [1270990] High CVE-2021-4059: Insufficient data validation in loader. Reported by Luan Herrera (@lbherrera_) on 2021-11-17
• [1271456] High CVE-2021-4061: Type Confusion in V8. Reported by Paolo Severini on 2021-11-18
• [1272403] High CVE-2021-4062: Heap buffer overflow in BFCache. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-11-22
• [1273176] High CVE-2021-4063: Use after free in developer tools. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-11-23
• [1273197] High CVE-2021-4064: Use after free in screen capture. Reported by @ginggilBesel on 2021-11-23
• [1273674] High CVE-2021-4065: Use after free in autofill. Reported by 5n1p3r0010 on 2021-11-25
• [1274499] High CVE-2021-4066: Integer underflow in ANGLE. Reported by Jaehun Jeong(@n3sk) of Theori on 2021-11-29
• [1274641] High CVE-2021-4067: Use after free in window manager. Reported by @ginggilBesel on 2021-11-29
• [1265197] Low CVE-2021-4068: Insufficient validation of untrusted input in new tab page. Reported by NDevTK on 2021-10-31

< 96.0.4664.93

Google Chrome Releases reports:

[106672] High CVE-2011-3921: Use-after-free in animation frames. Credit to Boris Zbarsky of Mozilla.

[107128] High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to Juri Aedla.

[108006] High CVE-2011-3922: Stack-buffer-overflow in glyph handling. Credit to Google Chrome Security Team (Cris Neckar).

[107182] Critical CVE-2011-3925: Use-after-free in Safe Browsing navigation. Credit to Chamal de Silva.

< 16.0.912.75

Google Chrome Releases reports:

42 security fixes in this release

Please reference CVE/URL list for details

< 51.0.2704.63

Chrome Releases reports:

This release contains 8 security fixes, including:

• [1219082] High CVE-2021-30559: Out of bounds write in ANGLE. Reported by Seong-Hwan Park (SeHwa) of SecunologyLab on 2021-06-11
• [1214842] High CVE-2021-30541: Use after free in V8. Reported by Richard Wheeldon on 2021-05-31
• [1219209] High CVE-2021-30560: Use after free in Blink XSLT. Reported by Nick Wellnhofer on 2021-06-12
• [1219630] High CVE-2021-30561: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2021-06-14
• [1220078] High CVE-2021-30562: Use after free in WebSerial. Reported by Anonymous on 2021-06-15
• [1228407] High CVE-2021-30563: Type Confusion in V8. Reported by Anonymous on 2021-07-12
• [1221309] Medium CVE-2021-30564: Heap buffer overflow in WebXR. Reported by Ali Merchant, iQ3Connect VR Platform on 2021-06-17

Google is aware of reports that an exploit for CVE-2021-30563 exists in the wild.

< 91.0.4472.164

Google Chrome Releases reports:

[583607] High CVE-2016-1624: Buffer overflow in Brotli. Credit to lukezli.

Mozilla Foundation reports:

Security researcher Luke Li reported a pointer underflow bug in the Brotli library's decompression that leads to a buffer overflow. This results in a potentially exploitable crash when triggered.

ge 0.3.0 lt 0.3.0_1

< 0.2.0_2

< 0.3.0_3

< 48.0.2564.109

< 45.0,1

< 2.42

< 38.7.0,1

< 38.7.0

Google Chrome Releases reports:

37 security fixes in this release, including:

• [778505] Critical CVE-2017-15407: Out of bounds write in QUIC. Reported by Ned Williamson on 2017-10-26
• [762374] High CVE-2017-15408: Heap buffer overflow in PDFium. Reported by Ke Liu of Tencent's Xuanwu LAB on 2017-09-06
• [763972] High CVE-2017-15409: Out of bounds write in Skia. Reported by Anonymous on 2017-09-11
• [765921] High CVE-2017-15410: Use after free in PDFium. Reported by Luat Nguyen of KeenLab, Tencent on 2017-09-16
• [770148] High CVE-2017-15411: Use after free in PDFium. Reported by Luat Nguyen of KeenLab, Tencent on 2017-09-29
• [727039] High CVE-2017-15412: Use after free in libXML. Reported by Nick Wellnhofer on 2017-05-27
• [766666] High CVE-2017-15413: Type confusion in WebAssembly. Reported by Gaurav Dewan of Adobe Systems India Pvt. Ltd. on 2017-09-19
• [765512] Medium CVE-2017-15415: Pointer information disclosure in IPC call. Reported by Viktor Brange of Microsoft Offensive Security Research Team on 2017-09-15
• [779314] Medium CVE-2017-15416: Out of bounds read in Blink. Reported by Ned Williamson on 2017-10-28
• [699028] Medium CVE-2017-15417: Cross origin information disclosure in Skia. Reported by Max May on 2017-03-07
• [765858] Medium CVE-2017-15418: Use of uninitialized value in Skia. Reported by Kushal Arvind Shah of Fortinet's FortiGuard Labs on 2017-09-15
• [780312] Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink. Reported by Jun Kokatsu on 2017-10-31
• [777419] Medium CVE-2017-15420: URL spoofing in Omnibox. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-23
• [774382] Medium CVE-2017-15422: Integer overflow in ICU. Reported by Yuan Deng of Ant-financial Light-Year Security Lab on 2017-10-13
• [780484] Medium CVE-2017-15430: Unsafe navigation in Chromecast Plugin. Reported by jinmo123 on 2017-01-11
• [778101] Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. Reported by Greg Hudson on 2017-10-25
• [756226] Low CVE-2017-15424: URL Spoof in Omnibox. Reported by Khalil Zhani on 2017-08-16
• [756456] Low CVE-2017-15425: URL Spoof in Omnibox. Reported by xisigr of Tencent's Xuanwu Lab on 2017-08-17
• [757735] Low CVE-2017-15426: URL Spoof in Omnibox. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-08-18
• [768910] Low CVE-2017-15427: Insufficient blocking of Javascript in Omnibox. Reported by Junaid Farhan on 2017-09-26
• [792099] Various fixes from internal audits, fuzzing and other initiatives

< 63.0.3239.84

Google Chrome Releases reports:

[129898] High CVE-2012-2842: Use-after-free in counter handling. Credit to miaubiz.

[130595] High CVE-2012-2843: Use-after-free in layout height tracking. Credit to miaubiz.

[133450] High CVE-2012-2844: Bad object access with JavaScript in PDF. Credit to Alexey Samsonov of Google.

< 20.0.1132.57

Google Chrome Releases reports:

[157079] Medium CVE-2012-5127: Integer overflow leading to out-of-bounds read in WebP handling. Credit to Phil Turnbull.

[Linux 64-bit only] [150729] Medium CVE-2012-5120: Out-of-bounds array access in v8. Credit to Atte Kettunen of OUSPG.

[143761] High CVE-2012-5116: Use-after-free in SVG filter handling. Credit to miaubiz.

[Mac OS only] [149717] High CVE-2012-5118: Integer bounds check issue in GPU command buffers. Credit to miaubiz.

[154055] High CVE-2012-5121: Use-after-free in video layout. Credit to Atte Kettunen of OUSPG.

[145915] Low CVE-2012-5117: Inappropriate load of SVG subresource in img context. Credit to Felix Gröbert of the Google Security Team.

[149759] Medium CVE-2012-5119: Race condition in Pepper buffer handling. Credit to Fermin Serna of the Google Security Team.

[154465] Medium CVE-2012-5122: Bad cast in input handling. Credit to Google Chrome Security Team (Inferno).

[154590] [156826] Medium CVE-2012-5123: Out-of-bounds reads in Skia. Credit to Google Chrome Security Team (Inferno).

[155323] High CVE-2012-5124: Memory corruption in texture handling. Credit to Al Patrick of the Chromium development community.

[156051] Medium CVE-2012-5125: Use-after-free in extension tab handling. Credit to Alexander Potapenko of the Chromium development community.

[156366] Medium CVE-2012-5126: Use-after-free in plug-in placeholder handling. Credit to Google Chrome Security Team (Inferno).

[157124] High CVE-2012-5128: Bad write in v8. Credit to Google Chrome Security Team (Cris Neckar).

< 23.0.1271.64

Chrome Releases reports:

This release contains 14 security fixes, including:

• [1212618] Critical CVE-2021-30544: Use after free in BFCache. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-05-24
• [1201031] High CVE-2021-30545: Use after free in Extensions. Reported by kkwon with everpall and kkomdal on 2021-04-21
• [1206911] High CVE-2021-30546: Use after free in Autofill. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-05-08
• [1210414] High CVE-2021-30547: Out of bounds write in ANGLE. Reported by Seong-Hwan Park (SeHwa) of SecunologyLab on 2021-05-18
• [1210487] High CVE-2021-30548: Use after free in Loader. Reported by Yangkang(@dnpushme) & Wanglu of Qihoo360 Qex Team on 2021-05-18
• [1212498] High CVE-2021-30549: Use after free in Spell check. Reported by David Erceg on 2021-05-23
• [1212500] High CVE-2021-30550: Use after free in Accessibility. Reported by David Erceg on 2021-05-23
• [1216437] High CVE-2021-30551: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2021-06-04
• [1200679] Medium CVE-2021-30552: Use after free in Extensions. Reported by David Erceg on 2021-04-20
• [1209769] Medium CVE-2021-30553: Use after free in Network service. Reported by Anonymous on 2021-05-17

Google is aware that an exploit for CVE-2021-30551 exists in the wild.

< 91.0.4472.101

Google Chrome Releases reports:

5 security fixes in this release, including:

• [453279] High CVE-2015-1243: Use-after-free in DOM. Credit to Saif El-Sherei.
• [481777] CVE-2015-1250: Various fixes from internal audits, fuzzing and other initiatives.

< 42.0.2311.135

< 42.0.2311.135

< 42.0.2311.135

Google Chrome Releases reports:

[117409] High CVE-2011-3103: Crashes in v8 garbage collection. Credit to the Chromium development community (Brett Wilson).

[118018] Medium CVE-2011-3104: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).

[120912] High CVE-2011-3105: Use-after-free in first-letter handling. Credit to miaubiz.

[122654] Critical CVE-2011-3106: Browser memory corruption with websockets over SSL. Credit to the Chromium development community (Dharani Govindan).

[124625] High CVE-2011-3107: Crashes in the plug-in JavaScript bindings. Credit to the Chromium development community (Dharani Govindan).

[125159] Critical CVE-2011-3108: Use-after-free in browser cache. Credit to "efbiaiinzinz".

[Linux only] [126296] High CVE-2011-3109: Bad cast in GTK UI. Credit to Micha Bartholome.

[126337] [126343] [126378] [127349] [127819] [127868] High CVE-2011-3110: Out of bounds writes in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.

[126414] Medium CVE-2011-3111: Invalid read in v8. Credit to Christian Holler.

[127331] High CVE-2011-3112: Use-after-free with invalid encrypted PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.

[127883] High CVE-2011-3113: Invalid cast with colorspace handling in PDF. Credit to Mateusz Jurczyk of the Google Security Team, with contributions by Gynvael Coldwind of the Google Security Team.

[128014] High CVE-2011-3114: Buffer overflows with PDF functions. Credit to Google Chrome Security Team (scarybeasts).

[128018] High CVE-2011-3115: Type corruption in v8. Credit to Christian Holler.

< 19.0.1084.52

Google Chrome Releases reports:

7 vulnerabilities fixed in this release, including:

• [344881] High CVE-2014-1700: Use-after-free in speech. Credit to Chamal de Silva.
• [342618] High CVE-2014-1701: UXSS in events. Credit to aidanhs.
• [333058] High CVE-2014-1702: Use-after-free in web database. Credit to Collin Payne.
• [338354] High CVE-2014-1703: Potential sandbox escape due to a use-after-free in web sockets.
• [328202, 349079, 345715] CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version 3.23.17.18.

< 33.0.1750.149

Google Chrome Releases reports:

[1067851] Critical CVE-2020-6457: Use after free in speech recognizer. Reported by Leecraso and Guang Gong of Alpha Lab, Qihoo 360 on 2020-04-04

< 81.0.4044.113

Chrome Releases reports:

This release contains 30 security fixes, including:

• [1313905] High CVE-2022-1477: Use after free in Vulkan. Reported by SeongHwan Park (SeHwa) on 2022-04-06
• [1299261] High CVE-2022-1478: Use after free in SwiftShader. Reported by SeongHwan Park (SeHwa) on 2022-02-20
• [1305190] High CVE-2022-1479: Use after free in ANGLE. Reported by Jeonghoon Shin of Theori on 2022-03-10
• [1307223] High CVE-2022-1480: Use after free in Device API. Reported by @uwu7586 on 2022-03-17
• [1302949] High CVE-2022-1481: Use after free in Sharing. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-03-04
• [1304987] High CVE-2022-1482: Inappropriate implementation in WebGL. Reported by Christoph Diehl, Microsoft on 2022-03-10
• [1314754] High CVE-2022-1483: Heap buffer overflow in WebGPU. Reported by Mark Brand of Google Project Zero on 2022-04-08
• [1297429] Medium CVE-2022-1484: Heap buffer overflow in Web UI Settings. Reported by Chaoyuan Peng (@ret2happy) on 2022-02-15
• [1299743] Medium CVE-2022-1485: Use after free in File System API. Reported by Anonymous on 2022-02-22
• [1314616] Medium CVE-2022-1486: Type Confusion in V8. Reported by Brendon Tiszka on 2022-04-08
• [1304368] Medium CVE-2022-1487: Use after free in Ozone. Reported by Sri on 2022-03-09
• [1302959] Medium CVE-2022-1488: Inappropriate implementation in Extensions API. Reported by Thomas Beverley from Wavebox.io on 2022-03-04
• [1300561] Medium CVE-2022-1489: Out of bounds memory access in UI Shelf. Reported by Khalil Zhani on 2022-02-25
• [1301840] Medium CVE-2022-1490: Use after free in Browser Switcher. Reported by raven at KunLun lab on 2022-03-01
• [1305706] Medium CVE-2022-1491: Use after free in Bookmarks. Reported by raven at KunLun lab on 2022-03-12
• [1315040] Medium CVE-2022-1492: Insufficient data validation in Blink Editing. Reported by Michal Bentkowski of Securitum on 2022-04-11
• [1275414] Medium CVE-2022-1493: Use after free in Dev Tools. Reported by Zhihua Yao of KunLun Lab on 2021-12-01
• [1298122] Medium CVE-2022-1494: Insufficient data validation in Trusted Types. Reported by Masato Kinugawa on 2022-02-17
• [1301180] Medium CVE-2022-1495: Incorrect security UI in Downloads. Reported by Umar Farooq on 2022-02-28
• [1306391] Medium CVE-2022-1496: Use after free in File Manager. Reported by Zhiyi Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group on 2022-03-15
• [1264543] Medium CVE-2022-1497: Inappropriate implementation in Input. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-10-29
• [1297138] Low CVE-2022-1498: Inappropriate implementation in HTML Parser. Reported by SeungJu Oh (@real_as3617) on 2022-02-14
• [1000408] Low CVE-2022-1499: Inappropriate implementation in WebAuthentication. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-09-04
• [1223475] Low CVE-2022-1500: Insufficient data validation in Dev Tools. Reported by Hoang Nguyen on 2021-06-25
• [1293191] Low CVE-2022-1501: Inappropriate implementation in iframe. Reported by Oriol Brufau on 2022-02-02

< 101.0.4951.41

Chrome Releases reports:

This release contains 11 security fixes, including:

• [1336266] High CVE-2022-2477: Use after free in Guest View. Reported by anonymous on 2022-06-14
• [1335861] High CVE-2022-2478: Use after free in PDF. Reported by triplepwns on 2022-06-13
• [1329987] High CVE-2022-2479: Insufficient validation of untrusted input in File. Reported by anonymous on 2022-05-28
• [1339844] High CVE-2022-2480: Use after free in Service Worker API. Reported by Sergei Glazunov of Google Project Zero on 2022-06-27
• [1341603] High CVE-2022-2481: Use after free in Views. Reported by YoungJoo Lee(@ashuu_lee) of CompSecLab at Seoul National University on 2022-07-04
• [1308341] Low CVE-2022-2163: Use after free in Cast UI and Toolbar. Reported by Chaoyuan Peng (@ret2happy) on 2022-03-21

< 103.0.5060.134

Chrome Releases reports:

This release contains 1 security fix:

• [1394403] High CVE-2022-4262: Type Confusion in V8. Reported by Clement Lecigne of Google's Threat Analysis Group on 2022-11-29

Google is aware that an exploit for CVE-2022-4262 exists in the wild.

< 108.0.5359.94

< 108.0.5359.94

Google Chrome Releases reports:

[105803] High CVE-2011-3015: Integer overflows in PDF codecs. Credit to Google Chrome Security Team (scarybeasts).

[106336] Medium CVE-2011-3016: Read-after-free with counter nodes. Credit to miaubiz.

[108695] High CVE-2011-3017: Possible use-after-free in database handling. Credit to miaubiz.

[110172] High CVE-2011-3018: Heap overflow in path rendering. Credit to Aki Helin of OUSPG.

[110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk of the Google Security Team.

[111575] Medium CVE-2011-3020: Native client validator error. Credit to Nick Bray of the Chromium development community.

[111779] High CVE-2011-3021: Use-after-free in subframe loading. Credit to Arthur Gerkis.

[112236] Medium CVE-2011-3022: Inappropriate use of http for translation script. Credit to Google Chrome Security Team (Jorge Obes).

[112259] Medium CVE-2011-3023: Use-after-free with drag and drop. Credit to pa_kt.

[112451] Low CVE-2011-3024: Browser crash with empty x509 certificate. Credit to chrometot.

[112670] Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit to Slawomir Blazek.

[112822] High CVE-2011-3026: Integer overflow / truncation in libpng. Credit to Juri Aedla.

[112847] Medium CVE-2011-3027: Bad cast in column handling. Credit to miaubiz.

< 17.0.963.56

Chrome Releases reports:

This release contains 1 security fix:

• [1309225] High CVE-2022-1096: Type Confusion in V8. Reported by anonymous on 2022-03-23

Google is aware that an exploit for CVE-2022-1096 exists in the wild.

< 99.0.4844.84

Google Chrome Releases reports:

[113902] High CVE-2011-3050: Use-after-free with first-letter handling. Credit to miaubiz.

[116162] High CVE-2011-3045: libpng integer issue from upstream. Credit to Glenn Randers-Pehrson of the libpng project.

[116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling. Credit to Arthur Gerkis.

[116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling. Credit to Ben Vanik of Google.

[116746] High CVE-2011-3053: Use-after-free in block splitting. Credit to miaubiz.

[117418] Low CVE-2011-3054: Apply additional isolations to webui privileges. Credit to Sergey Glazunov.

[117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked extension installation. Credit to PinkiePie.

[117550] High CVE-2011-3056: Cross-origin violation with "magic iframe". Credit to Sergey Glazunov.

[117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian Holler.

[108648] Low CVE-2011-3049: Extension web request API can interfere with system requests. Credit to Michael Gundlach. Fixed in an earlier release.

< 17.0.963.83

Google Chrome Releases reports:

[106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to Arthur Gerkis.

[108461] High CVE-2011-3928: Use-after-free in DOM handling. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1415).

[108605] High CVE-2011-3927: Uninitialized value in Skia. Credit to miaubiz.

[109556] High CVE-2011-3926: Heap-buffer-overflow in tree builder. Credit to Arthur Gerkis.

< 16.0.912.77

Chrome Releases reports:

This update contains 19 security fixes, including:

• [1243117] High CVE-2021-37956: Use after free in Offline use. Reported by Huyna at Viettel Cyber Security on 2021-08-24
• [1242269] High CVE-2021-37957: Use after free in WebGPU. Reported by Looben Yang on 2021-08-23
• [1223290] High CVE-2021-37958: Inappropriate implementation in Navigation. Reported by James Lee (@Windowsrcer) on 2021-06-24
• [1229625] High CVE-2021-37959: Use after free in Task Manager. Reported by raven (@raid_akame) on 2021-07-15
• [1247196] High CVE-2021-37960: Inappropriate implementation in Blink graphics. Reported by Atte Kettunen of OUSPG on 2021-09-07
• [1228557] Medium CVE-2021-37961: Use after free in Tab Strip. Reported by Khalil Zhani on 2021-07-13
• [1231933] Medium CVE-2021-37962: Use after free in Performance Manager. Reported by Sri on 2021-07-22
• [1199865] Medium CVE-2021-37963: Side-channel information leakage in DevTools. Reported by Daniel Genkin and Ayush Agarwal, University of Michigan, Eyal Ronen and Shaked Yehezkel, Tel Aviv University, Sioli O'Connell, University of Adelaide, and Jason Kim, Georgia Institute of Technology on 2021-04-16
• [1203612] Medium CVE-2021-37964: Inappropriate implementation in ChromeOS Networking. Reported by Hugo Hue and Sze Yiu Chau of the Chinese University of Hong Kong on 2021-04-28
• [1239709] Medium CVE-2021-37965: Inappropriate implementation in Background Fetch API. Reported by Maurice Dauer on 2021-08-13
• [1238944] Medium CVE-2021-37966: Inappropriate implementation in Compositing. Reported by Mohit Raj (shadow2639) on 2021-08-11
• [1243622] Medium CVE-2021-37967: Inappropriate implementation in Background Fetch API. Reported by SorryMybad (@S0rryMybad) of Kunlun Lab on 2021-08-26
• [1245053] Medium CVE-2021-37968: Inappropriate implementation in Background Fetch API. Reported by Maurice Dauer on 2021-08-30
• [1245879] Medium CVE-2021-37969: Inappropriate implementation in Google Updater. Reported by Abdelhamid Naceri (halov) on 2021-09-02
• [1248030] Medium CVE-2021-37970: Use after free in File System API. Reported by SorryMybad (@S0rryMybad) of Kunlun Lab on 2021-09-09
• [1219354] Low CVE-2021-37971: Incorrect security UI in Web Browser UI. Reported by Rayyan Bijoora on 2021-06-13
• [1234259] Low CVE-2021-37972: Out of bounds read in libjpeg-turbo. Reported by Xu Hanyu and Lu Yutao from Panguite-Forensics-Lab of Qianxin on 2021-07-29

< 94.0.4606.54

Google Chrome Releases reports:

[235638] High CVE-2013-2837: Use-after-free in SVG. Credit to Slawomir Blazek.

[235311] Medium CVE-2013-2838: Out-of-bounds read in v8. Credit to Christian Holler.

[230176] High CVE-2013-2839: Bad cast in clipboard handling. Credit to Jon of MWR InfoSecurity.

[230117] High CVE-2013-2840: Use-after-free in media loader. Credit to Nils of MWR InfoSecurity.

[227350] High CVE-2013-2841: Use-after-free in Pepper resource handling. Credit to Chamal de Silva.

[226696] High CVE-2013-2842: Use-after-free in widget handling. Credit to Cyril Cattiaux.

[222000] High CVE-2013-2843: Use-after-free in speech handling. Credit to Khalil Zhani.

[196393] High CVE-2013-2844: Use-after-free in style resolution. Credit to Sachin Shinde (@cons0ul).

[188092] [179522] [222136] [188092] High CVE-2013-2845: Memory safety issues in Web Audio. Credit to Atte Kettunen of OUSPG.

[177620] High CVE-2013-2846: Use-after-free in media loader. Credit to Chamal de Silva.

[176692] High CVE-2013-2847: Use-after-free race condition with workers. Credit to Collin Payne.

[176137] Medium CVE-2013-2848: Possible data extraction with XSS Auditor. Credit to Egor Homakov.

[171392] Low CVE-2013-2849: Possible XSS with drag+drop or copy+paste. Credit to Mario Heiderich.

[241595] High CVE-2013-2836: Various fixes from internal audits, fuzzing and other initiatives.

< 27.0.1453.93

Google Chrome Releases reports:

6 security fixes in this release, including:

• [546677] High CVE-2016-1622: Same-origin bypass in Extensions. Credit to anonymous.
• [577105] High CVE-2016-1623: Same-origin bypass in DOM. Credit to Mariusz Mlynski.
• [509313] Medium CVE-2016-1625: Navigation bypass in Chrome Instant. Credit to Jann Horn.
• [571480] Medium CVE-2016-1626: Out-of-bounds read in PDFium. Credit to anonymous, working with HP's Zero Day Initiative.
• [585517] CVE-2016-1627: Various fixes from internal audits, fuzzing and other initiatives.

< 48.0.2564.109

Google Chrome Releases reports:

[583431] Critical CVE-2016-1629: Same-origin bypass in Blink and Sandbox escape in Chrome. Credit to anonymous.

< 48.0.2564.116

Google Chrome Releases reports:

4 security fixes in this release, including:

• [401362] High CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz.
• [411014] CVE-2014-3179: Various fixes from internal audits, fuzzing and other initiatives.

< 37.0.2062.120

Google Chrome Releases reports:

62 security fixes in this release:

• [826626] Critical CVE-2018-6085: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-28
• [827492] Critical CVE-2018-6086: Use after free in Disk Cache. Reported by Ned Williamson on 2018-03-30
• [813876] High CVE-2018-6087: Use after free in WebAssembly. Reported by Anonymous on 2018-02-20
• [822091] High CVE-2018-6088: Use after free in PDFium. Reported by Anonymous on 2018-03-15
• [808838] High CVE-2018-6089: Same origin policy bypass in Service Worker. Reported by Rob Wu on 2018-02-04
• [820913] High CVE-2018-6090: Heap buffer overflow in Skia. Reported by ZhanJia Song on 2018-03-12
• [771933] High CVE-2018-6091: Incorrect handling of plug-ins by Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-10-05
• [819869] High CVE-2018-6092: Integer overflow in WebAssembly. Reported by Natalie Silvanovich of Google Project Zero on 2018-03-08
• [780435] Medium CVE-2018-6093: Same origin bypass in Service Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-01
• [633030] Medium CVE-2018-6094: Exploit hardening regression in Oilpan. Reported by Chris Rohlf on 2016-08-01
• [637098] Medium CVE-2018-6095: Lack of meaningful user interaction requirement before file upload. Reported by Abdulrahman Alqabandi (@qab) on 2016-08-11
• [776418] Medium CVE-2018-6096: Fullscreen UI spoof. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-19
• [806162] Medium CVE-2018-6097: Fullscreen UI spoof. Reported by xisigr of Tencent's Xuanwu Lab on 2018-01-26
• [798892] Medium CVE-2018-6098: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-03
• [808825] Medium CVE-2018-6099: CORS bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-02-03
• [811117] Medium CVE-2018-6100: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-02-11
• [813540] Medium CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools . Reported by Rob Wu on 2018-02-19
• [813814] Medium CVE-2018-6102: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-20
• [816033] Medium CVE-2018-6103: UI spoof in Permissions. Reported by Khalil Zhani on 2018-02-24
• [820068] Medium CVE-2018-6104: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-08
• [803571] Medium CVE-2018-6105: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-01-18
• [805729] Medium CVE-2018-6106: Incorrect handling of promises in V8. Reported by lokihardt of Google Project Zero on 2018-01-25
• [808316] Medium CVE-2018-6107: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-02
• [816769] Medium CVE-2018-6108: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-27
• [710190] Low CVE-2018-6109: Incorrect handling of files by FileAPI. Reported by Dominik Weber (@DoWeb_) on 2017-04-10
• [777737] Low CVE-2018-6110: Incorrect handling of plaintext files via file:// . Reported by Wenxiang Qian (aka blastxiang) on 2017-10-24
• [780694] Low CVE-2018-6111: Heap-use-after-free in DevTools. Reported by Khalil Zhani on 2017-11-02
• [798096] Low CVE-2018-6112: Incorrect URL handling in DevTools. Reported by Rob Wu on 2017-12-29
• [805900] Low CVE-2018-6113: URL spoof in Navigation. Reported by Khalil Zhani on 2018-01-25
• [811691] Low CVE-2018-6114: CSP bypass. Reported by Lnyas Zhang on 2018-02-13
• [819809] Low CVE-2018-6115: SmartScreen bypass in downloads. Reported by James Feher on 2018-03-07
• [822266] Low CVE-2018-6116: Incorrect low memory handling in WebAssembly. Reported by Jin from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. on 2018-03-15
• [822465] Low CVE-2018-6117: Confusing autofill settings. Reported by Spencer Dailey on 2018-03-15
• [822424] Low CVE-2018-6084: Incorrect use of Distributed Objects in Google Software Updater on MacOS. Reported by Ian Beer of Google Project Zero on 2018-03-15

< 66.0.3359.117

Google Chrome Releases reports:

26 security fixes in this release, including

• [380885] Medium CVE-2014-3160: Same-Origin-Policy bypass in SVG. Credit to Christian Schneider.
• [393765] CVE-2014-3162: Various fixes from internal audits, fuzzing and other initiatives.

< 36.0.1985.125

Google Chrome Releases reports:

This update includes 37 security fixes, including:

• [497632] High CVE-2016-1612: Bad cast in V8.
• [572871] High CVE-2016-1613: Use-after-free in PDFium.
• [544691] Medium CVE-2016-1614: Information leak in Blink.
• [468179] Medium CVE-2016-1615: Origin confusion in Omnibox.
• [541415] Medium CVE-2016-1616: URL Spoofing.
• [544765] Medium CVE-2016-1617: History sniffing with HSTS and CSP.
• [552749] Medium CVE-2016-1618: Weak random number generator in Blink.
• [557223] Medium CVE-2016-1619: Out-of-bounds read in PDFium.
• [579625] CVE-2016-1620: Various fixes from internal audits, fuzzing and other initiatives.
• Multiple vulnerabilities in V8 fixed at the tip of the 4.8 branch.

< 48.0.2564.82

Google Chrome Releases reports:

This release includes 38 security fixes, including CVEs CVE-2020-6465 through CVE-2020-6491.

< 83.0.4103.61

Google Chrome Releases reports:

1 security fix in this release, including:

• [823553] Various fixes from internal audits, fuzzing and other initiatives

< 65.0.3325.181

Google Chrome Releases reports:

A special reward for Andrey Labunets for his combination of CVE-2013-2879 and CVE-2013-2868 along with some (since fixed) server-side bugs.

[252216] Low CVE-2013-2867: Block pop-unders in various scenarios.

[252062] High CVE-2013-2879: Confusion setting up sign-in and sync. Credit to Andrey Labunets.

[252034] Medium CVE-2013-2868: Incorrect sync of NPAPI extension component. Credit to Andrey Labunets.

[245153] Medium CVE-2013-2869: Out-of-bounds read in JPEG2000 handling. Credit to Felix Groebert of Google Security Team.

[244746] [242762] Critical CVE-2013-2870: Use-after-free with network sockets. Credit to Collin Payne.

[244260] Medium CVE-2013-2853: Man-in-the-middle attack against HTTP in SSL. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco at INRIA Paris.

[243991] [243818] High CVE-2013-2871: Use-after-free in input handling. Credit to miaubiz.

[Mac only] [242702] Low CVE-2013-2872: Possible lack of entropy in renderers. Credit to Eric Rescorla.

[241139] High CVE-2013-2873: Use-after-free in resource loading. Credit to miaubiz.

[233848] Medium CVE-2013-2875: Out-of-bounds-read in SVG. Credit to miaubiz.

[229504] Medium CVE-2013-2876: Extensions permissions confusion with interstitials. Credit to Dev Akhawe.

[229019] Low CVE-2013-2877: Out-of-bounds read in XML parsing. Credit to Aki Helin of OUSPG.

[196636] None: Remove the "viewsource" attribute on iframes. Credit to Collin Jackson.

[177197] Medium CVE-2013-2878: Out-of-bounds read in text handling. Credit to Atte Kettunen of OUSPG.

< 28.0.1500.71

Google Chrome Releases reports:

25 security fixes in this release, including:

• [268565] Medium CVE-2013-6621: Use after free related to speech input elements. Credit to Khalil Zhani.
• [272786] High CVE-2013-6622: Use after free related to media elements. Credit to cloudfuzzer.
• [282925] High CVE-2013-6623: Out of bounds read in SVG. Credit to miaubiz.
• [290566] High CVE-2013-6624: Use after free related to “id” attribute strings. Credit to Jon Butler.
• [295010] High CVE-2013-6625: Use after free in DOM ranges. Credit to cloudfuzzer.
• [295695] Low CVE-2013-6626: Address bar spoofing related to interstitial warnings. Credit to Chamal de Silva.
• [299892] High CVE-2013-6627: Out of bounds read in HTTP parsing. Credit to skylined.
• [306959] Medium CVE-2013-6628: Issue with certificates not being checked during TLS renegotiation. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco of INRIA Paris.
• [315823] Medium-Critical CVE-2013-2931: Various fixes from internal audits, fuzzing and other initiatives.
• [258723] Medium CVE-2013-6629: Read of uninitialized memory in libjpeg and libjpeg-turbo. Credit to Michal Zalewski of Google.
• [299835] Medium CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo. Credit to Michal Zalewski of Google.
• [296804] High CVE-2013-6631: Use after free in libjingle. Credit to Patrik Höglund of the Chromium project.

< 31.0.1650.48

Chrome Releases reports:

This release contains 19 security fixes, including:

• [1180126] High CVE-2021-30506: Incorrect security UI in Web App Installs. Reported by @retsew0x01 on 2021-02-19
• [1178202] High CVE-2021-30507: Inappropriate implementation in Offline. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2021-02-14
• [1195340] High CVE-2021-30508: Heap buffer overflow in Media Feeds. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-04-02
• [1196309] High CVE-2021-30509: Out of bounds write in Tab Strip. Reported by David Erceg on 2021-04-06
• [1197436] High CVE-2021-30510: Race in Aura. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-04-09
• [1197875] High CVE-2021-30511: Out of bounds read in Tab Groups. Reported by David Erceg on 2021-04-10
• [1200019] High CVE-2021-30512: Use after free in Notifications. Reported by ZhanJia Song on 2021-04-17
• [1200490] High CVE-2021-30513: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2021-04-19
• [1200766] High CVE-2021-30514: Use after free in Autofill. Reported by koocola (@alo_cook) and Nan Wang (@eternalsakura13) of 360 Alpha Lab on 2021-04-20
• [1201073] High CVE-2021-30515: Use after free in File API. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-04-21
• [1201446] High CVE-2021-30516: Heap buffer overflow in History. Reported by ZhanJia Song on 2021-04-22
• [1203122] High CVE-2021-30517: Type Confusion in V8. Reported by laural on 2021-04-27
• [1203590] High CVE-2021-30518: Heap buffer overflow in Reader Mode. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2021-04-28
• [1194058] Medium CVE-2021-30519: Use after free in Payments. Reported by asnine on 2021-03-30
• [1193362] Medium CVE-2021-30520: Use after free in Tab Strip. Reported by Khalil Zhani on 2021-04-03

< 90.0.4430.212

Google Chrome Releases reports:

2 security fixes in this release, including:

• [770452] High CVE-2017-15396: Stack overflow in V8. Reported by Yuan Deng of Ant-financial Light-Year Security Lab on 2017-09-30
• [770450] Medium CVE-2017-15406: Stack overflow in V8. Reported by Yuan Deng of Ant-financial Light-Year Security Lab on 2017-09-30

< 62.0.3202.75

Chrome Releases reports:

This release contains 6 security fixes, including:

• [1376354] High CVE-2023-0471: Use after free in WebTransport. Reported by chichoo Kim(chichoo) and Cassidy Kim(@cassidy6564) on 2022-10-19
• [1405256] High CVE-2023-0472: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-01-06
• [1404639] Medium CVE-2023-0473: Type Confusion in ServiceWorker API. Reported by raven at KunLun lab on 2023-01-03
• [1400841] Medium CVE-2023-0474: Use after free in GuestView. Reported by avaue at S.S.L on 2022-12-14

< 109.0.5414.119

< 109.0.5414.119

Chrome Releases reports:

[1170176] High CVE-2021-21148: Heap buffer overflow in V8. Reported by Mattias Buelens on 2021-01-24. Google is aware of reports that an exploit for CVE-2021-21148 exists in the wild.

< 88.0.4324.150

Chrome Releases reports:

This release contains 10 security fixes, including:

• [1138911] High CVE-2020-16004: Use after free in user interface. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-10-15
• [1139398] High CVE-2020-16005: Insufficient policy enforcement in ANGLE. Reported by Jaehun Jeong (@n3sk) of Theori on 2020-10-16
• [1133527] High CVE-2020-16006: Inappropriate implementation in V8. Reported by Bill Parks on 2020-09-29
• [1125018] High CVE-2020-16007: Insufficient data validation in installer. Reported by Abdelhamid Naceri (halov) on 2020-09-04
• [1134107] High CVE-2020-16008: Stack buffer overflow in WebRTC. Reported by Tolya Korniltsev on 2020-10-01
• [1143772] High CVE-2020-16009: Inappropriate implementation in V8. Reported by Clement Lecigne of Google's Threat Analysis Group and Samuel Groß of Google Project Zero on 2020-10-29
• [1144489] High CVE-2020-16011: Heap buffer overflow in UI on Windows. Reported by Sergei Glazunov of Google Project Zero on 2020-11-01

There are reports that an exploit for CVE-2020-16009 exists in the wild.

< 86.0.4240.183

Google Chrome Releases reports:

[176882] High CVE-2013-0902: Use-after-free in frame loader. Credit to Chamal de Silva.

[176252] High CVE-2013-0903: Use-after-free in browser navigation handling. Credit to "chromium.khalil".

[172926] [172331] High CVE-2013-0904: Memory corruption in Web Audio. Credit to Atte Kettunen of OUSPG.

[168982] High CVE-2013-0905: Use-after-free with SVG animations. Credit to Atte Kettunen of OUSPG.

[174895] High CVE-2013-0906: Memory corruption in Indexed DB. Credit to Google Chrome Security Team (Juri Aedla).

[174150] Medium CVE-2013-0907: Race condition in media thread handling. Credit to Andrew Scherkus of the Chromium development community.

[174059] Medium CVE-2013-0908: Incorrect handling of bindings for extension processes.

[173906] Low CVE-2013-0909: Referer leakage with XSS Auditor. Credit to Egor Homakov.

[172573] Medium CVE-2013-0910: Mediate renderer -> browser plug-in loads more strictly. Credit to Google Chrome Security Team (Chris Evans).

[172264] High CVE-2013-0911: Possible path traversal in database handling. Credit to Google Chrome Security Team (Juri Aedla).

< 25.0.1364.152

Chrome Releases reports:

This release contains 32 security fixes, including:

• [1324864] Critical CVE-2022-1853: Use after free in Indexed DB. Reported by Anonymous on 2022-05-12
• [1320024] High CVE-2022-1854: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-04-27
• [1228661] High CVE-2022-1855: Use after free in Messaging. Reported by Anonymous on 2021-07-13
• [1323239] High CVE-2022-1856: Use after free in User Education. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-05-06
• [1227995] High CVE-2022-1857: Insufficient policy enforcement in File System API. Reported by Daniel Rhea on 2021-07-11
• [1314310] High CVE-2022-1858: Out of bounds read in DevTools. Reported by EllisVlad on 2022-04-07
• [1322744] High CVE-2022-1859: Use after free in Performance Manager. Reported by Guannan Wang (@Keenan7310) of Tencent Security Xuanwu Lab on 2022-05-05
• [1297209] High CVE-2022-1860: Use after free in UI Foundations. Reported by @ginggilBesel on 2022-02-15
• [1316846] High CVE-2022-1861: Use after free in Sharing. Reported by Khalil Zhani on 2022-04-16
• [1236325] Medium CVE-2022-1862: Inappropriate implementation in Extensions. Reported by Alesandro Ortiz on 2021-08-04
• [1292870] Medium CVE-2022-1863: Use after free in Tab Groups. Reported by David Erceg on 2022-02-01
• [1320624] Medium CVE-2022-1864: Use after free in WebApp Installs. Reported by Yuntao You (@GraVity0) of Bytedance Wuheng Lab on 2022-04-28
• [1289192] Medium CVE-2022-1865: Use after free in Bookmarks. Reported by Rong Jian of VRI on 2022-01-20
• [1292264] Medium CVE-2022-1866: Use after free in Tablet Mode. Reported by @ginggilBesel on 2022-01-29
• [1315563] Medium CVE-2022-1867: Insufficient validation of untrusted input in Data Transfer. Reported by Michal Bentkowski of Securitum on 2022-04-12
• [1301203] Medium CVE-2022-1868: Inappropriate implementation in Extensions API. Reported by Alesandro Ortiz on 2022-02-28
• [1309467] Medium CVE-2022-1869: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2022-03-23
• [1323236] Medium CVE-2022-1870: Use after free in App Service. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-05-06
• [1308199] Low CVE-2022-1871: Insufficient policy enforcement in File System API. Reported by Thomas Orlita on 2022-03-21
• [1310461] Low CVE-2022-1872: Insufficient policy enforcement in Extensions API. Reported by ChaobinZhang on 2022-03-26
• [1305394] Low CVE-2022-1873: Insufficient policy enforcement in COOP. Reported by NDevTK on 2022-03-11
• [1251588] Low CVE-2022-1874: Insufficient policy enforcement in Safe Browsing. Reported by hjy79425575 on 2021-09-21
• [1306443] Low CVE-2022-1875: Inappropriate implementation in PDF. Reported by NDevTK on 2022-03-15
• [1313600] Low CVE-2022-1876: Heap buffer overflow in DevTools. Reported by @ginggilBesel on 2022-04-06

< 102.0.5005.61

Google Chrome Releases reports:

34 security fixes in this release, including:

• [835639] High CVE-2018-6123: Use after free in Blink. Reported by Looben Yang on 2018-04-22
• [840320] High CVE-2018-6124: Type confusion in Blink. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2018-05-07
• [818592] High CVE-2018-6125: Overly permissive policy in WebUSB. Reported by Yubico, Inc on 2018-03-05
• [844457] High CVE-2018-6126: Heap buffer overflow in Skia. Reported by Ivan Fratric of Google Project Zero on 2018-05-18
• [842990] High CVE-2018-6127: Use after free in indexedDB. Reported by Looben Yang on 2018-05-15
• [841105] High CVE-2018-6128: uXSS in Chrome on iOS. Reported by Tomasz Bojarski on 2018-05-09
• [838672] High CVE-2018-6129: Out of bounds memory access in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-05-01
• [838402] High CVE-2018-6130: Out of bounds memory access in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-04-30
• [826434] High CVE-2018-6131: Incorrect mutability protection in WebAssembly. Reported by Natalie Silvanovich of Google Project Zero on 2018-03-27
• [839960] Medium CVE-2018-6132: Use of uninitialized memory in WebRTC. Reported by Ronald E. Crane on 2018-05-04
• [817247] Medium CVE-2018-6133: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-02-28
• [797465] Medium CVE-2018-6134: Referrer Policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-12-23
• [823353] Medium CVE-2018-6135: UI spoofing in Blink. Reported by Jasper Rebane on 2018-03-19
• [831943] Medium CVE-2018-6136: Out of bounds memory access in V8. Reported by Peter Wong on 2018-04-12
• [835589] Medium CVE-2018-6137: Leak of visited status of page in Blink. Reported by Michael Smith (spinda.net) on 2018-04-21
• [810220] Medium CVE-2018-6138: Overly permissive policy in Extensions. Reported by Francois Lajeunesse-Robert on 2018-02-08
• [805224] Medium CVE-2018-6139: Restrictions bypass in the debugger extension API. Reported by Rob Wu on 2018-01-24
• [798222] Medium CVE-2018-6140: Restrictions bypass in the debugger extension API. Reported by Rob Wu on 2018-01-01
• [796107] Medium CVE-2018-6141: Heap buffer overflow in Skia. Reported by Yangkang (@dnpushme) and Wanglu of Qihoo360 Qex Team on 2017-12-19
• [837939] Medium CVE-2018-6142: Out of bounds memory access in V8. Reported by Choongwoo Han of Naver Corporation on 2018-04-28
• [843022] Medium CVE-2018-6143: Out of bounds memory access in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2018-05-15
• [828049] Low CVE-2018-6144: Out of bounds memory access in PDFium. Reported by pdknsk on 2018-04-02
• [805924] Low CVE-2018-6145: Incorrect escaping of MathML in Blink. Reported by Masato Kinugawa on 2018-01-25
• [818133] Low CVE-2018-6147: Password fields not taking advantage of OS protections in Views. Reported by Michail Pishchagin (Yandex) on 2018-03-02
• [847542] Various fixes from internal audits, fuzzing and other initiatives

< 67.0.3396.62

Google Chrome Releases reports:

[162494] High CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of OUSPG.

[165622] High CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to Erling A Ellingsen and Subodh Iyengar, both of Facebook.

[165864] High CVE-2012-5147: Use-after-free in DOM handling. Credit to José A. Vázquez.

[167122] Medium CVE-2012-5148: Missing filename sanitization in hyphenation support. Credit to Google Chrome Security Team (Justin Schuh).

[166795] High CVE-2012-5149: Integer overflow in audio IPC handling. Credit to Google Chrome Security Team (Chris Evans).

[165601] High CVE-2012-5150: Use-after-free when seeking video. Credit to Google Chrome Security Team (Inferno).

[165538] High CVE-2012-5151: Integer overflow in PDF JavaScript. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team.

[165430] Medium CVE-2012-5152: Out-of-bounds read when seeking video. Credit to Google Chrome Security Team (Inferno).

[164565] High CVE-2012-5153: Out-of-bounds stack access in v8. Credit to Andreas Rossberg of the Chromium development community.

[Mac only] [163208] Medium CVE-2012-5155: Missing Mac sandbox for worker processes. Credit to Google Chrome Security Team (Julien Tinnes).

[162778] High CVE-2012-5156: Use-after-free in PDF fields. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team.

[162776] [162156] Medium CVE-2012-5157: Out-of-bounds reads in PDF image handling. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team.

[162153] High CVE-2013-0828: Bad cast in PDF root handling. Credit to Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google Security Team.

[162114] High CVE-2013-0829: Corruption of database metadata leading to incorrect file access. Credit to Google Chrome Security Team (Jüri Aedla).

[161836] Low CVE-2013-0831: Possible path traversal from extension process. Credit to Google Chrome Security Team (Tom Sepez).

[160380] Medium CVE-2013-0832: Use-after-free with printing. Credit to Google Chrome Security Team (Cris Neckar).

[154485] Medium CVE-2013-0833: Out-of-bounds read with printing. Credit to Google Chrome Security Team (Cris Neckar).

[154283] Medium CVE-2013-0834: Out-of-bounds read with glyph handling. Credit to Google Chrome Security Team (Cris Neckar).

[152921] Low CVE-2013-0835: Browser crash with geolocation. Credit to Arthur Gerkis.

[150545] High CVE-2013-0836: Crash in v8 garbage collection. Credit to Google Chrome Security Team (Cris Neckar).

[145363] Medium CVE-2013-0837: Crash in extension tab handling. Credit to Tom Nielsen.

[Linux only] [143859] Low CVE-2013-0838: Tighten permissions on shared memory segments. Credit to Google Chrome Security Team (Chris Palmer).

< 24.0.1312.52

Chrome Releases reports:

This update include 6 security fixes:

• 1169317] Critical CVE-2021-21142: Use after free in Payments. Reported by Khalil Zhani on 2021-01-21
• [1163504] High CVE-2021-21143: Heap buffer overflow in Extensions. Reported by Allen Parker and Alex Morgan of MU on 2021-01-06
• [1163845] High CVE-2021-21144: Heap buffer overflow in Tab Groups. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-01-07
• [1154965] High CVE-2021-21145: Use after free in Fonts. Reported by Anonymous on 2020-12-03
• [1161705] High CVE-2021-21146: Use after free in Navigation. Reported by Alison Huffman and Choongwoo Han of Microsoft Browser Vulnerability Research on 2020-12-24
• [1162942] Medium CVE-2021-21147: Inappropriate implementation in Skia. Reported by Roman Starkov on 2021-01-04

< 88.0.4324.146

Chrome Releases reports:

This release includes 11 security fixes, including:

• [1237533] High CVE-2021-30625: Use after free in Selection API. Reported by Marcin Towalski of Cisco Talos on 2021-08-06
• [1241036] High CVE-2021-30626: Out of bounds memory access in ANGLE. Reported by Jeonghoon Shin of Theori on 2021-08-18
• [1245786] High CVE-2021-30627: Type Confusion in Blink layout. Reported by Aki Helin of OUSPG on 2021-09-01
• [1241123] High CVE-2021-30628: Stack buffer overflow in ANGLE. Reported by Jaehun Jeong(@n3sk) of Theori on 2021-08-18
• [1243646] High CVE-2021-30629: Use after free in Permissions. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-08-26
• [1244568] High CVE-2021-30630: Inappropriate implementation in Blink. Reported by SorryMybad (@S0rryMybad) of Kunlun Lab on 2021-08-30
• [1246932] High CVE-2021-30631: Type Confusion in Blink layout. Reported by Atte Kettunen of OUSPG on 2021-09-06
• [1247763] High CVE-2021-30632: Out of bounds write in V8. Reported by Anonymous on 2021-09-08
• [1247766] High CVE-2021-30633: Use after free in Indexed DB API. Reported by Anonymous on 2021-09-08

Google is aware that exploits for CVE-2021-30632 and CVE-2021-30633 exist in the wild.

< 93.0.4577.82

Chrome Releases reports:

This release contains 10 security fixes, including:

• [1138143] High CVE-2021-21149: Stack overflow in Data Transfer. Reported by Ryoya Tsukasaki on 2020-10-14
• [1172192] High CVE-2021-21150: Use after free in Downloads. Reported by Woojin Oh(@pwn_expoit) of STEALIEN on 2021-01-29
• [1165624] High CVE-2021-21151: Use after free in Payments. Reported by Khalil Zhani on 2021-01-12
• [1166504] High CVE-2021-21152: Heap buffer overflow in Media. Reported by Anonymous on 2021-01-14
• [1155974] High CVE-2021-21153: Stack overflow in GPU Process. Reported by Jan Ruge of ERNW GmbH on 2020-12-06
• [1173269] High CVE-2021-21154: Heap buffer overflow in Tab Strip. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-02-01
• [1175500] High CVE-2021-21155: Heap buffer overflow in Tab Strip. Reported by Khalil Zhani on 2021-02-07
• [1177341] High CVE-2021-21156: Heap buffer overflow in V8. Reported by Sergei Glazunov of Google Project Zero on 2021-02-11
• [1170657] Medium CVE-2021-21157: Use after free in Web Sockets. Reported by Anonymous on 2021-01-26

< 88.0.4324.182

Google Chrome Releases reports:

[242322] Medium CVE-2013-2855: Memory corruption in dev tools API. Credit to "daniel.zulla".

[242224] High CVE-2013-2856: Use-after-free in input handling. Credit to miaubiz.

[240124] High CVE-2013-2857: Use-after-free in image handling. Credit to miaubiz.

[239897] High CVE-2013-2858: Use-after-free in HTML5 Audio. Credit to "cdel921".

[237022] High CVE-2013-2859: Cross-origin namespace pollution. to "bobbyholley".

[225546] High CVE-2013-2860: Use-after-free with workers accessing database APIs. Credit to Collin Payne.

[209604] High CVE-2013-2861: Use-after-free with SVG. Credit to miaubiz.

[161077] High CVE-2013-2862: Memory corruption in Skia GPU handling. Credit to Atte Kettunen of OUSPG.

[232633] Critical CVE-2013-2863: Memory corruption in SSL socket handling. Credit to Sebastian Marchand of the Chromium development community.

[239134] High CVE-2013-2864: Bad free in PDF viewer. Credit to Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from Google Security Team.

[246389] High CVE-2013-2865: Various fixes from internal audits, fuzzing and other initiatives.

< 27.0.1453.110

Google Chrome Releases reports:

51 security fixes in this release

Please reference CVE/URL list for details

< 56.0.2924.76

Google Chrome Releases reports:

1 security fix contributed by external researchers:

• [845961] High CVE-2018-6148: Incorrect handling of CSP header. Reported by Michal Bentkowski on 2018-05-23

< 67.0.3396.79

Google Chrome Releases reports:

[156567] High CVE-2012-5133: Use-after-free in SVG filters. Credit to miaubiz.

[148638] Medium CVE-2012-5130: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.

[155711] Low CVE-2012-5132: Browser crash with chunked encoding. Credit to Attila Szász.

[158249] High CVE-2012-5134: Buffer underflow in libxml. Credit to Google Chrome Security Team (Jüri Aedla).

[159165] Medium CVE-2012-5135: Use-after-free with printing. Credit to Fermin Serna of Google Security Team.

[159829] Medium CVE-2012-5136: Bad cast in input element handling. Credit to Google Chrome Security Team (Inferno).

< 23.0.1271.91

Google Chrome Releases reports:

5 security fixes in this release, including:

• [605766] High CVE-2016-1667: Same origin bypass in DOM. Credit to Mariusz Mlynski.
• [605910] High CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit to Mariusz Mlynski.
• [606115] High CVE-2016-1669: Buffer overflow in V8. Credit to Choongwoo Han.
• [578882] Medium CVE-2016-1670: Race condition in loader. Credit to anonymous.
• [586657] Medium CVE-2016-1671: Directory traversal using the file scheme on Android. Credit to Jann Horn.

< 50.0.2661.102

Chrome Releases reports:

This release contains 36 security fixes, including:

• [1137179] Critical CVE-2021-21117: Insufficient policy enforcement in Cryptohome. Reported by Rory McNamara on 2020-10-10
• [1161357] High CVE-2021-21118: Insufficient data validation in V8. Reported by Tyler Nighswander (@tylerni7) of Theori on 2020-12-23
• [1160534] High CVE-2021-21119: Use after free in Media. Reported by Anonymous on 2020-12-20
• [1160602] High CVE-2021-21120: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2020-12-21
• [1161143] High CVE-2021-21121: Use after free in Omnibox. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2020-12-22
• [1162131] High CVE-2021-21122: Use after free in Blink. Reported by Renata Hodovan on 2020-12-28
• [1137247] High CVE-2021-21123: Insufficient data validation in File System API. Reported by Maciej Pulikowski on 2020-10-11
• [1131346] High CVE-2021-21124: Potential user after free in Speech Recognizer. Reported by Chaoyang Ding(@V4kst1z) from Codesafe Team of Legendsec at Qi'anxin Group on 2020-09-23
• [1152327] High CVE-2021-21125: Insufficient policy enforcement in File System API. Reported by Ron Masas (Imperva) on 2020-11-24
• [1163228] High CVE-2020-16044: Use after free in WebRTC. Reported by Ned Williamson of Project Zero on 2021-01-05
• [1108126] Medium CVE-2021-21126: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-07-22
• [1115590] Medium CVE-2021-21127: Insufficient policy enforcement in extensions. Reported by Jasminder Pal Singh, Web Services Point WSP, Kotkapura on 2020-08-12
• [1138877] Medium CVE-2021-21128: Heap buffer overflow in Blink. Reported by Liang Dong on 2020-10-15
• [1140403] Medium CVE-2021-21129: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski on 2020-10-20
• [1140410] Medium CVE-2021-21130: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski on 2020-10-20
• [1140417] Medium CVE-2021-21131: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski on 2020-10-20
• [1128206] Medium CVE-2021-21132: Inappropriate implementation in DevTools. Reported by David Erceg on 2020-09-15
• [1157743] Medium CVE-2021-21133: Insufficient policy enforcement in Downloads. Reported by wester0x01 (https://twitter.com/wester0x01) on 2020-12-11
• [1157800] Medium CVE-2021-21134: Incorrect security UI in Page Info. Reported by wester0x01 (https://twitter.com/wester0x01) on 2020-12-11
• [1157818] Medium CVE-2021-21135: Inappropriate implementation in Performance API. Reported by ndevtk on 2020-12-11
• [1038002] Low CVE-2021-21136: Insufficient policy enforcement in WebView. Reported by Shiv Sahni, Movnavinothan V and Imdad Mohammed on 2019-12-27
• [1093791] Low CVE-2021-21137: Inappropriate implementation in DevTools. Reported by bobblybear on 2020-06-11
• [1122487] Low CVE-2021-21138: Use after free in DevTools. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2020-08-27
• [1136327] Low CVE-2021-21140: Uninitialized Use in USB. Reported by David Manouchehri on 2020-10-08
• [1140435] Low CVE-2021-21141: Insufficient policy enforcement in File System API. Reported by Maciej Pulikowski on 2020-10-20

< 88.0.4324.96

Chrome Releases reports:

This release contains 26 security fixes, including:

• [1284367] Critical CVE-2022-0289: Use after free in Safe browsing. Reported by Sergei Glazunov of Google Project Zero on 2022-01-05
• [1260134][1260007] High CVE-2022-0290: Use after free in Site isolation. Reported by Brendon Tiszka and Sergei Glazunov of Google Project Zero on 2021-10-15
• [1281084] High CVE-2022-0291: Inappropriate implementation in Storage. Reported by Anonymous on 2021-12-19
• [1270358] High CVE-2022-0292: Inappropriate implementation in Fenced Frames. Reported by Brendon Tiszka on 2021-11-16
• [1283371] High CVE-2022-0293: Use after free in Web packaging. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-12-30
• [1273017] High CVE-2022-0294: Inappropriate implementation in Push messaging. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-11-23
• [1278180] High CVE-2022-0295: Use after free in Omnibox. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2021-12-09
• [1283375] High CVE-2022-0296: Use after free in Printing. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2021-12-30
• [1274316] High CVE-2022-0297: Use after free in Vulkan. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-11-28
• [1212957] High CVE-2022-0298: Use after free in Scheduling. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-25
• [1275438] High CVE-2022-0300: Use after free in Text Input Method Editor. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-12-01
• [1276331] High CVE-2022-0301: Heap buffer overflow in DevTools. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-12-03
• [1278613] High CVE-2022-0302: Use after free in Omnibox. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2021-12-10
• [1281979] High CVE-2022-0303: Race in GPU Watchdog. Reported by Yigit Can YILMAZ (@yilmazcanyigit) on 2021-12-22
• [1282118] High CVE-2022-0304: Use after free in Bookmarks. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-12-22
• [1282354] High CVE-2022-0305: Inappropriate implementation in Service Worker API. Reported by @uwu7586 on 2021-12-23
• [1283198] High CVE-2022-0306: Heap buffer overflow in PDFium. Reported by Sergei Glazunov of Google Project Zero on 2021-12-29
• [1281881] Medium CVE-2022-0307: Use after free in Optimization Guide. Reported by Samet Bekmezci @sametbekmezci on 2021-12-21
• [1282480] Medium CVE-2022-0308: Use after free in Data Transfer. Reported by @ginggilBesel on 2021-12-24
• [1240472] Medium CVE-2022-0309: Inappropriate implementation in Autofill. Reported by Alesandro Ortiz on 2021-08-17
• [1283805] Medium CVE-2022-0310: Heap buffer overflow in Task Manager. Reported by Samet Bekmezci @sametbekmezci on 2022-01-03
• [1283807] Medium CVE-2022-0311: Heap buffer overflow in Task Manager. Reported by Samet Bekmezci @sametbekmezci on 2022-01-03

< 97.0.4692.99

Google Chrome Releases reports:

[158204] High CVE-2012-5139: Use-after-free with visibility events. Credit to Chamal de Silva.

[159429] High CVE-2012-5140: Use-after-free in URL loader. Credit to Chamal de Silva.

[160456] Medium CVE-2012-5141: Limit Chromoting client plug-in instantiation. Credit to Google Chrome Security Team (Jüri Aedla).

[160803] Critical CVE-2012-5142: Crash in history navigation. Credit to Michal Zalewski of Google Security Team.

[160926] Medium CVE-2012-5143: Integer overflow in PPAPI image buffers. Credit to Google Chrome Security Team (Cris Neckar).

[161639] High CVE-2012-5144: Stack corruption in AAC decoding. Credit to pawlkt.

< 23.0.1271.97

Google Chrome releases reports:

30 security fixes in this release

Please reference CVE/URL list for details

< 59.0.3071.86

Google Chrome Releases reports:

43 security fixes in this release, including:

• High CVE-2018-17480: Out of bounds write in V8
• High CVE-2018-17481: Use after free in PDFium
• High CVE-2018-18335: Heap buffer overflow in Skia
• High CVE-2018-18336: Use after free in PDFium
• High CVE-2018-18337: Use after free in Blink
• High CVE-2018-18338: Heap buffer overflow in Canvas
• High CVE-2018-18339: Use after free in WebAudio
• High CVE-2018-18340: Use after free in MediaRecorder
• High CVE-2018-18341: Heap buffer overflow in Blink
• High CVE-2018-18342: Out of bounds write in V8
• High CVE-2018-18343: Use after free in Skia
• High CVE-2018-18344: Inappropriate implementation in Extensions
• High To be allocated: Multiple issues in SQLite via WebSQL
• Medium CVE-2018-18345: Inappropriate implementation in Site Isolation
• Medium CVE-2018-18346: Incorrect security UI in Blink
• Medium CVE-2018-18347: Inappropriate implementation in Navigation
• Medium CVE-2018-18348: Inappropriate implementation in Omnibox
• Medium CVE-2018-18349: Insufficient policy enforcement in Blink
• Medium CVE-2018-18350: Insufficient policy enforcement in Blink
• Medium CVE-2018-18351: Insufficient policy enforcement in Navigation
• Medium CVE-2018-18352: Inappropriate implementation in Media
• Medium CVE-2018-18353: Inappropriate implementation in Network Authentication
• Medium CVE-2018-18354: Insufficient data validation in Shell Integration
• Medium CVE-2018-18355: Insufficient policy enforcement in URL Formatter
• Medium CVE-2018-18356: Use after free in Skia
• Medium CVE-2018-18357: Insufficient policy enforcement in URL Formatter
• Medium CVE-2018-18358: Insufficient policy enforcement in Proxy
• Medium CVE-2018-18359: Out of bounds read in V8
• Low To be allocated: Inappropriate implementation in PDFium
• Low To be allocated: Use after free in Extensions
• Low To be allocated: Inappropriate implementation in Navigation
• Low To be allocated: Inappropriate implementation in Navigation
• Low To be allocated: Insufficient policy enforcement in Navigation
• Low To be allocated: Insufficient policy enforcement in URL Formatter
• Medium To be allocated: Insufficient policy enforcement in Payments
• Various fixes from internal audits, fuzzing and other initiatives

< 71.0.3578.80

Google Chrome Releases reports:

41 security fixes in this release, including:

• [558589] Critical CVE-2015-6765: Use-after-free in AppCache. Credit to anonymous.
• [551044] High CVE-2015-6766: Use-after-free in AppCache. Credit to anonymous.
• [554908] High CVE-2015-6767: Use-after-free in AppCache. Credit to anonymous.
• [556724] High CVE-2015-6768: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
• [534923] High CVE-2015-6769: Cross-origin bypass in core. Credit to Mariusz Mlynski.
• [541206] High CVE-2015-6770: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
• [544991] High CVE-2015-6771: Out of bounds access in v8. Credit to anonymous.
• [546545] High CVE-2015-6772: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
• [554946] High CVE-2015-6764: Out of bounds access in v8. Credit to Guang Gong of Qihoo 360 via pwn2own.
• [491660] High CVE-2015-6773: Out of bounds access in Skia. Credit to cloudfuzzer.
• [549251] High CVE-2015-6774: Use-after-free in Extensions. Credit to anonymous.
• [529012] High CVE-2015-6775: Type confusion in PDFium. Credit to Atte Kettunen of OUSPG.
• [457480] High CVE-2015-6776: Out of bounds access in PDFium. Credit to Hanno Böck.
• [544020] High CVE-2015-6777: Use-after-free in DOM. Credit to Long Liu of Qihoo 360Vulcan Team.
• [514891] Medium CVE-2015-6778: Out of bounds access in PDFium. Credit to Karl Skomski.
• [528505] Medium CVE-2015-6779: Scheme bypass in PDFium. Credit to Til Jasper Ullrich.
• [490492] Medium CVE-2015-6780: Use-after-free in Infobars. Credit to Khalil Zhani.
• [497302] Medium CVE-2015-6781: Integer overflow in Sfntly. Credit to miaubiz.
• [536652] Medium CVE-2015-6782: Content spoofing in Omnibox. Credit to Luan Herrera.
• [537205] Medium CVE-2015-6783: Signature validation issue in Android Crazy Linker. Credit to Michal Bednarski.
• [503217] Low CVE-2015-6784: Escaping issue in saved pages. Credit to Inti De Ceukelaire.
• [534542] Low CVE-2015-6785: Wildcard matching issue in CSP. Credit to Michael Ficarra / Shape Security.
• [534570] Low CVE-2015-6786: Scheme bypass in CSP. Credit to Michael Ficarra / Shape Security.
• [563930] CVE-2015-6787: Various fixes from internal audits, fuzzing and other initiatives.
• Multiple vulnerabilities in V8 fixed at the tip of the 4.7 branch (currently 4.7.80.23).

< 47.0.2526.73

Google Chrome Releases reports:

[180763] High CVE-2013-0912: Type confusion in WebKit. Credit to Nils and Jon of MWR Labs.

< 25.0.1364.160

Google Chrome Releases reports:

45 security fixes in this release:

• [758848] High CVE-2017-11215: Use after free in Flash. Reported by JieZeng of Tencent Zhanlu Lab on 2017-08-25
• [758863] High CVE-2017-11225: Use after free in Flash. Reported by JieZeng of Tencent Zhanlu Lab on 2017-08-25
• [780919] High CVE-2018-6060: Use after free in Blink. Reported by Omair on 2017-11-02
• [794091] High CVE-2018-6061: Race condition in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2017-12-12
• [780104] High CVE-2018-6062: Heap buffer overflow in Skia. Reported by Anonymous on 2017-10-31
• [789959] High CVE-2018-6057: Incorrect permissions on shared memory. Reported by Gal Beniamini of Google Project Zero on 2017-11-30
• [792900] High CVE-2018-6063: Incorrect permissions on shared memory. Reported by Gal Beniamini of Google Project Zero on 2017-12-07
• [798644] High CVE-2018-6064: Type confusion in V8. Reported by lokihardt of Google Project Zero on 2018-01-03
• [808192] High CVE-2018-6065: Integer overflow in V8. Reported by Mark Brand of Google Project Zero on 2018-02-01
• [799477] Medium CVE-2018-6066: Same Origin Bypass via canvas. Reported by Masato Kinugawa on 2018-01-05
• [779428] Medium CVE-2018-6067: Buffer overflow in Skia. Reported by Ned Williamson on 2017-10-30
• [779428] Medium CVE-2018-6067: Buffer overflow in Skia. Reported by Ned Williamson on 2017-10-30
• [799918] Medium CVE-2018-6069: Stack buffer overflow in Skia. Reported by Wanglu and Yangkang(@dnpushme) of Qihoo360 Qex Team on 2018-01-08
• [668645] Medium CVE-2018-6070: CSP bypass through extensions. Reported by Rob Wu on 2016-11-25
• [777318] Medium CVE-2018-6071: Heap bufffer overflow in Skia. Reported by Anonymous on 2017-10-23
• [791048] Medium CVE-2018-6072: Integer overflow in PDFium. Reported by Atte Kettunen of OUSPG on 2017-12-01
• [804118] Medium CVE-2018-6073: Heap bufffer overflow in WebGL. Reported by Omair on 2018-01-20
• [809759] Medium CVE-2018-6074: Mark-of-the-Web bypass. Reported by Abdulrahman Alqabandi (@qab) on 2018-02-06
• [608669] Medium CVE-2018-6075: Overly permissive cross origin downloads. Reported by Inti De Ceukelaire (intigriti.com) on 2016-05-03
• [758523] Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. Reported by Mateusz Krzeszowiec on 2017-08-24
• [778506] Medium CVE-2018-6077: Timing attack using SVG filters. Reported by Khalil Zhani on 2017-10-26
• [793628] Medium CVE-2018-6078: URL Spoof in OmniBox. Reported by Khalil Zhani on 2017-12-10
• [788448] Medium CVE-2018-6079: Information disclosure via texture data in WebGL. Reported by Ivars Atteka on 2017-11-24
• [792028] Medium CVE-2018-6080: Information disclosure in IPC call. Reported by Gal Beniamini of Google Project Zero on 2017-12-05
• [797525] Low CVE-2018-6081: XSS in interstitials. Reported by Rob Wu on 2017-12-24
• [767354] Low CVE-2018-6082: Circumvention of port blocking. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-09-21
• [771709] Low CVE-2018-6083: Incorrect processing of AppManifests. Reported by Jun Kokatsu (@shhnjk) on 2017-10-04

< 65.0.3325.146

Google Chrome Releases reports:

11 security fixes in this release, including:

• [249502] High CVE-2013-6646: Use-after-free in web workers. Credit to Collin Payne.
• [326854] High CVE-2013-6641: Use-after-free related to forms. Credit to Atte Kettunen of OUSPG.
• [324969] High CVE-2013-6642: Address bar spoofing in Chrome for Android. Credit to lpilorz.
• [321940] High CVE-2013-6643: Unprompted sync with an attacker’s Google account. Credit to Joao Lucas Melo Brasio.
• [318791] Medium CVE-2013-6645 Use-after-free related to speech input elements. Credit to Khalil Zhani.
• [333036] CVE-2013-6644: Various fixes from internal audits, fuzzing and other initiatives.

< 32.0.1700.77

Google Chrome Releases reports:

[161564] High CVE-2012-5138: Incorrect file path handling. Credit to Google Chrome Security Team (Jüri Aedla).

[162835] High CVE-2012-5137: Use-after-free in media source handling. Credit to Pinkie Pie.

< 23.0.1271.95

Google Chrome Releases reports:

[143439] High CVE-2012-2889: UXSS in frame handling. Credit to Sergey Glazunov.

[143437] High CVE-2012-2886: UXSS in v8 bindings. Credit to Sergey Glazunov.

[139814] High CVE-2012-2881: DOM tree corruption with plug-ins. Credit to Chamal de Silva.

[135432] High CVE-2012-2876: Buffer overflow in SSE2 optimizations. Credit to Atte Kettunen of OUSPG.

[140803] High CVE-2012-2883: Out-of-bounds write in Skia. Credit to Atte Kettunen of OUSPG.

[143609] High CVE-2012-2887: Use-after-free in onclick handling. Credit to Atte Kettunen of OUSPG.

[143656] High CVE-2012-2888: Use-after-free in SVG text references. Credit to miaubiz.

[144899] High CVE-2012-2894: Crash in graphics context handling. Credit to Slawomir Blazek.

[137707] Medium CVE-2012-2877: Browser crash with extensions and modal dialogs. Credit to Nir Moshe.

[139168] Low CVE-2012-2879: DOM topology corruption. Credit to pawlkt.

[141651] Medium CVE-2012-2884: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.

[132398] High CVE-2012-2874: Out-of-bounds write in Skia. Credit to Google Chrome Security Team (Inferno).

[134955] [135488] [137106] [137288] [137302] [137547] [137556] [137606] [137635] [137880] [137928] [144579] [145079] [145121] [145163] [146462] Medium CVE-2012-2875: Various lower severity issues in the PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[137852] High CVE-2012-2878: Use-after-free in plug-in handling. Credit to Fermin Serna of Google Security Team.

[139462] Medium CVE-2012-2880: Race condition in plug-in paint buffer. Credit to Google Chrome Security Team (Cris Neckar).

[140647] High CVE-2012-2882: Wild pointer in OGG container handling. Credit to Google Chrome Security Team (Inferno).

[142310] Medium CVE-2012-2885: Possible double free on exit. Credit to the Chromium development community.

[143798] [144072] [147402] High CVE-2012-2890: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[144051] Low CVE-2012-2891: Address leak over IPC. Credit to Lei Zhang of the Chromium development community.

[144704] Low CVE-2012-2892: Pop-up block bypass. Credit to Google Chrome Security Team (Cris Neckar).

[144799] High CVE-2012-2893: Double free in XSL transforms. Credit to Google Chrome Security Team (Cris Neckar).

[145029] [145157] [146460] High CVE-2012-2895: Out-of-bounds writes in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

< 22.0.1229.79

Google Chrome Releases reports:

[589838] High CVE-2016-1643: Type confusion in Blink.

[590620] High CVE-2016-1644: Use-after-free in Blink.

[587227] High CVE-2016-1645: Out-of-bounds write in PDFium.

< 49.0.2623.87

Chrome Releases reports:

This release contains 28 security fixes, including:

• [1379054] High CVE-2022-4174: Type Confusion in V8. Reported by Zhenghang Xiao (@Kipreyyy) on 2022-10-27
• [1381401] High CVE-2022-4175: Use after free in Camera Capture. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-11-04
• [1361066] High CVE-2022-4176: Out of bounds write in Lacros Graphics. Reported by @ginggilBesel on 2022-09-08
• [1379242] High CVE-2022-4177: Use after free in Extensions. Reported by Chaoyuan Peng (@ret2happy) on 2022-10-28
• [1376099] High CVE-2022-4178: Use after free in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2022-10-18
• [1377783] High CVE-2022-4179: Use after free in Audio. Reported by Sergei Glazunov of Google Project Zero on 2022-10-24
• [1378564] High CVE-2022-4180: Use after free in Mojo. Reported by Anonymous on 2022-10-26
• [1382581] High CVE-2022-4181: Use after free in Forms. Reported by Aviv A. on 2022-11-09
• [1368739] Medium CVE-2022-4182: Inappropriate implementation in Fenced Frames. Reported by Peter Nemeth on 2022-09-28
• [1251790] Medium CVE-2022-4183: Insufficient policy enforcement in Popup Blocker. Reported by David Sievers on 2021-09-22
• [1358647] Medium CVE-2022-4184: Insufficient policy enforcement in Autofill. Reported by Ahmed ElMasry on 2022-09-01
• [1373025] Medium CVE-2022-4185: Inappropriate implementation in Navigation. Reported by James Lee (@Windowsrcer) on 2022-10-10
• [1377165] Medium CVE-2022-4186: Insufficient validation of untrusted input in Downloads. Reported by Luan Herrera (@lbherrera_) on 2022-10-21
• [1381217] Medium CVE-2022-4187: Insufficient policy enforcement in DevTools. Reported by Axel Chong on 2022-11-04
• [1340879] Medium CVE-2022-4188: Insufficient validation of untrusted input in CORS. Reported by Philipp Beer (TU Wien) on 2022-06-30
• [1344647] Medium CVE-2022-4189: Insufficient policy enforcement in DevTools. Reported by NDevTK on 2022-07-15
• [1378997] Medium CVE-2022-4190: Insufficient data validation in Directory. Reported by Axel Chong on 2022-10-27
• [1373941] Medium CVE-2022-4191: Use after free in Sign-In. Reported by Jaehun Jeong(@n3sk) of Theori on 2022-10-12
• [1344514] Medium CVE-2022-4192: Use after free in Live Caption. Reported by Samet Bekmezci @sametbekmezci on 2022-07-14
• [1354518] Medium CVE-2022-4193: Insufficient policy enforcement in File System API. Reported by Axel Chong on 2022-08-19
• [1370562] Medium CVE-2022-4194: Use after free in Accessibility. Reported by Anonymous on 2022-10-03
• [1371926] Medium CVE-2022-4195: Insufficient policy enforcement in Safe Browsing. Reported by Eric Lawrence of Microsoft on 2022-10-06

< 108.0.5359.71

< 108.0.5359.71

Google Chrome Releases reports:

36 security fixes in this release

Please reference CVE/URL list for details

< 55.0.2883.75

Google Chrome Releases reports:

[136643] [137721] [137957] High CVE-2012-2862: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[136968] [137361] High CVE-2012-2863: Out-of-bounds writes in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

< 21.0.1180.75

Chrome Releases reports:

This release contains one security fix:

• [1115345] High CVE-2020-6556: Heap buffer overflow in SwiftShader. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-08-12

< 84.0.4147.135

Chrome releases reports:

This release contains 35 security fixes, including:

• [1127322] Critical CVE-2020-15967: Use after free in payments. Reported by Man Yue Mo of GitHub Security Lab on 2020-09-11
• [1126424] High CVE-2020-15968: Use after free in Blink. Reported by Anonymous on 2020-09-09
• [1124659] High CVE-2020-15969: Use after free in WebRTC. Reported by Anonymous on 2020-09-03
• [1108299] High CVE-2020-15970: Use after free in NFC. Reported by Man Yue Mo of GitHub Security Lab on 2020-07-22
• [1114062] High CVE-2020-15971: Use after free in printing. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-08-07
• [1115901] High CVE-2020-15972: Use after free in audio. Reported by Anonymous on 2020-08-13
• [1133671] High CVE-2020-15990: Use after free in autofill. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30
• [1133688] High CVE-2020-15991: Use after free in password manager. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30
• [1106890] Medium CVE-2020-15973: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-07-17
• [1104103] Medium CVE-2020-15974: Integer overflow in Blink. Reported by Juno Im (junorouse) of Theori on 2020-07-10
• [1110800] Medium CVE-2020-15975: Integer overflow in SwiftShader. Reported by Anonymous on 2020-07-29
• [1123522] Medium CVE-2020-15976: Use after free in WebXR. Reported by YoungJoo Lee (@ashuu_lee) of Raon Whitehat on 2020-08-31
• [1083278] Medium CVE-2020-6557: Inappropriate implementation in networking. Reported by Matthias Gierlings and Marcus Brinkmann (NDS Ruhr-University Bochum) on 2020-05-15
• [1097724] Medium CVE-2020-15977: Insufficient data validation in dialogs. Reported by Narendra Bhati (@imnarendrabhati) on 2020-06-22
• [1116280] Medium CVE-2020-15978: Insufficient data validation in navigation. Reported by Luan Herrera (@lbherrera_) on 2020-08-14
• [1127319] Medium CVE-2020-15979: Inappropriate implementation in V8. Reported by Avihay Cohen (@SeraphicAlgorithms) on 2020-09-11
• [1092453] Medium CVE-2020-15980: Insufficient policy enforcement in Intents. Reported by Yongke Wang (@Rudykewang) and Aryb1n (@aryb1n) of Tencent Security Xuanwu Lab on 2020-06-08
• [1123023] Medium CVE-2020-15981: Out of bounds read in audio. Reported by Christoph Guttandin on 2020-08-28
• [1039882] Medium CVE-2020-15982: Side-channel information leakage in cache. Reported by Luan Herrera (@lbherrera_) on 2020-01-07
• [1076786] Medium CVE-2020-15983: Insufficient data validation in webUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-04-30
• [1080395] Medium CVE-2020-15984: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora on 2020-05-07
• [1099276] Medium CVE-2020-15985: Inappropriate implementation in Blink. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2020-06-25
• [1100247] Medium CVE-2020-15986: Integer overflow in media. Reported by Mark Brand of Google Project Zero on 2020-06-29
• [1127774] Medium CVE-2020-15987: Use after free in WebRTC. Reported by Philipp Hancke on 2020-09-14
• [1110195] Medium CVE-2020-15992: Insufficient policy enforcement in networking. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-28
• [1092518] Low CVE-2020-15988: Insufficient policy enforcement in downloads. Reported by Samuel Attard on 2020-06-08
• [1108351] Low CVE-2020-15989: Uninitialized Use in PDFium. Reported by Gareth Evans (Microsoft) on 2020-07-22

< 86.0.4240.75

Google Chrome Releases reports:

23 security fixes in this release, including:

• [356653] High CVE-2014-1743: Use-after-free in styles. Credit to cloudfuzzer.
• [359454] High CVE-2014-1744: Integer overflow in audio. Credit to Aaron Staple.
• [346192] High CVE-2014-1745: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG.
• [364065] Medium CVE-2014-1746: Out-of-bounds read in media filters. Credit to Holger Fuhrmannek.
• [330663] Medium CVE-2014-1747: UXSS with local MHTML file. Credit to packagesu.
• [331168] Medium CVE-2014-1748: UI spoofing with scrollbar. Credit to Jordan Milne.
• [374649] CVE-2014-1749: Various fixes from internal audits, fuzzing and other initiatives.
• [358057] CVE-2014-3152: Integer underflow in V8 fixed in version 3.25.28.16.

< 35.0.1916.114

Google Chrome Releases reports:

Several security fixes in this release, including:

• [641101] High CVE-2016-5170: Use after free in Blink.Credit to Anonymous
• [643357] High CVE-2016-5171: Use after free in Blink. Credit to Anonymous
• [616386] Medium CVE-2016-5172: Arbitrary Memory Read in v8. Credit to Choongwoo Han
• [468931] Medium CVE-2016-5173: Extension resource access. Credit to Anonymous
• [579934] Medium CVE-2016-5174: Popup not correctly suppressed. Credit to Andrey Kovalev (@L1kvID) Yandex Security Team
• [646394] CVE-2016-5175: Various fixes from internal audits, fuzzing and other initiatives.

< 53.0.2785.113

Chrome Releases reports:

This release contains 32 security fixes, including:

• [1208721] High CVE-2021-30521: Heap buffer overflow in Autofill. Reported by ZhanJia Song on 2021-05-13
• [1176218] High CVE-2021-30522: Use after free in WebAudio. Reported by Piotr Bania of Cisco Talos on 2021-02-09
• [1187797] High CVE-2021-30523: Use after free in WebRTC. Reported by Tolyan Korniltsev on 2021-03-13
• [1197146] High CVE-2021-30524: Use after free in TabStrip. Reported by David Erceg on 2021-04-08
• [1197888] High CVE-2021-30525: Use after free in TabGroups. Reported by David Erceg on 2021-04-11
• [1198717] High CVE-2021-30526: Out of bounds write in TabStrip. Reported by David Erceg on 2021-04-13
• [1199198] High CVE-2021-30527: Use after free in WebUI. Reported by David Erceg on 2021-04-15
• [1206329] High CVE-2021-30528: Use after free in WebAuthentication. Reported by Man Yue Mo of GitHub Security Lab on 2021-05-06
• [1195278] Medium CVE-2021-30529: Use after free in Bookmarks. Reported by koocola (@alo_cook) and Nan Wang (@eternalsakura13) of 360 Alpha Lab on 2021-04-02
• [1201033] Medium CVE-2021-30530: Out of bounds memory access in WebAudio. Reported by kkwon on 2021-04-21
• [1115628] Medium CVE-2021-30531: Insufficient policy enforcement in Content Security Policy. Reported by Philip Papurt on 2020-08-12
• [1117687] Medium CVE-2021-30532: Insufficient policy enforcement in Content Security Policy. Reported by Philip Papurt on 2020-08-18
• [1145553] Medium CVE-2021-30533: Insufficient policy enforcement in PopupBlocker. Reported by Eliya Stein on 2020-11-04
• [1151507] Medium CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox. Reported by Alesandro Ortiz on 2020-11-20
• [1194899] Medium CVE-2021-30535: Double free in ICU. Reported by nocma, leogan, cheneyxu of WeChat Open Platform Security Team on 2021-04-01
• [1145024] Medium CVE-2021-21212: Insufficient data validation in networking. Reported by Hugo Hue and Sze Yiu Chau of the Chinese University of Hong Kong on 2020-11-03
• [1194358] Low CVE-2021-30536: Out of bounds read in V8. Reported by Chris Salls (@salls) on 2021-03-31
• [830101] Low CVE-2021-30537: Insufficient policy enforcement in cookies. Reported by Jun Kokatsu (@shhnjk) on 2018-04-06
• [1115045] Low CVE-2021-30538: Insufficient policy enforcement in content security policy. Reported by Tianze Ding (@D1iv3) of Tencent Security Xuanwu Lab on 2020-08-11
• [971231] Low CVE-2021-30539: Insufficient policy enforcement in content security policy. Reported by unnamed researcher on 2019-06-05
• [1184147] Low CVE-2021-30540: Incorrect security UI in payments. Reported by @retsew0x01 on 2021-03-03

< 91.0.4472.77

Google Chrome Releases reports:

[81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to David Holloway of the Chromium development community.

[95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team (Inferno).

[98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit to Aki Helin of OUSPG.

[99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to Mitja Kolsek of ACROS Security.

[100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to Aki Helin of OUSPG.

[101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array. Credit to Google Chrome Security Team (scarybeasts) and Chu.

[101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling. Credit to Google Chrome Security Team (Cris Neckar).

[101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to Google Chrome Security Team (scarybeasts) and Robert Swiecki of the Google Security Team.

[102359] High CVE-2011-3912: Use-after-free in SVG filters. Credit to Arthur Gerkis.

[103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to Arthur Gerkis.

[104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling. Credit to Slawomir Blazek.

[104529] High CVE-2011-3915: Buffer overflow in PDF font handling. Credit to Atte Kettunen of OUSPG.

[104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references. Credit to Atte Kettunen of OUSPG.

[105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to Google Chrome Security Team (Marty Barbella).

[107258] High CVE-2011-3904: Use-after-free in bidi handling. Credit to Google Chrome Security Team (Inferno) and miaubiz.

< 16.0.912.63

Google Chrome Releases reports:

Eleven vulnerabilities, including:

[257748] Medium CVE-2013-2881: Origin bypass in frame handling. Credit to Karthik Bhargavan.

[260106] High CVE-2013-2882: Type confusion in V8. Credit to Cloudfuzzer.

[260165] High CVE-2013-2883: Use-after-free in MutationObserver. Credit to Cloudfuzzer.

[248950] High CVE-2013-2884: Use-after-free in DOM. Credit to Ivan Fratric of Google Security Team.

[249640] [257353] High CVE-2013-2885: Use-after-free in input handling. Credit to Ivan Fratric of Google Security Team.

[261701] High CVE-2013-2886: Various fixes from internal audits, fuzzing and other initiatives.

< 28.0.1500.95

Chrome Releases reports:

This update includes 2 security fixes, including:

• [1092308] High CVE-2020-6509: Use after free in extensions. Reported by Anonymous on 2020-06-08

< 83.0.4103.116

Chrome Releases reports:

This release contains 10 security fixes, including:

• [1377816] High CVE-2022-3885: Use after free in V8. Reported by gzobqq@ on 2022-10-24
• [1372999] High CVE-2022-3886: Use after free in Speech Recognition. Reported by anonymous on 2022-10-10
• [1372695] High CVE-2022-3887: Use after free in Web Workers. Reported by anonymous on 2022-10-08
• [1375059] High CVE-2022-3888: Use after free in WebCodecs. Reported by Peter Nemeth on 2022-10-16
• [1380063] High CVE-2022-3889: Type Confusion in V8. Reported by anonymous on 2022-11-01
• [1380083] High CVE-2022-3890: Heap buffer overflow in Crashpad. Reported by anonymous on 2022-11-01

< 107.0.5304.110

< 107.0.5304.110

Google Chrome Releases reports:

20 security fixes in this release, including:

• [590275] High CVE-2016-1652: Universal XSS in extension bindings. Credit to anonymous.
• [589792] High CVE-2016-1653: Out-of-bounds write in V8. Credit to Choongwoo Han.
• [591785] Medium CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding. Credit to kdot working with HP's Zero Day Initiative.
• [589512] Medium CVE-2016-1654: Uninitialized memory read in media. Credit to Atte Kettunen of OUSPG.
• [582008] Medium CVE-2016-1655: Use-after-free related to extensions. Credit to Rob Wu.
• [570750] Medium CVE-2016-1656: Android downloaded file path restriction bypass. Credit to Dzmitry Lukyanenko.
• [567445] Medium CVE-2016-1657: Address bar spoofing. Credit to Luan Herrera.
• [573317] Low CVE-2016-1658: Potential leak of sensitive information to malicious extensions. Credit to Antonio Sanso (@asanso) of Adobe.
• [602697] CVE-2016-1659: Various fixes from internal audits, fuzzing and other initiatives.

< 50.0.2661.75

Google Chrome Releases reports:

This updates includes 32 security fixes, including:

• [1019161] High CVE-2020-6454: Use after free in extensions. Reported by Leecraso and Guang Gong of Alpha Lab, Qihoo 360 on 2019-10-29
• [1043446] High CVE-2020-6423: Use after free in audio. Reported by Anonymous on 2020-01-18
• [1059669] High CVE-2020-6455: Out of bounds read in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of Alpha Lab, Qihoo 360 on 2020-03-09
• [1031479] Medium CVE-2020-6430: Type Confusion in V8. Reported by Avihay Cohen @ SeraphicAlgorithms on 2019-12-06
• [1040755] Medium CVE-2020-6456: Insufficient validation of untrusted input in clipboard. Reported by Michał Bentkowski of Securitum on 2020-01-10
• [852645] Medium CVE-2020-6431: Insufficient policy enforcement in full screen. Reported by Luan Herrera (@lbherrera_) on 2018-06-14
• [965611] Medium CVE-2020-6432: Insufficient policy enforcement in navigations. Reported by David Erceg on 2019-05-21
• [1043965] Medium CVE-2020-6433: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-01-21
• [1048555] Medium CVE-2020-6434: Use after free in devtools. Reported by HyungSeok Han (DaramG) of Theori on 2020-02-04
• [1032158] Medium CVE-2020-6435: Insufficient policy enforcement in extensions. Reported by Sergei Glazunov of Google Project Zero on 2019-12-09
• [1034519] Medium CVE-2020-6436: Use after free in window management. Reported by Igor Bukanov from Vivaldi on 2019-12-16
• [639173] Low CVE-2020-6437: Inappropriate implementation in WebView. Reported by Jann Horn on 2016-08-19
• [714617] Low CVE-2020-6438: Insufficient policy enforcement in extensions. Reported by Ng Yik Phang on 2017-04-24
• [868145] Low CVE-2020-6439: Insufficient policy enforcement in navigations. Reported by remkoboonstra on 2018-07-26
• [894477] Low CVE-2020-6440: Inappropriate implementation in extensions. Reported by David Erceg on 2018-10-11
• [959571] Low CVE-2020-6441: Insufficient policy enforcement in omnibox. Reported by David Erceg on 2019-05-04
• [1013906] Low CVE-2020-6442: Inappropriate implementation in cache. Reported by B@rMey on 2019-10-12
• [1040080] Low CVE-2020-6443: Insufficient data validation in developer tools. Reported by @lovasoa (Ophir LOJKINE) on 2020-01-08
• [922882] Low CVE-2020-6444: Uninitialized Use in WebRTC. Reported by mlfbrown on 2019-01-17
• [933171] Low CVE-2020-6445: Insufficient policy enforcement in trusted types. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-02-18
• [933172] Low CVE-2020-6446: Insufficient policy enforcement in trusted types. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-02-18
• [991217] Low CVE-2020-6447: Inappropriate implementation in developer tools. Reported by David Erceg on 2019-08-06
• [1037872] Low CVE-2020-6448: Use after free in V8. Reported by Guang Gong of Alpha Lab, Qihoo 360 on 2019-12-26

< 81.0.4044.92

Google Chrome Releases reports:

48 security fixes in this release, including:

• [610600] High CVE-2016-1706: Sandbox escape in PPAPI. Credit to Pinkie Pie xisigr of Tencent's Xuanwu Lab
• [613949] High CVE-2016-1708: Use-after-free in Extensions. Credit to Adam Varsan
• [614934] High CVE-2016-1709: Heap-buffer-overflow in sfntly. Credit to ChenQin of Topsec Security Team
• [616907] High CVE-2016-1710: Same-origin bypass in Blink. Credit to Mariusz Mlynski
• [617495] High CVE-2016-1711: Same-origin bypass in Blink. Credit to Mariusz Mlynski
• [618237] High CVE-2016-5127: Use-after-free in Blink. Credit to cloudfuzzer
• [619166] High CVE-2016-5128: Same-origin bypass in V8. Credit to Anonymous
• [620553] High CVE-2016-5129: Memory corruption in V8. Credit to Jeonghoon Shin
• [623319] High CVE-2016-5130: URL spoofing. Credit to Wadih Matar
• [623378] High CVE-2016-5131: Use-after-free in libxml. Credit to Nick Wellnhofer
• [607543] Medium CVE-2016-5132: Limited same-origin bypass in Service Workers. Credit to Ben Kelly
• [613626] Medium CVE-2016-5133: Origin confusion in proxy authentication. Credit to Patch Eudor
• [593759] Medium CVE-2016-5134: URL leakage via PAC script. Credit to Paul Stone
• [605451] Medium CVE-2016-5135: Content-Security-Policy bypass. Credit to kingxwy
• [625393] Medium CVE-2016-5136: Use after free in extensions. Credit to Rob Wu
• [625945] Medium CVE-2016-5137: History sniffing with HSTS and CSP. Credit to Xiaoyin Liu
• [629852] CVE-2016-1705: Various fixes from internal audits, fuzzing and other initiatives.

< 52.0.2743.82

Google Chrome Releases reports:

5 security fixes in this release, including:

• [292422] High CVE-2013-2925: Use after free in XHR. Credit to Atte Kettunen of OUSPG.
• [294456] High CVE-2013-2926: Use after free in editing. Credit to cloudfuzzer.
• [297478] High CVE-2013-2927: Use after free in forms. Credit to cloudfuzzer.
• [305790] High CVE-2013-2928: Various fixes from internal audits, fuzzing and other initiatives.

< 30.0.1599.101

Google Chrome Releases reports:

1 security fix contributed by external researches:

• High CVE-2018-17481: Use after free in PDFium

< 71.0.3578.98

Google Chrome Releases reports:

7 security fixes in this release, including:

• [548273] High CVE-2015-6788: Type confusion in extensions. Credit to anonymous.
• [557981] High CVE-2015-6789: Use-after-free in Blink. Credit to cloudfuzzer.
• [542054] Medium CVE-2015-6790: Escaping issue in saved pages. Credit to Inti De Ceukelaire.
• [567513] CVE-2015-6791: Various fixes from internal audits, fuzzing and other initiatives.
• Multiple vulnerabilities in V8 fixed at the tip of the 4.7 branch (currently 4.7.80.23).

< 47.0.2526.80

Chrome Releases reports:

This release contains 4 security fixes, including:

• [1341043] High CVE-2022-2294: Heap buffer overflow in WebRTC. Reported by Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01
• [1336869] High CVE-2022-2295: Type Confusion in V8. Reported by avaue and Buff3tts at S.S.L. on 2022-06-16
• [1327087] High CVE-2022-2296: Use after free in Chrome OS Shell. Reported by Khalil Zhani on 2022-05-19

< 103.0.5060.114

Chrome Releases reports:

This release contains 35 security fixes, including:

• ][1210985] High CVE-2021-30565: Out of bounds write in Tab Groups. Reported by David Erceg on 2021-05-19
• [1202661] High CVE-2021-30566: Stack buffer overflow in Printing. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-04-26
• [1211326] High CVE-2021-30567: Use after free in DevTools. Reported by DDV_UA on 2021-05-20
• [1219886] High CVE-2021-30568: Heap buffer overflow in WebGL. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-06-15
• [1218707] High CVE-2021-30569: Use after free in sqlite. Reported by Chris Salls (@salls) of Makai Security on 2021-06-11
• [1101897] High CVE-2021-30571: Insufficient policy enforcement in DevTools. Reported by David Erceg on 2020-07-03
• [1214234] High CVE-2021-30572: Use after free in Autofill. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-05-28
• [1216822] High CVE-2021-30573: Use after free in GPU. Reported by Security For Everyone Team - https://securityforeveryone.com on 2021-06-06
• [1227315] High CVE-2021-30574: Use after free in protocol handling. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-07-08
• [1213313] Medium CVE-2021-30575: Out of bounds read in Autofill. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-05-26
• [1194896] Medium CVE-2021-30576: Use after free in DevTools. Reported by David Erceg on 2021-04-01
• [1204811] Medium CVE-2021-30577: Insufficient policy enforcement in Installer. Reported by Jan van der Put (REQON B.V) on 2021-05-01
• [1201074] Medium CVE-2021-30578: Uninitialized Use in Media. Reported by Chaoyuan Peng on 2021-04-21
• [1207277] Medium CVE-2021-30579: Use after free in UI framework. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-05-10
• [1189092] Medium CVE-2021-30580: Insufficient policy enforcement in Android intents. Reported by @retsew0x01 on 2021-03-17
• [1194431] Medium CVE-2021-30581: Use after free in DevTools. Reported by David Erceg on 2021-03-31
• [1205981] Medium CVE-2021-30582: Inappropriate implementation in Animation. Reported by George Liu on 2021-05-05
• [1179290] Medium CVE-2021-30583: Insufficient policy enforcement in image handling on Windows. Reported by Muneaki Nishimura (nishimunea) on 2021-02-17
• [1213350] Medium CVE-2021-30584: Incorrect security UI in Downloads. Reported by @retsew0x01 on 2021-05-26
• [1023503] Medium CVE-2021-30585: Use after free in sensor handling. Reported by niarci on 2019-11-11
• [1201032] Medium CVE-2021-30586: Use after free in dialog box handling on Windows. Reported by kkomdal with kkwon and neodal on 2021-04-21
• [1204347] Medium CVE-2021-30587: Inappropriate implementation in Compositing on Windows. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-04-30
• [1195650] Low CVE-2021-30588: Type Confusion in V8. Reported by Jose Martinez (tr0y4) from VerSprite Inc. on 2021-04-04
• [1180510] Low CVE-2021-30589: Insufficient validation of untrusted input in Sharing. Reported by Kirtikumar Anandrao Ramchandani (@Kirtikumar_A_R) and Patrick Walker (@homesen) on 2021-02-20

< 92.0.4515.107

Google Chrome Releases reports:

33 security fixes in this release

Please reference CVE/URL list for details

< 53.0.2785.92

Chrome Releases/Stable updates reports:

This release contains 4 security fixes, including:

• [1245578] High CVE-2021-37974: Use after free in Safe Browsing. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-09-01
• [1252918] High CVE-2021-37975: Use after free in V8. Reported by Anonymous on 2021-09-24
• [1251787] Medium CVE-2021-37976: Information leak in core. Reported by Clement Lecigne from Google TAG, with technical assistance from Sergei Glazunov and Mark Brand from Google Project Zero on 2021-09-21

Google is aware the exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild.

< 94.0.4606.71

Google Chrome Releases reports:

15 security fixes in this release, including:

• [307159] Medium CVE-2013-6634: Session fixation in sync related to 302 redirects. Credit to Andrey Labunets.
• [314469] High CVE-2013-6635: Use-after-free in editing. Credit to cloudfuzzer.
• [322959] Medium CVE-2013-6636: Address bar spoofing related to modal dialogs. Credit to Bas Venis.
• [325501] CVE-2013-6637: Various fixes from internal audits, fuzzing and other initiatives.
• [319722] Medium CVE-2013-6638: Buffer overflow in v8. This issue was fixed in v8 version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
• [319835] High CVE-2013-6639: Out of bounds write in v8. This issue was fixed in v8 version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.
• [319860] Medium CVE-2013-6640: Out of bounds read in v8. This issue was fixed in v8 version 3.22.24.7. Credit to Jakob Kummerow of the Chromium project.

< 31.0.1650.63

Chrome Releases reports:

This release contains 17 security fixes, including:

• [1353208] High CVE-2023-0128: Use after free in Overview Mode. Reported by Khalil Zhani on 2022-08-16
• [1382033] High CVE-2023-0129: Heap buffer overflow in Network Service. Reported by asnine on 2022-11-07
• [1370028] Medium CVE-2023-0130: Inappropriate implementation in Fullscreen API. Reported by Hafiizh on 2022-09-30
• [1357366] Medium CVE-2023-0131: Inappropriate implementation in iframe Sandbox. Reported by NDevTK on 2022-08-28
• [1371215] Medium CVE-2023-0132: Inappropriate implementation in Permission prompts. Reported by Jasper Rebane (popstonia) on 2022-10-05
• [1375132] Medium CVE-2023-0133: Inappropriate implementation in Permission prompts. Reported by Alesandro Ortiz on 2022-10-17
• [1385709] Medium CVE-2023-0134: Use after free in Cart. Reported by Chaoyuan Peng (@ret2happy) on 2022-11-17
• [1385831] Medium CVE-2023-0135: Use after free in Cart. Reported by Chaoyuan Peng (@ret2happy) on 2022-11-18
• [1356987] Medium CVE-2023-0136: Inappropriate implementation in Fullscreen API. Reported by Axel Chong on 2022-08-26
• [1399904] Medium CVE-2023-0137: Heap buffer overflow in Platform Apps. Reported by avaue and Buff3tts at S.S.L. on 2022-12-10
• [1346675] Low CVE-2023-0138: Heap buffer overflow in libphonenumber. Reported by Michael Dau on 2022-07-23
• [1367632] Low CVE-2023-0139: Insufficient validation of untrusted input in Downloads. Reported by Axel Chong on 2022-09-24
• [1326788] Low CVE-2023-0140: Inappropriate implementation in File System API. Reported by harrison.mitchell, cybercx.com.au on 2022-05-18
• [1362331] Low CVE-2023-0141: Insufficient policy enforcement in CORS. Reported by scarlet on 2022-09-12

< 109.0.5414.74

< 109.0.5414.74

Chrome Releases reports:

This release contains two security fixes:

• [1196781] High CVE-2021-21206: Use after free in Blink. Reported by Anonymous on 2021-04-07
• [1196683] High CVE-2021-21220: Insufficient validation of untrusted input in V8 for x86_64. Reported by Bruno Keith (@bkth_) and Niklas Baumstark (@_niklasb) of Dataflow Security (@dfsec_it) via ZDI (ZDI-CAN-13569) on 2021-04-07>

< 89.0.4389.128

Chrome Releases reports:

This release contains 6 security fixes:

• [1364604] High CVE-2022-3445: Use after free in Skia. Reported by Nan Wang (@eternalsakura13) and Yong Liu of 360 Vulnerability Research Institute on 2022-09-16
• [1368076] High CVE-2022-3446: Heap buffer overflow in WebSQL. Reported by Kaijie Xu (@kaijieguigui) on 2022-09-26
• [1366582] High CVE-2022-3447: Inappropriate implementation in Custom Tabs. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2022-09-22
• [1363040] High CVE-2022-3448: Use after free in Permissions API. Reported by raven at KunLun lab on 2022-09-13
• [1364662] High CVE-2022-3449: Use after free in Safe Browsing. Reported by asnine on 2022-09-17
• [1369882] High CVE-2022-3450: Use after free in Peer Connection. Reported by Anonymous on 2022-09-30

< 106.0.5249.119

< 106.0.5249.119

Google Chrome Releases reports:

5 security fixes in this release, including:

• [698622] Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar
• [699166] High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs
• [662767] High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin
• [705445] High CVE-2017-5056: Use after free in Blink. Credit to anonymous
• [702058] High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587)

< 57.0.2987.133

Google Chrome Releases reports (belatedly):

9 security fixes in this release, including:

• [354967] High CVE-2014-1730: Type confusion in V8. Credit to Anonymous.
• [349903] High CVE-2014-1731: Type confusion in DOM. Credit to John Butler.
• [359802] High CVE-2014-1736: Integer overflow in V8. Credit to SkyLined working with HP's Zero Day Initiative.
• [352851] Medium CVE-2014-1732: Use-after-free in Speech Recognition. Credit to Khalil Zhani.
• [351103] Medium CVE-2014-1733: Compiler bug in Seccomp-BPF. Credit to Jed Davis.
• [367314] CVE-2014-1734: Various fixes from internal audits, fuzzing and other initiatives.
• [359130, 359525, 360429] CVE-2014-1735: Multiple vulnerabilities in V8 fixed in version 3.24.35.33.

< 34.0.1847.132

Google Chrome releases reports:

40 security fixes in this release

Please reference CVE/URL list for details

< 60.0.3112.78

Chrome Releases reports:

This release contains 4 security fixes, including:

• [1252878] High CVE-2021-37977: Use after free in Garbage Collection. Reported by Anonymous on 2021-09-24
• [1236318] High CVE-2021-37978: Heap buffer overflow in Blink. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-08-04
• [1247260] High CVE-2021-37979: Heap buffer overflow in WebRTC. Reported by Marcin Towalski of Cisco Talos on 2021-09-07
• [1254631] High CVE-2021-37980: Inappropriate implementation in Sandbox. Reported by Yonghwi Jin (@jinmo123) on 2021-09-30

< 94.0.4606.81

Google Chrome Releases reports:

9 security fixes in this release, including:

• [574802] High CVE-2016-1660: Out-of-bounds write in Blink. Credit to Atte Kettunen of OUSPG.
• [601629] High CVE-2016-1661: Memory corruption in cross-process frames. Credit to Wadih Matar.
• [603732] High CVE-2016-1662: Use-after-free in extensions. Credit to Rob Wu.
• [603987] High CVE-2016-1663: Use-after-free in Blink's V8 bindings. Credit to anonymous.
• [597322] Medium CVE-2016-1664: Address bar spoofing. Credit to Wadih Matar.
• [606181] Medium CVE-2016-1665: Information leak in V8. Credit to HyungSeok Han.
• [607652] CVE-2016-1666: Various fixes from internal audits, fuzzing and other initiatives.

< 50.0.2661.94

Google Chrome Releases reports:

1 security fix in this release, including:

• [782145] High CVE-2017-15428: Out of bounds read in V8. Reported by Zhao Qixun of Qihoo 360 Vulcan Team on 2017-11-07

< 62.0.3202.94

Google Chrome Releases reports:

24 security fixes in this release, including:

• [519558] High CVE-2015-6755: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
• [507316] High CVE-2015-6756: Use-after-free in PDFium. Credit to anonymous.
• [529520] High CVE-2015-6757: Use-after-free in ServiceWorker. Credit to Collin Payne.
• [522131] High CVE-2015-6758: Bad-cast in PDFium. Credit to Atte Kettunen of OUSPG.
• [514076] Medium CVE-2015-6759: Information leakage in LocalStorage. Credit to Muneaki Nishimura (nishimunea).
• [519642] Medium CVE-2015-6760: Improper error handling in libANGLE. Credit to lastland.net.
• [447860,532967] Medium CVE-2015-6761: Memory corruption in FFMpeg. Credit to Aki Helin of OUSPG and anonymous.
• [512678] Low CVE-2015-6762: CORS bypass via CSS fonts. Credit to Muneaki Nishimura (nishimunea).
• [542517] CVE-2015-6763: Various fixes from internal audits, fuzzing and other initiatives.
• Multiple vulnerabilities in V8 fixed at the tip of the 4.6 branch (currently 4.6.85.23).

< 46.0.2490.71

Chrome Releases reports:

This release contains 8 security fixes, including:

• [1383991] High CVE-2022-4436: Use after free in Blink Media. Reported by Anonymous on 2022-11-15
• [1394692] High CVE-2022-4437: Use after free in Mojo IPC. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-11-30
• [1381871] High CVE-2022-4438: Use after free in Blink Frames. Reported by Anonymous on 2022-11-07
• [1392661] High CVE-2022-4439: Use after free in Aura. Reported by Anonymous on 2022-11-22
• [1382761] Medium CVE-2022-4440: Use after free in Profiles. Reported by Anonymous on 2022-11-09

< 108.0.5359.124

< 108.0.5359.124

Chrome Releases reports:

51 security fixes in this release, including:

• [456516] High CVE-2015-1212: Out-of-bounds write in media. Credit to anonymous.
• [448423] High CVE-2015-1213: Out-of-bounds write in skia filters. Credit to cloudfuzzer.
• [445810] High CVE-2015-1214: Out-of-bounds write in skia filters. Credit to cloudfuzzer.
• [445809] High CVE-2015-1215: Out-of-bounds write in skia filters. Credit to cloudfuzzer.
• [454954] High CVE-2015-1216: Use-after-free in v8 bindings. Credit to anonymous.
• [456192] High CVE-2015-1217: Type confusion in v8 bindings. Credit to anonymous.
• [456059] High CVE-2015-1218: Use-after-free in dom. Credit to cloudfuzzer.
• [446164] High CVE-2015-1219: Integer overflow in webgl. Credit to Chen Zhang (demi6od) of NSFOCUS Security Team.
• [437651] High CVE-2015-1220: Use-after-free in gif decoder. Credit to Aki Helin of OUSPG.
• [455368] High CVE-2015-1221: Use-after-free in web databases. Credit to Collin Payne.
• [448082] High CVE-2015-1222: Use-after-free in service workers. Credit to Collin Payne.
• [454231] High CVE-2015-1223: Use-after-free in dom. Credit to Maksymillian Motyl.
• High CVE-2015-1230: Type confusion in v8. Credit to Skylined working with HP's Zero Day Initiative.
• [449958] Medium CVE-2015-1224: Out-of-bounds read in vpxdecoder. Credit to Aki Helin of OUSPG.
• [446033] Medium CVE-2015-1225: Out-of-bounds read in pdfium. Credit to cloudfuzzer.
• [456841] Medium CVE-2015-1226: Validation issue in debugger. Credit to Rob Wu.
• [450389] Medium CVE-2015-1227: Uninitialized value in blink. Credit to Christoph Diehl.
• [444707] Medium CVE-2015-1228: Uninitialized value in rendering. Credit to miaubiz.
• [431504] Medium CVE-2015-1229: Cookie injection via proxies. Credit to iliwoy.
• [463349] CVE-2015-1231: Various fixes from internal audits, fuzzing, and other initiatives.

< 41.0.2272.76

< 41.0.2272.76

< 41.0.2272.76

Chrome Releases reports:

This release contains 11 security fixes, including:

• [1299422] Critical CVE-2022-0971: Use after free in Blink Layout. Reported by Sergei Glazunov of Google Project Zero on 2022-02-21
• [1301320] High CVE-2022-0972: Use after free in Extensions. Reported by Sergei Glazunov of Google Project Zero on 2022-02-28
• [1297498] High CVE-2022-0973: Use after free in Safe Browsing. Reported by avaue and Buff3tts at S.S.L. on 2022-02-15
• [1291986] High CVE-2022-0974: Use after free in Splitscreen. Reported by @ginggilBesel on 2022-01-28
• [1295411] High CVE-2022-0975: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-02-09
• [1296866] High CVE-2022-0976: Heap buffer overflow in GPU. Reported by Omair on 2022-02-13
• [1299225] High CVE-2022-0977: Use after free in Browser UI. Reported by Khalil Zhani on 2022-02-20
• [1299264] High CVE-2022-0978: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-02-20
• [1302644] High CVE-2022-0979: Use after free in Safe Browsing. Reported by anonymous on 2022-03-03
• [1302157] Medium CVE-2022-0980: Use after free in New Tab Page. Reported by Krace on 2022-03-02

< 98.0.4844.74

Chrome Releases reports:

This update contains 38 security fixes, including:

• [1103195] Critical CVE-2020-6510: Heap buffer overflow in background fetch. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-07-08
• [1074317] High CVE-2020-6511: Side-channel information leakage in content security policy. Reported by Mikhail Oblozhikhin on 2020-04-24
• [1084820] High CVE-2020-6512: Type Confusion in V8. Reported by nocma, leogan, cheneyxu of WeChat Open Platform Security Team on 2020-05-20
• [1091404] High CVE-2020-6513: Heap buffer overflow in PDFium. Reported by Aleksandar Nikolic of Cisco Talos on 2020-06-04
• [1076703] High CVE-2020-6514: Inappropriate implementation in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2020-04-30
• [1082755] High CVE-2020-6515: Use after free in tab strip. Reported by DDV_UA on 2020-05-14
• [1092449] High CVE-2020-6516: Policy bypass in CORS. Reported by Yongke Wang(@Rudykewang) and Aryb1n(@aryb1n) of Tencent Security Xuanwu Lab on 2020-06-08
• [1095560] High CVE-2020-6517: Heap buffer overflow in history. Reported by ZeKai Wu (@hellowuzekai) of Tencent Security Xuanwu Lab on 2020-06-16
• [986051] Medium CVE-2020-6518: Use after free in developer tools. Reported by David Erceg on 2019-07-20
• [1064676] Medium CVE-2020-6519: Policy bypass in CSP. Reported by Gal Weizman (@WeizmanGal) of PerimeterX on 2020-03-25
• [1092274] Medium CVE-2020-6520: Heap buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2020-06-08
• [1075734] Medium CVE-2020-6521: Side-channel information leakage in autofill. Reported by Xu Lin (University of Illinois at Chicago), Panagiotis Ilia (University of Illinois at Chicago), Jason Polakis (University of Illinois at Chicago) on 2020-04-27
• [1052093] Medium CVE-2020-6522: Inappropriate implementation in external protocol handlers. Reported by Eric Lawrence of Microsoft on 2020-02-13
• [1080481] Medium CVE-2020-6523: Out of bounds write in Skia. Reported by Liu Wei and Wu Zekai of Tencent Security Xuanwu Lab on 2020-05-08
• [1081722] Medium CVE-2020-6524: Heap buffer overflow in WebAudio. Reported by Sung Ta (@Mipu94) of SEFCOM Lab, Arizona State University on 2020-05-12
• [1091670] Medium CVE-2020-6525: Heap buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2020-06-05
• [1074340] Low CVE-2020-6526: Inappropriate implementation in iframe sandbox. Reported by Jonathan Kingston on 2020-04-24
• [992698] Low CVE-2020-6527: Insufficient policy enforcement in CSP. Reported by Zhong Zhaochen of andsecurity.cn on 2019-08-10
• [1063690] Low CVE-2020-6528: Incorrect security UI in basic auth. Reported by Rayyan Bijoora on 2020-03-22
• [978779] Low CVE-2020-6529: Inappropriate implementation in WebRTC. Reported by kaustubhvats7 on 2019-06-26
• [1016278] Low CVE-2020-6530: Out of bounds memory access in developer tools. Reported by myvyang on 2019-10-21
• [1042986] Low CVE-2020-6531: Side-channel information leakage in scroll to text. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-01-17
• [1069964] Low CVE-2020-6533: Type Confusion in V8. Reported by Avihay Cohen @ SeraphicAlgorithms on 2020-04-11
• [1072412] Low CVE-2020-6534: Heap buffer overflow in WebRTC. Reported by Anonymous on 2020-04-20
• [1073409] Low CVE-2020-6535: Insufficient data validation in WebUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-04-22
• [1080934] Low CVE-2020-6536: Incorrect security UI in PWAs. Reported by Zhiyang Zeng of Tencent security platform department on 2020-05-09

< 84.0.4147.89

Google Chrome Releases reports:

Four security issues were fixed, including:

• [1021723] Various fixes from internal audits, fuzzing and other initiatives

< 78.0.3904.97

Google Chrome Releases reports:

[594574] High CVE-2016-1646: Out-of-bounds read in V8.

[590284] High CVE-2016-1647: Use-after-free in Navigation.

[590455] High CVE-2016-1648: Use-after-free in Extensions.

[597518] CVE-2016-1650: Various fixes from internal audits, fuzzing and other initiatives.

Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch

< 49.0.2623.108

Google Chrome Releases reports:

[151008] High CVE-2013-0839: Use-after-free in canvas font handling. Credit to Atte Kettunen of OUSPG.

[170532] Medium CVE-2013-0840: Missing URL validation when opening new windows.

[169770] High CVE-2013-0841: Unchecked array index in content blocking. Credit to Google Chrome Security Team (Chris Evans).

[166867] Medium CVE-2013-0842: Problems with NULL characters embedded in paths. Credit to Google Chrome Security Team (Jüri Aedla).

< 24.0.1312.56

Chrome Releases reports:

This release contains 1 security fix:

• [1392715] High CVE-2022-4135: Heap buffer overflow in GPU. Reported by Clement Lecigne of Google's Threat Analysis Group on 2022-11-22

Google is aware that an exploit for CVE-2022-4135 exists in the wild.

< 107.0.5304.121

< 107.0.5304.121

Google Chrome Releases reports:

Several security fixes in this release, including:

• [780450] High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01
• [787103] High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-20
• [793620] High CVE-2018-6033: Race when opening downloaded files. Reported by Juho Nurminen on 2017-12-09
• [784183] Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12
• [797500] Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23
• [797500] Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23
• [753645] Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on 2017-08-09
• [774174] Medium CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer on 2017-10-12
• [775527] Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17
• [778658] Medium CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-26
• [760342] Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29
• [773930] Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12
• [785809] Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16
• [797497] Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23
• [798163] Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31
• [799847] Medium CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato Kinugawa on 2018-01-08
• [763194] Low CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-09-08
• [771848] Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@_aaspring_) on 2017-10-05
• [774438] Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-13
• [774842] Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15
• [441275] Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11
• [615608] Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28
• [758169] Low CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset Kabdenov on 2017-08-23
• [797511] Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24

< 64.0.3282.119

Google Chrome Releases reports:

21 security fixes in this release, including:

• [645211] High CVE-2016-5181: Universal XSS in Blink. Credit to Anonymous
• [638615] High CVE-2016-5182: Heap overflow in Blink. Credit to Giwan Go of STEALIEN
• [645122] High CVE-2016-5183: Use after free in PDFium. Credit to Anonymous
• [630654] High CVE-2016-5184: Use after free in PDFium. Credit to Anonymous
• [621360] High CVE-2016-5185: Use after free in Blink. Credit to cloudfuzzer
• [639702] High CVE-2016-5187: URL spoofing. Credit to Luan Herrera
• [565760] Medium CVE-2016-5188: UI spoofing. Credit to Luan Herrera
• [633885] Medium CVE-2016-5192: Cross-origin bypass in Blink. Credit to haojunhou@gmail.com
• [646278] Medium CVE-2016-5189: URL spoofing. Credit to xisigr of Tencent's Xuanwu Lab
• [644963] Medium CVE-2016-5186: Out of bounds read in DevTools. Credit to Abdulrahman Alqabandi (@qab)
• [639126] Medium CVE-2016-5191: Universal XSS in Bookmarks. Credit to Gareth Hughes
• [642067] Medium CVE-2016-5190: Use after free in Internals. Credit to Atte Kettunen of OUSPG
• [639658] Low CVE-2016-5193: Scheme bypass. Credit to Yuyang ZHOU (martinzhou96)
• [654782] CVE-2016-5194: Various fixes from internal audits, fuzzing and other initiatives

< 54.0.2840.59

Google Chrome releases reports:

3 security fixes in this release, including:

• [765433] High CVE-2017-5121: Out-of-bounds access in V8. Reported by Jordan Rabet, Microsoft Offensive Security Research and Microsoft ChakraCore team on 2017-09-14
• [752423] High CVE-2017-5122: Out-of-bounds access in V8. Reported by Choongwoo Han of Naver Corporation on 2017-08-04
• [767508] Various fixes from internal audits, fuzzing and other initiatives

< 61.0.3163.100

Google Chrome Releases reports:

1 security fix in this release:

• [679306] High CVE-2017-5068: Race condition in WebRTC. Credit to Philipp Hancke

< 58.0.3029.96

Google Chrome Releases reports:

[106413] High CVE-2011-3078: Use after free in floats handling. Credit to Google Chrome Security Team (Marty Barbella) and independent later discovery by miaubiz.

[117627] Medium CVE-2011-3079: IPC validation failure. Credit to PinkiePie.

[121726] Medium CVE-2011-3080: Race condition in sandbox IPC. Credit to Willem Pinckaers of Matasano.

[121899] High CVE-2011-3081: Use after free in floats handling. Credit to miaubiz.

[117110] High CVE-2012-1521: Use after free in xml parser. Credit to Google Chrome Security Team (SkyLined) and independent later discovery by wushi of team509 reported through iDefense VCP (V-874rcfpq7z).

< 18.0.1025.168

Google Chrome Releases reports:

10 security fixes in this release, including:

• [629542] High CVE-2016-5141 Address bar spoofing. Credit to anonymous
• [626948] High CVE-2016-5142 Use-after-free in Blink. Credit to anonymous
• [625541] High CVE-2016-5139 Heap overflow in pdfium. Credit to GiWan Go of Stealien
• [619405] High CVE-2016-5140 Heap overflow in pdfium. Credit to Ke Liu of Tencent's Xuanwu LAB
• [623406] Medium CVE-2016-5145 Same origin bypass for images in Blink. Credit to anonymous
• [619414] Medium CVE-2016-5143 Parameter sanitization failure in DevTools. Credit to Gregory Panakkal
• [618333] Medium CVE-2016-5144 Parameter sanitization failure in DevTools. Credit to Gregory Panakkal
• [633486] CVE-2016-5146: Various fixes from internal audits, fuzzing and other initiatives.

< 52.0.2743.116

Google Chrome Releases reports:

29 security fixes in this release, including:

• [695826] High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360
• [694382] High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani
• [684684] High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative
• [683314] Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng
• [672847] Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah)
• [702896] Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous
• [700836] Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip
• [693974] Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar
• [704560] Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani
• [690821] Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to Prof. Zhenhua Duan, Prof. Cong Tian, and Ph.D candidate Chu Chen (ICTT, Xidian University)
• [648117] Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani
• [691726] Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman
• [713205] Various fixes from internal audits, fuzzing and other initiatives

< 58.0.3029.81

Google Chrome Releases reports:

31 vulnerabilities fixed in this release, including:

• [354123] High CVE-2014-1716: UXSS in V8. Credit to Anonymous.
• [353004] High CVE-2014-1717: OOB access in V8. Credit to Anonymous.
• [348332] High CVE-2014-1718: Integer overflow in compositor. Credit to Aaron Staple.
• [343661] High CVE-2014-1719: Use-after-free in web workers. Credit to Collin Payne.
• [356095] High CVE-2014-1720: Use-after-free in DOM. Credit to cloudfuzzer.
• [350434] High CVE-2014-1721: Memory corruption in V8. Credit to Christian Holler.
• [330626] High CVE-2014-1722: Use-after-free in rendering. Credit to miaubiz.
• [337746] High CVE-2014-1723: Url confusion with RTL characters. Credit to George McBay.
• [327295] High CVE-2014-1724: Use-after-free in speech. Credit to Atte Kettunen of OUSPG.
• [357332] Medium CVE-2014-1725: OOB read with window property. Credit to Anonymous
• [346135] Medium CVE-2014-1726: Local cross-origin bypass. Credit to Jann Horn.
• [342735] Medium CVE-2014-1727: Use-after-free in forms. Credit to Khalil Zhani.
• [360298] CVE-2014-1728: Various fixes from internal audits, fuzzing and other initiatives.
• [345820, 347262, 348319, 350863, 352982, 355586, 358059] CVE-2014-1729: Multiple vulnerabilities in V8 fixed in version 3.24.35.22.

< 34.0.1847.116

Chrome Releases reports:

This release contains 27 security fixes, including:

• [1325699] High CVE-2022-2603: Use after free in Omnibox. Reported by Anonymous on 2022-05-16
• [1335316] High CVE-2022-2604: Use after free in Safe Browsing. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-06-10
• [1338470] High CVE-2022-2605: Out of bounds read in Dawn. Reported by Looben Yang on 2022-06-22
• [1330489] High CVE-2022-2606: Use after free in Managed devices API. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-05-31
• [1286203] High CVE-2022-2607: Use after free in Tab Strip. Reported by @ginggilBesel on 2022-01-11
• [1330775] High CVE-2022-2608: Use after free in Overview Mode. Reported by Khalil Zhani on 2022-06-01
• [1338560] High CVE-2022-2609: Use after free in Nearby Share. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-06-22
• [1278255] Medium CVE-2022-2610: Insufficient policy enforcement in Background Fetch. Reported by Maurice Dauer on 2021-12-09
• [1320538] Medium CVE-2022-2611: Inappropriate implementation in Fullscreen API. Reported by Irvan Kurniawan (sourc7) on 2022-04-28
• [1321350] Medium CVE-2022-2612: Side-channel information leakage in Keyboard input. Reported by Erik Kraft (erik.kraft5@gmx.at), Martin Schwarzl (martin.schwarzl@iaik.tugraz.at) on 2022-04-30
• [1325256] Medium CVE-2022-2613: Use after free in Input. Reported by Piotr Tworek (Vewd) on 2022-05-13
• [1341907] Medium CVE-2022-2614: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-07-05
• [1268580] Medium CVE-2022-2615: Insufficient policy enforcement in Cookies. Reported by Maurice Dauer on 2021-11-10
• [1302159] Medium CVE-2022-2616: Inappropriate implementation in Extensions API. Reported by Alesandro Ortiz on 2022-03-02
• [1292451] Medium CVE-2022-2617: Use after free in Extensions API. Reported by @ginggilBesel on 2022-01-31
• [1308422] Medium CVE-2022-2618: Insufficient validation of untrusted input in Internals. Reported by asnine on 2022-03-21
• [1332881] Medium CVE-2022-2619: Insufficient validation of untrusted input in Settings. Reported by Oliver Dunk on 2022-06-04
• [1337304] Medium CVE-2022-2620: Use after free in WebUI. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-06-17
• [1323449] Medium CVE-2022-2621: Use after free in Extensions. Reported by Huyna at Viettel Cyber Security on 2022-05-07
• [1332392] Medium CVE-2022-2622: Insufficient validation of untrusted input in Safe Browsing. Reported by Imre Rad (@ImreRad) and @j00sean on 2022-06-03
• [1337798] Medium CVE-2022-2623: Use after free in Offline. Reported by raven at KunLun lab on 2022-06-20
• [1339745] Medium CVE-2022-2624: Heap buffer overflow in PDF. Reported by YU-CHANG CHEN and CHIH-YEN CHANG, working with DEVCORE Internship Program on 2022-06-27

< 104.0.5112.79

Chrome Releases reports:

This release contains 8 security fixes, including:

• [1259864] High CVE-2021-37997 : Use after free in Sign-In. Reported by Wei Yuan of MoyunSec VLab on 2021-10-14
• [1259587] High CVE-2021-37998 : Use after free in Garbage Collection. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-10-13
• [1251541] High CVE-2021-37999 : Insufficient data validation in New Tab Page. Reported by Ashish Arun Dhone on 2021-09-21
• [1249962] High CVE-2021-38000 : Insufficient validation of untrusted input in Intents. Reported by Clement Lecigne, Neel Mehta, and Maddie Stone of Google Threat Analysis Group on 2021-09-15
• [1260577] High CVE-2021-38001 : Type Confusion in V8. Reported by @s0rrymybad of Kunlun Lab via Tianfu Cup on 2021-10-16
• [1260940] High CVE-2021-38002 : Use after free in Web Transport. Reported by @__R0ng of 360 Alpha Lab, ? via Tianfu Cup on 2021-10-16
• [1263462] High CVE-2021-38003 : Inappropriate implementation in V8. Reported by Clément Lecigne from Google TAG and Samuel Gross from Google Project Zero on 2021-10-26

Google is aware that exploits for CVE-2021-38000 and CVE-2021-38003 exist in the wild.

< 95.0.4638.69

Google Chrome Releases reports:

[105867] High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit to Chamal de Silva.

[108037] High CVE-2011-3032: Use-after-free in SVG value handling. Credit to Arthur Gerkis.

[108406] [115471] High CVE-2011-3033: Buffer overflow in the Skia drawing library. Credit to Aki Helin of OUSPG.

[111748] High CVE-2011-3034: Use-after-free in SVG document handling. Credit to Arthur Gerkis.

[112212] High CVE-2011-3035: Use-after-free in SVG use handling. Credit to Arthur Gerkis.

[113258] High CVE-2011-3036: Bad cast in line box handling. Credit to miaubiz.

[113439] [114924] [115028] High CVE-2011-3037: Bad casts in anonymous block splitting. Credit to miaubiz.

[113497] High CVE-2011-3038: Use-after-free in multi-column handling. Credit to miaubiz.

[113707] High CVE-2011-3039: Use-after-free in quote handling. Credit to miaubiz.

[114054] High CVE-2011-3040: Out-of-bounds read in text handling. Credit to miaubiz.

[114068] High CVE-2011-3041: Use-after-free in class attribute handling. Credit to miaubiz.

[114219] High CVE-2011-3042: Use-after-free in table section handling. Credit to miaubiz.

[115681] High CVE-2011-3043: Use-after-free in flexbox with floats. Credit to miaubiz.

[116093] High CVE-2011-3044: Use-after-free with SVG animation elements. Credit to Arthur Gerkis.

< 17.0.963.65

Chrome Releases reports:

This update contains 8 security fixes, including:

• [1105318] High CVE-2020-6537: Type Confusion in V8. Reported by Alphalaab on 2020-07-14
• [1096677] High CVE-2020-6538: Inappropriate implementation in WebView. Reported by Yongke Wang(@Rudykewang) and Aryb1n(@aryb1n) of Tencent Security Xuanwu Lab on 2020-06-18
• [1104061] High CVE-2020-6532: Use after free in SCTP. Reported by Anonymous on 2020-07-09
• [1105635] High CVE-2020-6539: Use after free in CSS. Reported by Oriol Brufau on 2020-07-14
• [1105720] High CVE-2020-6540: Heap buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2020-07-15
• [1106773] High CVE-2020-6541: Use after free in WebUSB. Reported by Sergei Glazunov of Google Project Zero on 2020-07-17

< 84.0.4147.105

Google Chrome Releases reports:

3 security fixes in this release, including:

• [642496] High CVE-2016-5177: Use after free in V8. Credit to Anonymous
• [651092] CVE-2016-5178: Various fixes from internal audits, fuzzing and other initiatives.

< 53.0.2785.143

Google Chrome Releases reports:

This update contains 8 security fixes.

• [1062247] High CVE-2020-6450: Use after free in WebAudio. Reported by Man Yue Mo of Semmle Security Research Team on 2020-03-17
• [1061018] High CVE-2020-6451: Use after free in WebAudio. Reported by Man Yue Mo of Semmle Security Research Team on 2020-03-12
• [1059764] High CVE-2020-6452: Heap buffer overflow in media Reported by asnine on 2020-03-09
• [1066247] Various fixes from internal audits, fuzzing and other initiatives.

< 80.0.3987.162

Google Chrome Releases reports:

43 security fixes in this release, including:

• [446032] High CVE-2015-1271: Heap-buffer-overflow in pdfium. Credit to cloudfuzzer.
• [459215] High CVE-2015-1273: Heap-buffer-overflow in pdfium. Credit to makosoft.
• [461858] High CVE-2015-1274: Settings allowed executable files to run immediately after download. Credit to andrewm.bpi.
• [462843] High CVE-2015-1275: UXSS in Chrome for Android. Credit to WangTao(neobyte) of Baidu X-Team.
• [472614] High CVE-2015-1276: Use-after-free in IndexedDB. Credit to Collin Payne.
• [483981] High CVE-2015-1279: Heap-buffer-overflow in pdfium. Credit to mlafon.
• [486947] High CVE-2015-1280: Memory corruption in skia. Credit to cloudfuzzer.
• [487155] High CVE-2015-1281: CSP bypass. Credit to Masato Kinugawa.
• [487928] High CVE-2015-1282: Use-after-free in pdfium. Credit to Chamal de Silva.
• [492052] High CVE-2015-1283: Heap-buffer-overflow in expat. Credit to sidhpurwala.huzaifa.
• [493243] High CVE-2015-1284: Use-after-free in blink. Credit to Atte Kettunen of OUSPG.
• [504011] High CVE-2015-1286: UXSS in blink. Credit to anonymous.
• [505374] High CVE-2015-1290: Memory corruption in V8. Credit to Yongjun Liu of NSFOCUS Security Team.
• [419383] Medium CVE-2015-1287: SOP bypass with CSS. Credit to filedescriptor.
• [444573] Medium CVE-2015-1270: Uninitialized memory read in ICU. Credit to Atte Kettunen of OUSPG.
• [451456] Medium CVE-2015-1272: Use-after-free related to unexpected GPU process termination. Credit to Chamal de Silva.
• [479743] Medium CVE-2015-1277: Use-after-free in accessibility. Credit to SkyLined.
• [482380] Medium CVE-2015-1278: URL spoofing using pdf files. Credit to Chamal de Silva.
• [498982] Medium CVE-2015-1285: Information leak in XSS auditor. Credit to gazheyes.
• [479162] Low CVE-2015-1288: Spell checking dictionaries fetched over HTTP. Credit to mike@michaelruddy.com.
• [512110] CVE-2015-1289: Various fixes from internal audits, fuzzing and other initiatives.

< 44.0.2403.89

< 44.0.2403.89

< 44.0.2403.89

Google Chrome Releases reports:

28 security fixes in this release, including:

• [334897] High CVE-2013-6652: Issue with relative paths in Windows sandbox named pipe policy. Credit to tyranid.
• [331790] High CVE-2013-6653: Use-after-free related to web contents. Credit to Khalil Zhani.
• [333176] High CVE-2013-6654: Bad cast in SVG. Credit to TheShow3511.
• [293534] High CVE-2013-6655: Use-after-free in layout. Credit to cloudfuzzer.
• [331725] High CVE-2013-6656: Information leak in XSS auditor. Credit to NeexEmil.
• [331060] Medium CVE-2013-6657: Information leak in XSS auditor. Credit to NeexEmil.
• [322891] Medium CVE-2013-6658: Use-after-free in layout. Credit to cloudfuzzer.
• [306959] Medium CVE-2013-6659: Issue with certificates validation in TLS handshake. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco, Inria Paris.
• [332579] Low CVE-2013-6660: Information leak in drag and drop. Credit to bishopjeffreys.
• [344876] Low-High CVE-2013-6661: Various fixes from internal audits, fuzzing and other initiatives. Of these, seven are fixes for issues that could have allowed for sandbox escapes from compromised renderers.

< 33.0.1750.117

Chrome Releases reports:

This release contains 37 security fixes, including:

• [$TBD][1275020] Critical CVE-2022-0096: Use after free in Storage. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-11-30
• [1117173] High CVE-2022-0097: Inappropriate implementation in DevTools. Reported by David Erceg on 2020-08-17
• [1273609] High CVE-2022-0098: Use after free in Screen Capture. Reported by @ginggilBesel on 2021-11-24
• [1245629] High CVE-2022-0099: Use after free in Sign-in. Reported by Rox on 2021-09-01
• [1238209] High CVE-2022-0100: Heap buffer overflow in Media streams API. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-08-10
• [1249426] High CVE-2022-0101: Heap buffer overflow in Bookmarks. Reported by raven (@raid_akame) on 2021-09-14
• [1260129] High CVE-2022-0102: Type Confusion in V8 . Reported by Brendon Tiszka on 2021-10-14
• [1272266] High CVE-2022-0103: Use after free in SwiftShader. Reported by Abraruddin Khan and Omair on 2021-11-21
• [1273661] High CVE-2022-0104: Heap buffer overflow in ANGLE. Reported by Abraruddin Khan and Omair on 2021-11-25
• [1274376] High CVE-2022-0105: Use after free in PDF. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-11-28
• [1278960] High CVE-2022-0106: Use after free in Autofill. Reported by Khalil Zhani on 2021-12-10
• [1248438] Medium CVE-2022-0107: Use after free in File Manager API. Reported by raven (@raid_akame) on 2021-09-10
• [1248444] Medium CVE-2022-0108: Inappropriate implementation in Navigation. Reported by Luan Herrera (@lbherrera_) on 2021-09-10
• [1261689] Medium CVE-2022-0109: Inappropriate implementation in Autofill. Reported by Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University on 2021-10-20
• [1237310] Medium CVE-2022-0110: Incorrect security UI in Autofill. Reported by Alesandro Ortiz on 2021-08-06
• [1241188] Medium CVE-2022-0111: Inappropriate implementation in Navigation. Reported by garygreen on 2021-08-18
• [1255713] Medium CVE-2022-0112: Incorrect security UI in Browser UI. Reported by Thomas Orlita on 2021-10-04
• [1039885] Medium CVE-2022-0113: Inappropriate implementation in Blink. Reported by Luan Herrera (@lbherrera_) on 2020-01-07
• [1267627] Medium CVE-2022-0114: Out of bounds memory access in Web Serial. Reported by Looben Yang on 2021-11-06
• [1268903] Medium CVE-2022-0115: Uninitialized Use in File API. Reported by Mark Brand of Google Project Zero on 2021-11-10
• [1272250] Medium CVE-2022-0116: Inappropriate implementation in Compositing. Reported by Irvan Kurniawan (sourc7) on 2021-11-20
• [1115847] Low CVE-2022-0117: Policy bypass in Service Workers. Reported by Dongsung Kim (@kid1ng) on 2020-08-13
• [1238631] Low CVE-2022-0118: Inappropriate implementation in WebShare. Reported by Alesandro Ortiz on 2021-08-11
• [1262953] Low CVE-2022-0120: Inappropriate implementation in Passwords. Reported by CHAKRAVARTHI (Ruler96) on 2021-10-25

< 97.0.4692.71

Chrome Releases reports:

This release contains 9 security fixes, including:

• [1199345] High CVE-2021-21227: Insufficient data validation in V8. Reported by Gengming Liu of Singular Security Lab on 2021-04-15
• [1175058] High CVE-2021-21232: Use after free in Dev Tools. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-02-05
• [1182937] High CVE-2021-21233: Heap buffer overflow in ANGLE. Reported by Omair on 2021-02-26
• [1139156] Medium CVE-2021-21228: Insufficient policy enforcement in extensions. Reported by Rob Wu on 2020-10-16
• [$TBD][1198165] Medium CVE-2021-21229: Incorrect security UI in downloads. Reported by Mohit Raj (shadow2639) on 2021-04-12
• [1198705] Medium CVE-2021-21230: Type Confusion in V8. Reported by Manfred Paul on 2021-04-13
• [1198696] Low CVE-2021-21231: Insufficient data validation in V8. Reported by Sergei Glazunov of Google Project Zero on 2021-04-13

< 90.0.4430.93

Chrome Releases reports:

This release contains 2 security fixes, including:

• [1315901] High CVE-2022-1364: Type Confusion in V8. Reported by Clément Lecigne of Google's Threat Analysis Group on 2022-0-13

< 100.0.4896.127

Chrome Releases reports:

This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers.

• [1082105] High CVE-2020-6493: Use after free in WebAuthentication. Reported by Anonymous on 2020-05-13
• [1083972] High CVE-2020-6494: Incorrect security UI in payments. Reported by Juho Nurminen on 2020-05-18
• [1072116] High CVE-2020-6495: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-04-18
• [1085990] High CVE-2020-6496: Use after free in payments. Reported by Khalil Zhani on 2020-05-24

< 83.0.4103.97

Google Chrome Releases reports:

4 security fixes in this release, including:

• [643948] High CVE-2016-5199: Heap corruption in FFmpeg. Credit to Paul Mehta
• [658114] High CVE-2016-5200: Out of bounds memory access in V8. Credit to Choongwoo Han
• [660678] Medium CVE-2016-5201: Info leak in extensions. Credit to Rob Wu
• [662843] CVE-2016-5202: Various fixes from internal audits, fuzzing and other initiatives

< 54.0.2840.100

Google Chrome Releases reports:

36 security fixes in this release

Please reference CVE/URL list for details

< 57.0.2987.98

Google Chrome Releases reports:

35 security fixes in this release, including:

• [762930] High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07
• [749147] High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26
• [760455] High CVE-2017-5126: Use after free in PDFium. Reported by Luat Nguyen on KeenLab, Tencent on 2017-08-30
• [765384] High CVE-2017-5127: Use after free in PDFium. Reported by Luat Nguyen on KeenLab, Tencent on 2017-09-14
• [765469] High CVE-2017-5128: Heap overflow in WebGL. Reported by Omair on 2017-09-14
• [765495] High CVE-2017-5129: Use after free in WebAudio. Reported by Omair on 2017-09-15
• [718858] High CVE-2017-5132: Incorrect stack manipulation in WebAssembly. Reported by Gaurav Dewan of Adobe Systems India Pvt. Ltd. on 2017-05-05
• [722079] High CVE-2017-5130: Heap overflow in libxml2. Reported by Pranjal Jumde on 2017-05-14
• [744109] Medium CVE-2017-5131: Out of bounds write in Skia. Reported by Anonymous on 2017-07-16
• [762106] Medium CVE-2017-5133: Out of bounds write in Skia. Reported by Aleksandar Nikolic of Cisco Talos on 2017-09-05
• [752003] Medium CVE-2017-15386: UI spoofing in Blink. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-08-03
• [756040] Medium CVE-2017-15387: Content security bypass. Reported by Jun Kokatsu on 2017-08-16
• [756563] Medium CVE-2017-15388: Out of bounds read in Skia. Reported by Kushal Arvind Shah of Fortinet's FortiGuard Labs on 2017-08-17
• [739621] Medium CVE-2017-15389: URL spoofing in Omnibox. Reported by xisigr of Tencent's Xuanwu Lab on 2017-07-06
• [750239] Medium CVE-2017-15390: URL spoofing in Omnibox. Reported by Haosheng Wang on 2017-07-28
• [598265] Low CVE-2017-15391: Extension limitation bypass in Extensions. Reported by Joao Lucas Melo Brasio on 2016-03-28
• [714401] Low CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. Reported by Xiaoyin Liu on 2017-04-22
• [732751] Low CVE-2017-15393: Referrer leak in Devtools. Reported by Svyat Mitin on 2017-06-13
• [745580] Low CVE-2017-15394: URL spoofing in extensions UI. Reported by Sam on 2017-07-18
• [759457] Low CVE-2017-15395: Null pointer dereference in ImageCapture. Reported by Johannes Bergman on 2017-08-28
• [775550] Various fixes from internal audits, fuzzing and other initiatives

< 62.0.3202.62

Chrome Releases reports:

11 security fixes in this release, including:

• [447906] High CVE-2015-1209: Use-after-free in DOM. Credit to Maksymillian.
• [453979] High CVE-2015-1210: Cross-origin-bypass in V8 bindings. Credit to anonymous.
• [453982] High CVE-2015-1211: Privilege escalation using service workers. Credit to anonymous.
• [455225] CVE-2015-1212: Various fixes from internal audits, fuzzing and other initiatives.

< 40.0.2214.111

< 40.0.2214.111

Google Chrome Releases reports:

New vulnerabilities after the Pwn2Own competition:

• [352369] Code execution outside sandbox. Credit to VUPEN.
  • [352374] High CVE-2014-1713: Use-after-free in Blink bindings
  • [352395] High CVE-2014-1714: Windows clipboard vulnerability
• [352420] Code execution outside sandbox. Credit to Anonymous.
  • [351787] High CVE-2014-1705: Memory corruption in V8
  • [352429] High CVE-2014-1715: Directory traversal issue

< 33.0.1750.152

Chrome Releases reports:

This release contains 27 security fixes, including:

• [1233975] High CVE-2021-30606: Use after free in Blink. Reported by Nan Wang (@eternalsakura13) and koocola (@alo_cook) of 360 Alpha Lab on 2021-07-28
• [1235949] High CVE-2021-30607: Use after free in Permissions. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-08-03
• [1219870] High CVE-2021-30608: Use after free in Web Share. Reported by Huyna at Viettel Cyber Security on 2021-06-15
• [1239595] High CVE-2021-30609: Use after free in Sign-In. Reported by raven (@raid_akame) on 2021-08-13
• [1200440] High CVE-2021-30610: Use after free in Extensions API. Reported by Igor Bukanov from Vivaldi on 2021-04-19
• [1233942] Medium CVE-2021-30611: Use after free in WebRTC. Reported by Nan Wang (@eternalsakura13) and koocola (@alo_cook) of 360 Alpha Lab on 2021-07-28
• [1234284] Medium CVE-2021-30612: Use after free in WebRTC. Reported by Nan Wang (@eternalsakura13) and koocola (@alo_cook) of 360 Alpha Lab on 2021-07-29
• [1209622] Medium CVE-2021-30613: Use after free in Base internals. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-16
• [1207315] Medium CVE-2021-30614: Heap buffer overflow in TabStrip. Reported by Huinian Yang (@vmth6) of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-05-10
• [1208614] Medium CVE-2021-30615: Cross-origin data leak in Navigation. Reported by NDevTK on 2021-05-12
• [1231432] Medium CVE-2021-30616: Use after free in Media. Reported by Anonymous on 2021-07-21
• [1226909] Medium CVE-2021-30617: Policy bypass in Blink. Reported by NDevTK on 2021-07-07
• [1232279] Medium CVE-2021-30618: Inappropriate implementation in DevTools. Reported by @DanAmodio and @mattaustin from Contrast Security on 2021-07-23
• [1235222] Medium CVE-2021-30619: UI Spoofing in Autofill. Reported by Alesandro Ortiz on 2021-08-02
• [1063518] Medium CVE-2021-30620: Insufficient policy enforcement in Blink. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-03-20
• [1204722] Medium CVE-2021-30621: UI Spoofing in Autofill. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-04-30
• [1224419] Medium CVE-2021-30622: Use after free in WebApp Installs. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2021-06-28
• [1223667] Low CVE-2021-30623: Use after free in Bookmarks. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-06-25
• [1230513] Low CVE-2021-30624: Use after free in Autofill. Reported by Wei Yuan of MoyunSec VLab on 2021-07-19

< 93.0.4577.63

Google Chrome Releases reports:

29 security fixes in this release, including:

• [516377] High CVE-2015-1291: Cross-origin bypass in DOM. Credit to anonymous.
• [522791] High CVE-2015-1292: Cross-origin bypass in ServiceWorker. Credit to Mariusz Mlynski.
• [524074] High CVE-2015-1293: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
• [492263] High CVE-2015-1294: Use-after-free in Skia. Credit to cloudfuzzer.
• [502562] High CVE-2015-1295: Use-after-free in Printing. Credit to anonymous.
• [421332] High CVE-2015-1296: Character spoofing in omnibox. Credit to zcorpan.
• [510802] Medium CVE-2015-1297: Permission scoping error in Webrequest. Credit to Alexander Kashev.
• [518827] Medium CVE-2015-1298: URL validation error in extensions. Credit to Rob Wu.
• [416362] Medium CVE-2015-1299: Use-after-free in Blink. Credit to taro.suzuki.dev.
• [511616] Medium CVE-2015-1300: Information leak in Blink. Credit to cgvwzq.
• [526825] CVE-2015-1301: Various fixes from internal audits, fuzzing and other initiatives.

< 45.0.2454.85

< 45.0.2454.85

< 45.0.2454.85

Google Chrome Releases reports:

37 security fixes in this release, including:

• [474029] High CVE-2015-1252: Sandbox escape in Chrome. Credit to anonymous.
• [464552] High CVE-2015-1253: Cross-origin bypass in DOM. Credit to anonymous.
• [444927] High CVE-2015-1254: Cross-origin bypass in Editing. Credit to armin@rawsec.net.
• [473253] High CVE-2015-1255: Use-after-free in WebAudio. Credit to Khalil Zhani.
• [478549] High CVE-2015-1256: Use-after-free in SVG. Credit to Atte Kettunen of OUSPG.
• [481015] High CVE-2015-1251: Use-after-free in Speech. Credit to SkyLined working with HP's Zero Day Initiative.
• [468519] Medium CVE-2015-1257: Container-overflow in SVG. Credit to miaubiz.
• [450939] Medium CVE-2015-1258: Negative-size parameter in libvpx. Credit to cloudfuzzer
• [468167] Medium CVE-2015-1259: Uninitialized value in PDFium. Credit to Atte Kettunen of OUSPG
• [474370] Medium CVE-2015-1260: Use-after-free in WebRTC. Credit to Khalil Zhani.
• [466351] Medium CVE-2015-1261: URL bar spoofing. Credit to Juho Nurminen.
• [476647] Medium CVE-2015-1262: Uninitialized value in Blink. Credit to miaubiz.
• [479162] Low CVE-2015-1263: Insecure download of spellcheck dictionary. Credit to Mike Ruddy.
• [481015] Low CVE-2015-1264: Cross-site scripting in bookmarks. Credit to K0r3Ph1L.
• [489518] CVE-2015-1265: Various fixes from internal audits, fuzzing and other initiatives.
• Multiple vulnerabilities in V8 fixed at the tip of the 4.3 branch (currently 4.3.61.21).

< 43.0.2357.65

< 43.0.2357.65

< 43.0.2357.65

Google Chrome Releases reports:

[117620] [117656] Critical CVE-2011-3047: Errant plug-in load and GPU process memory corruption. Credit to PinkiePie.

< 17.0.963.79

Chrome Releases reports:

This release contains 28 security fixes, including:

• [1292261] High CVE-2022-1125: Use after free in Portals. Reported by Khalil Zhani on 2022-01-29
• [1291891] High CVE-2022-1127: Use after free in QR Code Generator. Reported by anonymous on 2022-01-28
• [1301920] High CVE-2022-1128: Inappropriate implementation in Web Share API. Reported by Abdel Adim (@smaury92) Oisfi of Shielder on 2022-03-01
• [1300253] High CVE-2022-1129: Inappropriate implementation in Full Screen Mode. Reported by Irvan Kurniawan (sourc7) on 2022-02-24
• [1142269] High CVE-2022-1130: Insufficient validation of untrusted input in WebOTP. Reported by Sergey Toshin of Oversecurity Inc. on 2020-10-25
• [1297404] High CVE-2022-1131: Use after free in Cast UI. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2022-02-15
• [1303410] High CVE-2022-1132: Inappropriate implementation in Virtual Keyboard. Reported by Andr.Ess on 2022-03-07
• [1305776] High CVE-2022-1133: Use after free in WebRTC. Reported by Anonymous on 2022-03-13
• [1308360] High CVE-2022-1134: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2022-03-21
• [1285601] Medium CVE-2022-1135: Use after free in Shopping Cart. Reported by Wei Yuan of MoyunSec VLab on 2022-01-09
• [1280205] Medium CVE-2022-1136: Use after free in Tab Strip. Reported by Krace on 2021-12-15
• [1289846] Medium CVE-2022-1137: Inappropriate implementation in Extensions. Reported by Thomas Orlita on 2022-01-22
• [1246188] Medium CVE-2022-1138: Inappropriate implementation in Web Cursor. Reported by Alesandro Ortiz on 2021-09-03
• [1268541] Medium CVE-2022-1139: Inappropriate implementation in Background Fetch API. Reported by Maurice Dauer on 2021-11-10
• [1303253] Medium CVE-2022-1141: Use after free in File Manager. Reported by raven at KunLun lab on 2022-03-05
• [1303613] Medium CVE-2022-1142: Heap buffer overflow in WebUI. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-03-07
• [1303615] Medium CVE-2022-1143: Heap buffer overflow in WebUI. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-03-07
• [1304145] Medium CVE-2022-1144: Use after free in WebUI. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2022-03-08
• [1304545] Medium CVE-2022-1145: Use after free in Extensions. Reported by Yakun Zhang of Baidu Security on 2022-03-09
• [1290150] Low CVE-2022-1146: Inappropriate implementation in Resource Timing. Reported by Sohom Datta on 2022-01-23

< 100.0.4896.60

Google Chrome Releases reports:

1 security fix in this release:

• [806388] High CVE-2018-6056: Incorrect derived class instantiation in V8. Reported by lokihardt of Google Project Zero on 2018-01-26

< 64.0.3282.167

Chrome Releases reports:

This release contains 13 security fixes, including:

• [1316990] High CVE-2022-1633: Use after free in Sharesheet. Reported by Khalil Zhani on 2022-04-18
• [1314908] High CVE-2022-1634: Use after free in Browser UI. Reported by Khalil Zhani on 2022-04-09
• [1319797] High CVE-2022-1635: Use after free in Permission Prompts. Reported by Anonymous on 2022-04-26
• [1297283] High CVE-2022-1636: Use after free in Performance APIs. Reported by Seth Brenith, Microsoft on 2022-02-15
• [1311820] High CVE-2022-1637: Inappropriate implementation in Web Contents. Reported by Alesandro Ortiz on 2022-03-31
• [1316946] High CVE-2022-1638: Heap buffer overflow in V8 Internationalization. Reported by DoHyun Lee (@l33d0hyun) of DNSLab, Korea University on 2022-04-17
• [1317650] High CVE-2022-1639: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-04-19
• [1320592] High CVE-2022-1640: Use after free in Sharing. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-28
• [1305068] Medium CVE-2022-1641: Use after free in Web UI Diagnostics. Reported by Rong Jian of VRI on 2022-03-10

< 101.0.4951.64

Google Chrome Releases reports:

25 security fixes in this release, including:

• [181617] High CVE-2013-2900: Incomplete path sanitization in file handling. Credit to Krystian Bigaj.
• [254159] Low CVE-2013-2905: Information leak via overly broad permissions on shared memory files. Credit to Christian Jaeger.
• [257363] High CVE-2013-2901: Integer overflow in ANGLE. Credit to Alex Chapman.
• [260105] High CVE-2013-2902: Use after free in XSLT. Credit to cloudfuzzer.
• [260156] High CVE-2013-2903: Use after free in media element. Credit to cloudfuzzer.
• [260428] High CVE-2013-2904: Use after free in document parsing. Credit to cloudfuzzer.
• [274602] CVE-2013-2887: Various fixes from internal audits, fuzzing and other initiatives (Chrome 29).

< 29.0.1547.57

Google Chrome Releases reports:

[659475] High CVE-2016-5198: Out of bounds memory access in V8. Credit to Tencent Keen Security Lab, working with Trend Micro's Zero Day Initiative.

< 54.0.2840.90

Chrome Releases reports:

This release includes 4 security fixes, including:

• [1219857] High CVE-2021-30554: Use after free in WebGL. Reported by anonymous on 2021-06-15
• [1215029] High CVE-2021-30555: Use after free in Sharing. Reported by David Erceg on 2021-06-01
• [1212599] High CVE-2021-30556: Use after free in WebAudio. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-24
• [1202102] High CVE-2021-30557: Use after free in TabGroups. Reported by David Erceg on 2021-04-23

< 91.0.4472.114

Chrome Releases reports:

This release contains 14 security fixes, including:

• [1335458] Critical CVE-2022-2156: Use after free in Base. Reported by Mark Brand of Google Project Zero on 2022-06-11
• [1327312] High CVE-2022-2157: Use after free in Interest groups. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-05-19
• [1321078] High CVE-2022-2158: Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2022-04-29
• [1116450] Medium CVE-2022-2160: Insufficient policy enforcement in DevTools. Reported by David Erceg on 2020-08-14
• [1330289] Medium CVE-2022-2161: Use after free in WebApp Provider. Reported by Zhihua Yao of KunLun Lab on 2022-05-30
• [1307930] Medium CVE-2022-2162: Insufficient policy enforcement in File System API. Reported by Abdelhamid Naceri (halov) on 2022-03-19
• [1308341] Low CVE-2022-2163: Use after free in Cast UI and Toolbar. Reported by Chaoyuan Peng (@ret2happy) on 2022-03-21
• [1268445] Low CVE-2022-2164: Inappropriate implementation in Extensions API. Reported by José Miguel Moreno Computer Security Lab (COSEC) at UC3M on 2021-11-10
• [1250993] Low CVE-2022-2165: Insufficient data validation in URL formatting. Reported by Rayyan Bijoora on 2021-09-19

< 103.0.5060.53

Google Chrome Releases reports:

19 vulnerabilities fixed in this release, including:

• [344492] High CVE-2013-6663: Use-after-free in svg images. Credit to Atte Kettunen of OUSPG.
• [326854] High CVE-2013-6664: Use-after-free in speech recognition. Credit to Khalil Zhani.
• [337882] High CVE-2013-6665: Heap buffer overflow in software rendering. Credit to cloudfuzzer.
• [332023] Medium CVE-2013-6666: Chrome allows requests in flash header request. Credit to netfuzzerr.
• [348175] CVE-2013-6667: Various fixes from internal audits, fuzzing and other initiatives.
• [343964, 344186, 347909] CVE-2013-6668: Multiple vulnerabilities in V8 fixed in version 3.24.35.10.

< 33.0.1750.146

Chrome Releases reports:

This release contains 14 security fixes, including:

• [1369871] High CVE-2022-3652: Type Confusion in V8. Reported by srodulv and ZNMchtss at S.S.L Team on 2022-09-30
• [1354271] High CVE-2022-3653: Heap buffer overflow in Vulkan. Reported by SeongHwan Park (SeHwa) on 2022-08-19
• [1365330] High CVE-2022-3654: Use after free in Layout. Reported by Sergei Glazunov of Google Project Zero on 2022-09-19
• [1343384] Medium CVE-2022-3655: Heap buffer overflow in Media Galleries. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-07-11
• [1345275] Medium CVE-2022-3656: Insufficient data validation in File System. Reported by Ron Masas, Imperva on 2022-07-18
• [1351177] Medium CVE-2022-3657: Use after free in Extensions. Reported by Omri Bushari, Talon Cyber Security on 2022-08-09
• [1352817] Medium CVE-2022-3658: Use after free in Feedback service on Chrome OS. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-08-14
• [1355560] Medium CVE-2022-3659: Use after free in Accessibility. Reported by @ginggilBesel on 2022-08-23
• [1327505] Medium CVE-2022-3660: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2022-05-20
• [1350111] Low CVE-2022-3661: Insufficient data validation in Extensions. Reported by Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University on 2022-08-04

< 107.0.5304.68

< 107.0.5304.68

Google Chrome Releases reports:

45 new security fixes, including:

• [456518] High CVE-2015-1235: Cross-origin-bypass in HTML parser. Credit to anonymous.
• [313939] Medium CVE-2015-1236: Cross-origin-bypass in Blink. Credit to Amitay Dobo.
• [461191] High CVE-2015-1237: Use-after-free in IPC. Credit to Khalil Zhani.
• [445808] High CVE-2015-1238: Out-of-bounds write in Skia. Credit to cloudfuzzer.
• [463599] Medium CVE-2015-1240: Out-of-bounds read in WebGL. Credit to w3bd3vil.
• [418402] Medium CVE-2015-1241: Tap-Jacking. Credit to Phillip Moon and Matt Weston of Sandfield Information Systems.
• [460917] High CVE-2015-1242: Type confusion in V8. Credit to fcole@onshape.com.
• [455215] Medium CVE-2015-1244: HSTS bypass in WebSockets. Credit to Mike Ruddy.
• [444957] Medium CVE-2015-1245: Use-after-free in PDFium. Credit to Khalil Zhani.
• [437399] Medium CVE-2015-1246: Out-of-bounds read in Blink. Credit to Atte Kettunen of OUSPG.
• [429838] Medium CVE-2015-1247: Scheme issues in OpenSearch. Credit to Jann Horn.
• [380663] Medium CVE-2015-1248: SafeBrowsing bypass. Credit to Vittorio Gambaletta (VittGam).
• [476786] CVE-2015-1249: Various fixes from internal audits, fuzzing and other initiatives. Multiple vulnerabilities in V8 fixed at the tip of the 4.2 branch (currently 4.2.77.14).

< 42.0.2311.90

< 42.0.2311.90

< 42.0.2311.90

Chrome Releases reports:

This release contains 11 security fixes, including:

• [1285234] High CVE-2022-1305: Use after free in storage. Reported by Anonymous on 2022-01-07
• [1299287] High CVE-2022-1306: Inappropriate implementation in compositing. Reported by Sven Dysthe on 2022-02-21
• [1301873] High CVE-2022-1307: Inappropriate implementation in full screen. Reported by Irvan Kurniawan (sourc7) on 2022-03-01
• [1283050] High CVE-2022-1308: Use after free in BFCache. Reported by Samet Bekmezci (@sametbekmezci) on 2021-12-28
• [1106456] High CVE-2022-1309: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-07-17
• [1307610] High CVE-2022-1310: Use after free in regular expressions. Reported by Brendon Tiszka on 2022-03-18
• [1310717] High CVE-2022-1311: Use after free in Chrome OS shell. Reported by Nan Wang (@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-03-28
• [1311701] High CVE-2022-1312: Use after free in storage. Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2022-03-30
• [1270539] Medium CVE-2022-1313: Use after free in tab groups. Reported by Thomas Orlita on 2021-11-16
• [1304658] Medium CVE-2022-1314: Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2022-03-09

< 100.0.4896.88

Chrome Releases reports:

This release includes 11 security fixes, including:

• [1358381] High CVE-2022-3195: Out of bounds write in Storage. Reported by Ziling Chen and Nan Wang (@eternalsakura13) of 360 Vulnerability Research Institute on 2022-08-31
• [1358090] High CVE-2022-3196: Use after free in PDF. Reported by triplepwns on 2022-08-30
• [1358075] High CVE-2022-3197: Use after free in PDF. Reported by triplepwns on 2022-08-30
• [1355682] High CVE-2022-3198: Use after free in PDF. Reported by MerdroidSG on 2022-08-23
• [1355237] High CVE-2022-3199: Use after free in Frames. Reported by Anonymous on 2022-08-22
• [1355103] High CVE-2022-3200: Heap buffer overflow in Internals. Reported by Richard Lorenz, SAP on 2022-08-22
• [1343104] High CVE-2022-3201: Insufficient validation of untrusted input in DevTools. Reported by NDevTK on 2022-07-09

< 105.0.5195.125

Chrome Releases reports:

][1251727] High CVE-2021-37973 : Use after free in Portals. Reported by Clement Lecigne from Google TAG, with technical assistance from Sergei Glazunov and Mark Brand from Google Project Zero on 2021-09-21

Google is aware that an exploit for CVE-2021-37973 exists in the wild.

< 94.0.4606.61

Chrome Releases reports:

This release includes 5 security fixes, including:

• [1167357] High CVE-2021-21191: Use after free in WebRTC. Reported by raven (@raid_akame) on 2021-01-15
• [1181387] High CVE-2021-21192: Heap buffer overflow in tab groups. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-02-23
• [1186287] High CVE-2021-21193: Use after free in Blink. Reported by Anonymous on 2021-03-09

< 89.0.4389.90

Chrome Releases reports:

This release contains 25 security fixes, including:

• [1263620] High CVE-2021-38008: Use after free in media. Reported by Marcin Towalski of Cisco Talos on 2021-10-26
• [1260649] High CVE-2021-38009: Inappropriate implementation in cache. Reported by Luan Herrera (@lbherrera_) on 2021-10-16
• [1240593] High CVE-2021-38006: Use after free in storage foundation. Reported by Sergei Glazunov of Google Project Zero on 2021-08-17
• [1254189] High CVE-2021-38007: Type Confusion in V8. Reported by Polaris Feng and SGFvamll at Singular Security Lab on 2021-09-29
• [1241091] High CVE-2021-38005: Use after free in loader. Reported by Sergei Glazunov of Google Project Zero on 2021-08-18
• [1264477] High CVE-2021-38010: Inappropriate implementation in service workers. Reported by Sergei Glazunov of Google Project Zero on 2021-10-28
• [1268274] High CVE-2021-38011: Use after free in storage foundation. Reported by Sergei Glazunov of Google Project Zero on 2021-11-09
• [1262791] Medium CVE-2021-38012: Type Confusion in V8. Reported by Yonghwi Jin (@jinmo123) on 2021-10-24
• [1242392] Medium CVE-2021-38013: Heap buffer overflow in fingerprint recognition. Reported by raven (@raid_akame) on 2021-08-23
• [1248567] Medium CVE-2021-38014: Out of bounds write in Swiftshader. Reported by Atte Kettunen of OUSPG on 2021-09-10
• [957553] Medium CVE-2021-38015: Inappropriate implementation in input. Reported by David Erceg on 2019-04-29
• [1244289] Medium CVE-2021-38016: Insufficient policy enforcement in background fetch. Reported by Maurice Dauer on 2021-08-28
• [1256822] Medium CVE-2021-38017: Insufficient policy enforcement in iframe sandbox. Reported by NDevTK on 2021-10-05
• [1197889] Medium CVE-2021-38018: Inappropriate implementation in navigation. Reported by Alesandro Ortiz on 2021-04-11
• [1251179] Medium CVE-2021-38019: Insufficient policy enforcement in CORS. Reported by Maurice Dauer on 2021-09-20
• [1259694] Medium CVE-2021-38020: Insufficient policy enforcement in contacts picker. Reported by Luan Herrera (@lbherrera_) on 2021-10-13
• [1233375] Medium CVE-2021-38021: Inappropriate implementation in referrer. Reported by Prakash (@1lastBr3ath) and Jun Kokatsu on 2021-07-27
• [1248862] Low CVE-2021-38022: Inappropriate implementation in WebAuthentication. Reported by Michal Kepkowski on 2021-09-13

< 96.0.4664.45

Google Chrome Releases reports:

[109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in EUC-JP. Credit to Masato Kinugawa.

[112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling. Credit to Arthur Gerkis.

[114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment handling. Credit to miaubiz.

[116398] Medium CVE-2011-3061: SPDY proxy certificate checking error. Credit to Leonidas Kontothanassis of Google.

[116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to Mateusz Jurczyk of the Google Security Team.

[117417] Low CVE-2011-3063: Validate navigation requests from the renderer more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie and scarybeasts (Google Chrome Security Team).

[117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to Atte Kettunen of OUSPG.

[117588] High CVE-2011-3065: Memory corruption in Skia. Credit to Omair.

[117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian Holler.

< 18.0.1025.142

Google Chrome Releases reports:

42 security fixes in this release, including:

• [850350] High CVE-2018-6153: Stack buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-06-07
• [848914] High CVE-2018-6154: Heap buffer overflow in WebGL. Reported by Omair on 2018-06-01
• [842265] High CVE-2018-6155: Use after free in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-05-11
• [841962] High CVE-2018-6156: Heap buffer overflow in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-05-10
• [840536] High CVE-2018-6157: Type confusion in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-05-07
• [812667] Medium CVE-2018-6150: Cross origin information disclosure in Service Workers. Reported by Rob Wu on 2018-02-15
• [805905] Medium CVE-2018-6151: Bad cast in DevTools. Reported by Rob Wu on 2018-01-25
• [805445] Medium CVE-2018-6152: Local file write in DevTools. Reported by Rob Wu on 2018-01-24
• [841280] Medium CVE-2018-6158: Use after free in Blink. Reported by Zhe Jin, Luyao Liu from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-05-09
• [837275] Medium CVE-2018-6159: Same origin policy bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-04-26
• [839822] Medium CVE-2018-6160: URL spoof in Chrome on iOS. Reported by evi1m0 of Bilibili Security Team on 2018-05-04
• [826552] Medium CVE-2018-6161: Same origin policy bypass in WebAudio. Reported by Jun Kokatsu (@shhnjk) on 2018-03-27
• [804123] Medium CVE-2018-6162: Heap buffer overflow in WebGL. Reported by Omair on 2018-01-21
• [849398] Medium CVE-2018-6163: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-06-04
• [848786] Medium CVE-2018-6164: Same origin policy bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-06-01
• [847718] Medium CVE-2018-6165: URL spoof in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-05-30
• [835554] Medium CVE-2018-6166: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-04-21
• [833143] Medium CVE-2018-6167: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-04-15
• [828265] Medium CVE-2018-6168: CORS bypass in Blink. Reported by Gunes Acar and Danny Y. Huang of Princeton University, Frank Li of UC Berkeley on 2018-04-03
• [394518] Medium CVE-2018-6169: Permissions bypass in extension installation. Reported by Sam P on 2014-07-16
• [862059] Medium CVE-2018-6170: Type confusion in PDFium. Reported by Anonymous on 2018-07-10
• [851799] Medium CVE-2018-6171: Use after free in WebBluetooth. Reported by amazon@mimetics.ca on 2018-06-12
• [847242] Medium CVE-2018-6172: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-05-28
• [836885] Medium CVE-2018-6173: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-04-25
• [835299] Medium CVE-2018-6174: Integer overflow in SwiftShader. Reported by Mark Brand of Google Project Zero on 2018-04-20
• [826019] Medium CVE-2018-6175: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-26
• [666824] Medium CVE-2018-6176: Local user privilege escalation in Extensions. Reported by Jann Horn of Google Project Zero on 2016-11-18
• [826187] Low CVE-2018-6177: Cross origin information leak in Blink. Reported by Ron Masas (Imperva) on 2018-03-27
• [823194] Low CVE-2018-6178: UI spoof in Extensions. Reported by Khalil Zhani on 2018-03-19
• [816685] Low CVE-2018-6179: Local file information leak in Extensions. Reported by Anonymous on 2018-02-26
• [797461] Low CVE-2018-6044: Request privilege escalation in Extensions. Reported by Wob Wu on 2017-12-23
• [791324] Low CVE-2018-4117: Cross origin information leak in Blink. Reported by AhsanEjaz - @AhsanEjazA on 2017-12-03
• [866821] Various fixes from internal audits, fuzzing and other initiatives

< 68.0.3440.75

Google Chrome Releases reports:

2 security fixes in this release, including:

• [569486] CVE-2015-6792: Fixes from internal audits and fuzzing.

< 47.0.2526.106

Google Chrome Releases reports:

[414124] RSA signature malleability in NSS (CVE-2014-1568). Thanks to Antoine Delignat-Lavaud of Prosecco/INRIA, Brian Smith and Advanced Threat Research team at Intel Security

< 37.0.2062.124

Chrome Releases reports:

This release contains 19 security fixes, including:

• [1246631] High CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-09-04
• [1248661] High CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-09-11
• [1249810] High CVE-2021-37983: Use after free in Dev Tools. Reported by Zhihua Yao of KunLun Lab on 2021-09-15
• [1253399] High CVE-2021-37984: Heap buffer overflow in PDFium. Reported by Antti Levomäki, Joonas Pihlaja andChristian Jali from Forcepoint on 2021-09-27
• [1241860] High CVE-2021-37985: Use after free in V8. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-08-20
• [1242404] Medium CVE-2021-37986: Heap buffer overflow in Settings. Reported by raven (@raid_akame) on 2021-08-23
• [1206928] Medium CVE-2021-37987: Use after free in Network APIs. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-08
• [1228248] Medium CVE-2021-37988: Use after free in Profiles. Reported by raven (@raid_akame) on 2021-07-12
• [1233067] Medium CVE-2021-37989: Inappropriate implementation in Blink. Reported by Matt Dyas, Ankur Sundara on 2021-07-26
• [1247395] Medium CVE-2021-37990: Inappropriate implementation in WebView. Reported by Kareem Selim of CyShield on 2021-09-07
• [1250660] Medium CVE-2021-37991: Race in V8. Reported by Samuel Gross of Google Project Zero on 2021-09-17
• [1253746] Medium CVE-2021-37992: Out of bounds read in WebAudio. Reported by sunburst@Ant Security Light-Year Lab on 2021-09-28
• [1255332] Medium CVE-2021-37993: Use after free in PDF Accessibility. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-10-02
• [1243020] Medium CVE-2021-37996: Insufficient validation of untrusted input in Downloads. Reported by Anonymous on 2021-08-24
• [1100761] Low CVE-2021-37994: Inappropriate implementation in iFrame Sandbox. Reported by David Erceg on 2020-06-30
• [1242315] Low CVE-2021-37995: Inappropriate implementation in WebApp Installer. Reported by Terence Eden on 2021-08-23

< 95.0.4638.54

Google Chrome Releases reports:

[172342] High CVE-2013-0916: Use-after-free in Web Audio. Credit to Atte Kettunen of OUSPG.

[180909] Low CVE-2013-0917: Out-of-bounds read in URL loader. Credit to Google Chrome Security Team (Cris Neckar).

[180555] Low CVE-2013-0918: Do not navigate dev tools upon drag and drop. Credit to Vsevolod Vlasov of the Chromium development community.

[Linux only] [178760] Medium CVE-2013-0919: Use-after-free with pop-up windows in extensions. Credit to Google Chrome Security Team (Mustafa Emre Acer).

[177410] Medium CVE-2013-0920: Use-after-free in extension bookmarks API. Credit to Google Chrome Security Team (Mustafa Emre Acer).

[174943] High CVE-2013-0921: Ensure isolated web sites run in their own processes.

[174129] Low CVE-2013-0922: Avoid HTTP basic auth brute force attempts. Credit to "t3553r".

[169981] [169972] [169765] Medium CVE-2013-0923: Memory safety issues in the USB Apps API. Credit to Google Chrome Security Team (Mustafa Emre Acer).

[169632] Low CVE-2013-0924: Check an extension's permissions API usage again file permissions. Credit to Benjamin Kalman of the Chromium development community.

[168442] Low CVE-2013-0925: Avoid leaking URLs to extensions without the tabs permissions. Credit to Michael Vrable of Google.

[112325] Medium CVE-2013-0926: Avoid pasting active tags in certain situations. Credit to Subho Halder, Aditya Gupta, and Dev Kar of xys3c (xysec.com).

< 26.0.1410.43

Chrome Releases reports:

This update contains 8 security fixes, including:

• [1181228] High CVE-2021-21194: Use after free in screen capture. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-02-23
• [1182647] High CVE-2021-21195: Use after free in V8. Reported by Bohan Liu (@P4nda20371774) and Moon Liang of Tencent Security Xuanwu Lab on 2021-02-26
• [1175992] High CVE-2021-21196: Heap buffer overflow in TabStrip. Reported by Khalil Zhani on 2021-02-08
• [1173903] High CVE-2021-21197: Heap buffer overflow in TabStrip. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-02-03
• [1184399] High CVE-2021-21198: Out of bounds read in IPC. Reported by Mark Brand of Google Project Zero on 2021-03-03
• [1179635] High CVE-2021-21199: Use Use after free in Aura. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group and Evangelos Foutras

< 89.0.4389.114

Chrome Releases reports:

This release contains 5 security fixes:

• [1116304] High CVE-2020-6573: Use after free in video. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-08-14
• [1102196] High CVE-2020-6574: Insufficient policy enforcement in installer. Reported by CodeColorist of Ant-Financial LightYear Labs on 2020-07-05
• [1081874] High CVE-2020-6575: Race in Mojo. Reported by Microsoft on 2020-05-12
• [1111737] High CVE-2020-6576: Use after free in offscreen canvas. Reported by Looben Yang on 2020-07-31
• [1122684] High CVE-2020-15959: Insufficient policy enforcement in networking. Reported by Eric Lawrence of Microsoft on 2020-08-27

< 85.0.4183.102

Google Chrome Releases reports:

15 security fixes in this release, including:

• 601073] High CVE-2016-1696: Cross-origin bypass in Extension bindings. Credit to anonymous.
• [613266] High CVE-2016-1697: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
• [603725] Medium CVE-2016-1698: Information leak in Extension bindings. Credit to Rob Wu.
• [607939] Medium CVE-2016-1699: Parameter sanitization failure in DevTools. Credit to Gregory Panakkal.
• [608104] Medium CVE-2016-1700: Use-after-free in Extensions. Credit to Rob Wu.
• [608101] Medium CVE-2016-1701: Use-after-free in Autofill. Credit to Rob Wu.
• [609260] Medium CVE-2016-1702: Out-of-bounds read in Skia. Credit to cloudfuzzer.
• [616539] CVE-2016-1703: Various fixes from internal audits, fuzzing and other initiatives.

< 51.0.2704.79

Chrome Releases reports:

This release contains 10 security fixes, including:

• [1227777] High CVE-2021-30590: Heap buffer overflow in Bookmarks. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-07-09
• [1229298] High CVE-2021-30591: Use after free in File System API. Reported by SorryMybad (@S0rryMybad) of Kunlun Lab on 2021-07-14
• [1209469] High CVE-2021-30592: Out of bounds write in Tab Groups. Reported by David Erceg on 2021-05-15
• [1209616] High CVE-2021-30593: Out of bounds read in Tab Strip. Reported by David Erceg on 2021-05-16
• [1218468] High CVE-2021-30594: Use after free in Page Info UI. Reported by raven (@raid_akame) on 2021-06-10
• [1214481] Medium CVE-2021-30596: Incorrect security UI in Navigation. Reported by Mohit Raj (shadow2639) on 2021-05-29
• [1232617] Medium CVE-2021-30597: Use after free in Browser UI. Reported by raven (@raid_akame) on 2021-07-24

< 92.0.4515.131

Chrome Releases reports:

This release contains 7 security fixes, including:

• [1326210] High CVE-2022-2007: Use after free in WebGPU. Reported by David Manouchehri on 2022-05-17
• [1317673] High CVE-2022-2008: Out of bounds memory access in WebGL. Reported by khangkito - Tran Van Khang (VinCSS) on 2022-04-19
• [1325298] High CVE-2022-2010: Out of bounds read in compositing. Reported by Mark Brand of Google Project Zero on 2022-05-13
• [1330379] High CVE-2022-2011: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-05-31

< 102.0.5005.115

Chrome Reelases reports:

This release includes 7 security fixes, including:

• 1194046] High CVE-2021-21222: Heap buffer overflow in V8. Reported by Guang Gong of Alpha Lab, Qihoo 360 on 2021-03-30
• [1195308] High CVE-2021-21223: Integer overflow in Mojo. Reported by Guang Gong of Alpha Lab, Qihoo 360 on 2021-04-02
• [1195777] High CVE-2021-21224: Type Confusion in V8. Reported by Jose Martinez (tr0y4) from VerSprite Inc. on 2021-04-05
• [1195977] High CVE-2021-21225: Out of bounds memory access in V8. Reported by Brendon Tiszka (@btiszka) supporting the EFF on 2021-04-05
• [1197904] High CVE-2021-21226: Use after free in navigation. Reported by Brendon Tiszka (@btiszka) supporting the EFF on 2021-04-11

< 90.0.4430.85

Google Chrome Releases reports:

3 security fixes in this release:

• [358038] High CVE-2014-1740: Use-after-free in WebSockets. Credit to Collin Payne.
• [349898] High CVE-2014-1741: Integer overflow in DOM ranges. Credit to John Butler.
• [356690] High CVE-2014-1742: Use-after-free in editing. Credit to cloudfuzzer.

< 34.0.1847.137

Google Chrome Releases reports:

[Linux only] [125225] Medium CVE-2012-2846: Cross-process interference in renderers. Credit to Google Chrome Security Team (Julien Tinnes).

[127522] Low CVE-2012-2847: Missing re-prompt to user upon excessive downloads. Credit to Matt Austin of Aspect Security.

[127525] Medium CVE-2012-2848: Overly broad file access granted after drag+drop. Credit to Matt Austin of Aspect Security.

[128163] Low CVE-2012-2849: Off-by-one read in GIF decoder. Credit to Atte Kettunen of OUSPG.

[130251] [130592] [130611] [131068] [131237] [131252] [131621] [131690] [132860] Medium CVE-2012-2850: Various lower severity issues in the PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[132585] [132694] [132861] High CVE-2012-2851: Integer overflows in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[134028] High CVE-2012-2852: Use-after-free with bad object linkage in PDF. Credit to Alexey Samsonov of Google.

[134101] Medium CVE-2012-2853: webRequest can interfere with the Chrome Web Store. Credit to Trev of Adblock.

[134519] Low CVE-2012-2854: Leak of pointer values to WebUI renderers. Credit to Nasko Oskov of the Chromium development community.

[134888] High CVE-2012-2855: Use-after-free in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[134954] [135264] High CVE-2012-2856: Out-of-bounds writes in PDF viewer. Credit to Mateusz Jurczyk of Google Security Team, with contributions by Gynvael Coldwind of Google Security Team.

[136235] High CVE-2012-2857: Use-after-free in CSS DOM. Credit to Arthur Gerkis.

[136894] High CVE-2012-2858: Buffer overflow in WebP decoder. Credit to Juri Aedla.

[Linux only] [137541] Critical CVE-2012-2859: Crash in tab handling. Credit to Jeff Roberts of Google Security Team.

[137671] Medium CVE-2012-2860: Out-of-bounds access when clicking in date picker. Credit to Chamal de Silva.

< 21.0.1180.60

Chrome Releases reports:

This release includes 16 security fixes, including:

• [1148749] High CVE-2021-21106: Use after free in autofill. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2020-11-13
• [1153595] High CVE-2021-21107: Use after free in drag and drop. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2020-11-30
• [1155426] High CVE-2021-21108: Use after free in media. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2020-12-04
• [1152334] High CVE-2021-21109: Use after free in payments. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2020-11-24
• [1152451] High CVE-2021-21110: Use after free in safe browsing. Reported by Anonymous on 2020-11-24
• [1149125] High CVE-2021-21111: Insufficient policy enforcement in WebUI. Reported by Alesandro Ortiz on 2020-11-15
• [1151298] High CVE-2021-21112: Use after free in Blink. Reported by YoungJoo Lee(@ashuu_lee) of Raon Whitehat on 2020-11-20
• [1155178] High CVE-2021-21113: Heap buffer overflow in Skia. Reported by tsubmunu on 2020-12-03
• [1148309] High CVE-2020-16043: Insufficient data validation in networking. Reported by Samy Kamkar, Ben Seri at Armis, Gregory Vishnepolsky at Armis on 2020-11-12
• [1150065] High CVE-2021-21114: Use after free in audio. Reported by Man Yue Mo of GitHub Security Lab on 2020-11-17
• [1157790] High CVE-2020-15995: Out of bounds write in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2020-12-11
• [1157814] High CVE-2021-21115: Use after free in safe browsing. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2020-12-11
• [1151069] Medium CVE-2021-21116: Heap buffer overflow in audio. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-11-19

< 87.0.4280.141

Google Chrome Releases reports:

159 security fixes in this release, including 113 found using MemorySanitizer:

• [416449] Critical CVE-2014-3188: A special thanks to J�ri Aedla for a combination of V8 and IPC bugs that can lead to remote code execution outside of the sandbox.
• [398384] High CVE-2014-3189: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
• [400476] High CVE-2014-3190: Use-after-free in Events. Credit to cloudfuzzer.
• [402407] High CVE-2014-3191: Use-after-free in Rendering. Credit to cloudfuzzer.
• [403276] High CVE-2014-3192: Use-after-free in DOM. Credit to cloudfuzzer.
• [399655] High CVE-2014-3193: Type confusion in Session Management. Credit to miaubiz.
• [401115] High CVE-2014-3194: Use-after-free in Web Workers. Credit to Collin Payne.
• [403409] Medium CVE-2014-3195: Information Leak in V8. Credit to J�ri Aedla.
• [338538] Medium CVE-2014-3196: Permissions bypass in Windows Sandbox. Credit to James Forshaw.
• [396544] Medium CVE-2014-3197: Information Leak in XSS Auditor. Credit to Takeshi Terada.
• [415307] Medium CVE-2014-3198: Out-of-bounds read in PDFium. Credit to Atte Kettunen of OUSPG.
• [395411] Low CVE-2014-3199: Release Assert in V8 bindings. Credit to Collin Payne.
• [420899] CVE-2014-3200: Various fixes from internal audits, fuzzing and other initiatives (Chrome 38).
• Multiple vulnerabilities in V8 fixed at the tip of the 3.28 branch (currently 3.28.71.15).

< 38.0.2125.101

Google Chrome Releases reports:

42 security fixes in this release, including:

• [389734] High CVE-2014-7899: Address bar spoofing. Credit to Eli Grey.
• [406868] High CVE-2014-7900: Use-after-free in pdfium. Credit to Atte Kettunen from OUSPG.
• [413375] High CVE-2014-7901: Integer overflow in pdfium. Credit to cloudfuzzer.
• [414504] High CVE-2014-7902: Use-after-free in pdfium. Credit to cloudfuzzer.
• [414525] High CVE-2014-7903: Buffer overflow in pdfium. Credit to cloudfuzzer.
• [418161] High CVE-2014-7904: Buffer overflow in Skia. Credit to Atte Kettunen from OUSPG.
• [421817] High CVE-2014-7905: Flaw allowing navigation to intents that do not have the BROWSABLE category. Credit to WangTao(neobyte) of Baidu X-Team.
• [423030] High CVE-2014-7906: Use-after-free in pepper plugins. Credit to Chen Zhang (demi6od) of the NSFOCUS Security Team.
• [423703] High CVE-2014-0574: Double-free in Flash. Credit to biloulehibou.
• [424453] High CVE-2014-7907: Use-after-free in blink. Credit to Chen Zhang (demi6od) of the NSFOCUS Security Team.
• [425980] High CVE-2014-7908: Integer overflow in media. Credit to Christoph Diehl.
• [391001] Medium CVE-2014-7909: Uninitialized memory read in Skia. Credit to miaubiz.
• CVE-2014-7910: Various fixes from internal audits, fuzzing and other initiatives.

< 39.0.2171.65

< 39.0.2171.65

Chrome Releases reports:

This release contains 3 security fixes, including:

• [1366813] High CVE-2022-3370: Use after free in Custom Elements. Reported by Aviv A. on 2022-09-22
• [1366399] High CVE-2022-3373: Out of bounds write in V8. Reported by Tibor Klajnscek on 2022-09-21

< 106.0.5249.91

Google Chrome Releases reports:

4 security fixes in this release:

• [464922] High CVE-2015-1266: Scheme validation error in WebUI. Credit to anonymous.
• [494640] High CVE-2015-1268: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
• [497507] Medium CVE-2015-1267: Cross-origin bypass in Blink. Credit to anonymous.
• [461481] Medium CVE-2015-1269: Normalization error in HSTS/HPKP preload list. Credit to Mike Ruddy.

< 43.0.2357.130

< 43.0.2357.130

< 43.0.2357.130

Google Chrome Releases reports:

[961413] High CVE-2019-5842: Use-after-free in Blink. Reported by BUGFENSE Anonymous Bug Bounties https://bugfense.io on 2019-05-09

< 75.0.3770.90

Google Chrome Releases reports:

3 security fixes in this release, including:

• [620742] CVE-2016-1704: Various fixes from internal audits, fuzzing and other initiatives.

< 51.0.2704.103

Chrome Releases reports:

This update includes 20 security fixes, including:

• [1109120] High CVE-2020-6558: Insufficient policy enforcement in iOS. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-24
• [1116706] High CVE-2020-6559: Use after free in presentation API. Reported by Liu Wei and Wu Zekai of Tencent Security Xuanwu Lab on 2020-08-15
• [1108181] Medium CVE-2020-6560: Insufficient policy enforcement in autofill. Reported by Nadja Ungethuem from www.unnex.de on 2020-07-22
• [932892] Medium CVE-2020-6561: Inappropriate implementation in Content Security Policy. Reported by Rob Wu on 2019-02-16
• [1086845] Medium CVE-2020-6562: Insufficient policy enforcement in Blink. Reported by Masato Kinugawa on 2020-05-27
• [1104628] Medium CVE-2020-6563: Insufficient policy enforcement in intent handling. Reported by Pedro Oliveira on 2020-07-12
• [841622] Medium CVE-2020-6564: Incorrect security UI in permissions. Reported by Khalil Zhani on 2018-05-10
• [1029907] Medium CVE-2020-6565: Incorrect security UI in Omnibox. Reported by Khalil Zhani on 2019-12-02
• [1065264] Medium CVE-2020-6566: Insufficient policy enforcement in media. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-03-27
• [937179] Low CVE-2020-6567: Insufficient validation of untrusted input in command line handling. Reported by Joshua Graham of TSS on 2019-03-01
• [1092451] Low CVE-2020-6568: Insufficient policy enforcement in intent handling. Reported by Yongke Wang(@Rudykewang) and Aryb1n(@aryb1n) of Tencent Security Xuanwu Lab on 2020-06-08
• [995732] Low CVE-2020-6569: Integer overflow in WebUSB. Reported by guaixiaomei on 2019-08-20
• [1084699] Low CVE-2020-6570: Side-channel information leakage in WebRTC. Reported by Signal/Tenable on 2020-05-19
• [1085315] Low CVE-2020-6571: Incorrect security UI in Omnibox. Reported by Rayyan Bijoora on 2020-05-21

< 85.0.4183.83

Google Chrome Releases reports:

12 security fixes in this release, including

• [390174] High CVE-2014-3165: Use-after-free in web sockets. Credit to Collin Payne.
• [398925] High CVE-2014-3166: Information disclosure in SPDY. Credit to Antoine Delignat-Lavaud.
• [400950] CVE-2014-3167: Various fixes from internal audits, fuzzing and other initiatives.

< 36.0.1985.143

Google Chrome Releases reports:

[172243] High CVE-2013-0879: Memory corruption with web audio node. Credit to Atte Kettunen of OUSPG.

[171951] High CVE-2013-0880: Use-after-free in database handling. Credit to Chamal de Silva.

[167069] Medium CVE-2013-0881: Bad read in Matroska handling. Credit to Atte Kettunen of OUSPG.

[165432] High CVE-2013-0882: Bad memory access with excessive SVG parameters. Credit to Renata Hodovan.

[142169] Medium CVE-2013-0883: Bad read in Skia. Credit to Atte Kettunen of OUSPG.

[172984] Low CVE-2013-0884: Inappropriate load of NaCl. Credit to Google Chrome Security Team (Chris Evans).

[172369] Medium CVE-2013-0885: Too many API permissions granted to web store.

[171065] [170836] Low CVE-2013-0887: Developer tools process has too many permissions and places too much trust in the connected server.

[170666] Medium CVE-2013-0888: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).

[170569] Low CVE-2013-0889: Tighten user gesture check for dangerous file downloads.

[169973] [169966] High CVE-2013-0890: Memory safety issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).

[169685] High CVE-2013-0891: Integer overflow in blob handling. Credit to Google Chrome Security Team (Jüri Aedla).

[169295] [168710] [166493] [165836] [165747] [164958] [164946] Medium CVE-2013-0892: Lower severity issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).

[168570] Medium CVE-2013-0893: Race condition in media handling. Credit to Andrew Scherkus of the Chromium development community.

[168473] High CVE-2013-0894: Buffer overflow in vorbis decoding. Credit to Google Chrome Security Team (Inferno).

[Linux / Mac] [167840] High CVE-2013-0895: Incorrect path handling in file copying. Credit to Google Chrome Security Team (Jüri Aedla).

[166708] High CVE-2013-0896: Memory management issues in plug-in message handling. Credit to Google Chrome Security Team (Cris Neckar).

[165537] Low CVE-2013-0897: Off-by-one read in PDF. Credit to Mateusz Jurczyk, with contributions by Gynvael Coldwind, both from Google Security Team.

[164643] High CVE-2013-0898: Use-after-free in URL handling. Credit to Alexander Potapenko of the Chromium development community.

[160480] Low CVE-2013-0899: Integer overflow in Opus handling. Credit to Google Chrome Security Team (Jüri Aedla).

[152442] Medium CVE-2013-0900: Race condition in ICU. Credit to Google Chrome Security Team (Inferno).

< 25.0.1364.97

Chrome Releases reports:

This release contains 28 security fixes, including:

• [1289383] High CVE-2022-0789: Heap buffer overflow in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-01-21
• [1274077] High CVE-2022-0790: Use after free in Cast UI. Reported by Anonymous on 2021-11-26
• [1278322] High CVE-2022-0791: Use after free in Omnibox. Reported by Zhihua Yao of KunLun Lab on 2021-12-09
• [1285885] High CVE-2022-0792: Out of bounds read in ANGLE. Reported by Jaehun Jeong (@n3sk) of Theori on 2022-01-11
• [1291728] High CVE-2022-0793: Use after free in Views. Reported by Thomas Orlita on 2022-01-28
• [1294097] High CVE-2022-0794: Use after free in WebShare. Reported by Khalil Zhani on 2022-02-04
• [1282782] High CVE-2022-0795: Type Confusion in Blink Layout. Reported by 0x74960 on 2021-12-27
• [1295786] High CVE-2022-0796: Use after free in Media. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-02-10
• [1281908] High CVE-2022-0797: Out of bounds memory access in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-12-21
• [1283402] Medium CVE-2022-0798: Use after free in MediaStream. Reported by Samet Bekmezci @sametbekmezci on 2021-12-30
• [1279188] Medium CVE-2022-0799: Insufficient policy enforcement in Installer. Reported by Abdelhamid Naceri (halov) on 2021-12-12
• [1242962] Medium CVE-2022-0800: Heap buffer overflow in Cast UI. Reported by Khalil Zhani on 2021-08-24
• [1231037] Medium CVE-2022-0801: Inappropriate implementation in HTML parser. Reported by Michal Bentkowski of Securitum on 2021-07-20
• [1270052] Medium CVE-2022-0802: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2021-11-14
• [1280233] Medium CVE-2022-0803: Inappropriate implementation in Permissions. Reported by Abdulla Aldoseri on 2021-12-15
• [1264561] Medium CVE-2022-0804: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2021-10-29
• [1290700] Medium CVE-2022-0805: Use after free in Browser Switcher. Reported by raven at KunLun Lab on 2022-01-25
• [1283434] Medium CVE-2022-0806: Data leak in Canvas. Reported by Paril on 2021-12-31
• [1287364] Medium CVE-2022-0807: Inappropriate implementation in Autofill. Reported by Alesandro Ortiz on 2022-01-14
• [1292271] Medium CVE-2022-0808: Use after free in Chrome OS Shell. Reported by @ginggilBesel on 2022-01-29
• [1293428] Medium CVE-2022-0809: Out of bounds memory access in WebXR. Reported by @uwu7586 on 2022-02-03

< 99.0.4844.51

Google Chrome releases reports:

22 security fixes in this release, including:

• [737023] High CVE-2017-5111: Use after free in PDFium. Reported by Luat Nguyen on KeenLab, Tencent on 2017-06-27
• [740603] High CVE-2017-5112: Heap buffer overflow in WebGL. Reported by Tobias Klein on 2017-07-10
• [747043] High CVE-2017-5113: Heap buffer overflow in Skia. Reported by Anonymous on 2017-07-20
• [752829] High CVE-2017-5114: Memory lifecycle issue in PDFium. Reported by Ke Liu of Tencent's Xuanwu LAB on 2017-08-07
• [744584] High CVE-2017-5115: Type confusion in V8. Reported by Marco Giovannini on 2017-07-17
• [759624] High CVE-2017-5116: Type confusion in V8. Reported by Anonymous on 2017-08-28
• [739190] Medium CVE-2017-5117: Use of uninitialized value in Skia. Reported by Tobias Klein on 2017-07-04
• [747847] Medium CVE-2017-5118: Bypass of Content Security Policy in Blink. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-07-24
• [725127] Medium CVE-2017-5119: Use of uninitialized value in Skia. Reported by Anonymous on 2017-05-22
• [718676] Low CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. Reported by Xiaoyin Liu on 2017-05-05
• [762099] Various fixes from internal audits, fuzzing and other initiatives

< 61.0.3163.79

Chrome Releases reports:

This release contains 11 security fixes, including:

• [1290008] High CVE-2022-0603: Use after free in File Manager. Reported by Chaoyuan Peng (@ret2happy) on 2022-01-22
• [1273397] High CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace on 2021-11-24
• [1286940] High CVE-2022-0605: Use after free in Webstore API. Reported by Thomas Orlita on 2022-01-13
• [1288020] High CVE-2022-0606: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-01-17
• [1250655] High CVE-2022-0607: Use after free in GPU. Reported by 0x74960 on 2021-09-17
• [1270333] High CVE-2022-0608: Integer overflow in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-11-16
• [1296150] High CVE-2022-0609: Use after free in Animation. Reported by Adam Weidemann and Clément Lecigne of Google' Threat Analysis Group on 2022-02-10
• [1285449] Medium CVE-2022-0610: Inappropriate implementation in Gamepad API. Reported by Anonymous on 2022-01-08

< 98.0.4758.102

Google Chrome Releases reports:

2 security fixes in this release, including:

• [788453] High CVE-2017-15429: UXSS in V8. Reported by Anonymous on 2017-11-24
• [794792] Various fixes from internal audits, fuzzing and other initiatives

< 63.0.3239.108

Google Chrome Releases reports:

62 security fixes in this release, including:

• [430353] High CVE-2014-7923: Memory corruption in ICU. Credit to yangdingning.
• [435880] High CVE-2014-7924: Use-after-free in IndexedDB. Credit to Collin Payne.
• [434136] High CVE-2014-7925: Use-after-free in WebAudio. Credit to mark.buer.
• [422824] High CVE-2014-7926: Memory corruption in ICU. Credit to yangdingning.
• [444695] High CVE-2014-7927: Memory corruption in V8. Credit to Christian Holler.
• [435073] High CVE-2014-7928: Memory corruption in V8. Credit to Christian Holler.
• [442806] High CVE-2014-7930: Use-after-free in DOM. Credit to cloudfuzzer.
• [442710] High CVE-2014-7931: Memory corruption in V8. Credit to cloudfuzzer.
• [443115] High CVE-2014-7929: Use-after-free in DOM. Credit to cloudfuzzer.
• [429666] High CVE-2014-7932: Use-after-free in DOM. Credit to Atte Kettunen of OUSPG.
• [427266] High CVE-2014-7933: Use-after-free in FFmpeg. Credit to aohelin.
• [427249] High CVE-2014-7934: Use-after-free in DOM. Credit to cloudfuzzer.
• [402957] High CVE-2014-7935: Use-after-free in Speech. Credit to Khalil Zhani.
• [428561] High CVE-2014-7936: Use-after-free in Views. Credit to Christoph Diehl.
• [419060] High CVE-2014-7937: Use-after-free in FFmpeg. Credit to Atte Kettunen of OUSPG.
• [416323] High CVE-2014-7938: Memory corruption in Fonts. Credit to Atte Kettunen of OUSPG.
• [399951] High CVE-2014-7939: Same-origin-bypass in V8. Credit to Takeshi Terada.
• [433866] Medium CVE-2014-7940: Uninitialized-value in ICU. Credit to miaubiz.
• [428557] Medium CVE-2014-7941: Out-of-bounds read in UI. Credit to Atte Kettunen of OUSPG and Christoph Diehl.
• [426762] Medium CVE-2014-7942: Uninitialized-value in Fonts. Credit to miaubiz.
• [422492] Medium CVE-2014-7943: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG.
• [418881] Medium CVE-2014-7944: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
• [414310] Medium CVE-2014-7945: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
• [414109] Medium CVE-2014-7946: Out-of-bounds read in Fonts. Credit to miaubiz.
• [430566] Medium CVE-2014-7947: Out-of-bounds read in PDFium. Credit to fuzztercluck.
• [414026] Medium CVE-2014-7948: Caching error in AppCache. Credit to jiayaoqijia.
• [449894] CVE-2015-1205: Various fixes from internal audits, fuzzing and other initiatives.
• Multiple vulnerabilities in V8 fixed at the tip of the 3.30 branch (currently 3.30.33.15).

< 40.0.2214.91

< 40.0.2214.91

Google Chrome Releases reports:

4 security fixes in this release:

• [835887] Critical: Chain leading to sandbox escape. Reported by Anonymous on 2018-04-23
• [836858] High CVE-2018-6121: Privilege Escalation in extensions
• [836141] High CVE-2018-6122: Type confusion in V8
• [833721] High CVE-2018-6120: Heap buffer overflow in PDFium. Reported by Zhou Aiting(@zhouat1) of Qihoo 360 Vulcan Team on 2018-04-17
• [841841] Various fixes from internal audits, fuzzing and other initiatives

< 66.0.3359.170

Google Chrome Releases reports:

50 security fixes in this release, including:

• [223962][270758][271161][284785][284786] Medium CVE-2013-2906: Races in Web Audio. Credit to Atte Kettunen of OUSPG.
• [260667] Medium CVE-2013-2907: Out of bounds read in Window.prototype object. Credit to Boris Zbarsky.
• [265221] Medium CVE-2013-2908: Address bar spoofing related to the “204 No Content” status code. Credit to Chamal de Silva.
• [265838][279277] High CVE-2013-2909: Use after free in inline-block rendering. Credit to Atte Kettunen of OUSPG.
• [269753] Medium CVE-2013-2910: Use-after-free in Web Audio. Credit to Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
• [271939] High CVE-2013-2911: Use-after-free in XSLT. Credit to Atte Kettunen of OUSPG.
• [276368] High CVE-2013-2912: Use-after-free in PPAPI. Credit to Chamal de Silva and 41.w4r10r(at)garage4hackers.com.
• [278908] High CVE-2013-2913: Use-after-free in XML document parsing. Credit to cloudfuzzer.
• [279263] High CVE-2013-2914: Use after free in the Windows color chooser dialog. Credit to Khalil Zhani.
• [280512] Low CVE-2013-2915: Address bar spoofing via a malformed scheme. Credit to Wander Groeneveld.
• [281256] High CVE-2013-2916: Address bar spoofing related to the “204 No Content” status code. Credit to Masato Kinugawa.
• [281480] Medium CVE-2013-2917: Out of bounds read in Web Audio. Credit to Byoungyoung Lee and Tielei Wang of Georgia Tech Information Security Center (GTISC).
• [282088] High CVE-2013-2918: Use-after-free in DOM. Credit to Byoungyoung Lee of Georgia Tech Information Security Center (GTISC).
• [282736] High CVE-2013-2919: Memory corruption in V8. Credit to Adam Haile of Concrete Data.
• [285742] Medium CVE-2013-2920: Out of bounds read in URL parsing. Credit to Atte Kettunen of OUSPG.
• [286414] High CVE-2013-2921: Use-after-free in resource loader. Credit to Byoungyoung Lee and Tielei Wang of Georgia Tech Information Security Center (GTISC).
• [286975] High CVE-2013-2922: Use-after-free in template element. Credit to Jon Butler.
• [299016] CVE-2013-2923: Various fixes from internal audits, fuzzing and other initiatives (Chrome 30).
• [275803] Medium CVE-2013-2924: Use-after-free in ICU. Upstream bug here.

< 30.0.1599.66

Google Chrome Releases reports:

[138208] High CVE-2012-2900: Crash in Skia text rendering. Credit to Atte Kettunen of OUSPG.

[147499] Critical CVE-2012-5108: Race condition in audio device handling. Credit to Atte Kettunen of OUSPG.

[148692] Medium CVE-2012-5109: OOB read in ICU regex. Credit to Arthur Gerkis.

[151449] Medium CVE-2012-5110: Out-of-bounds read in compositor. Credit to Google Chrome Security Team (Inferno).

[151895] Low CVE-2012-5111: Plug-in crash monitoring was missing for Pepper plug-ins. Credit to Google Chrome Security Team (Chris Evans).

< 22.0.1229.92

Google Chrome Releases reports:

[319117] [319125] Critical CVE-2013-6632: Multiple memory corruption issues. Credit to Pinkie Pie.

< 31.0.1650.57

Chrome Releases reports:

This release fixes 10 security issues, including:

• [1100136] High CVE-2020-15960: Out of bounds read in storage. Reported by Anonymous on 2020-06-28
• [1114636] High CVE-2020-15961: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-08-10
• [1121836] High CVE-2020-15962: Insufficient policy enforcement in serial. Reported by Leecraso and Guang Gong of 360 Alpha Lab working with 360 BugCloud on 2020-08-26
• [1113558] High CVE-2020-15963: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-08-06
• [1126249] High CVE-2020-15965: Out of bounds write in V8. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-09-08
• [1113565] Medium CVE-2020-15966: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-08-06
• [1121414] Low CVE-2020-15964: Insufficient data validation in media. Reported by Woojin Oh(@pwn_expoit) of STEALIEN on 2020-08-25

< 85.0.4183.121

Chrome Releases reports:

This release contains 27 security fixes, including:

• [1284584] High CVE-2022-0452: Use after free in Safe Browsing. Reported by avaue at S.S.L. on 2022-01-05
• [1284916] High CVE-2022-0453: Use after free in Reader Mode. Reported by Rong Jian of VRI on 2022-01-06
• [1287962] High CVE-2022-0454: Heap buffer overflow in ANGLE. Reported by Seong-Hwan Park (SeHwa) of SecunologyLab on 2022-01-17
• [1270593] High CVE-2022-0455: Inappropriate implementation in Full Screen Mode. Reported by Irvan Kurniawan (sourc7) on 2021-11-16
• [1289523] High CVE-2022-0456: Use after free in Web Search. Reported by Zhihua Yao of KunLun Lab on 2022-01-21
• [1274445] High CVE-2022-0457: Type Confusion in V8. Reported by rax of the Group0x58 on 2021-11-29
• [1267060] High CVE-2022-0458: Use after free in Thumbnail Tab Strip. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-11-05
• [1244205] High CVE-2022-0459: Use after free in Screen Capture. Reported by raven (@raid_akame) on 2021-08-28
• [1250227] Medium CVE-2022-0460: Use after free in Window Dialog. Reported by 0x74960 on 2021-09-16
• [1256823] Medium CVE-2022-0461: Policy bypass in COOP. Reported by NDevTK on 2021-10-05
• [1270470] Medium CVE-2022-0462: Inappropriate implementation in Scroll. Reported by Youssef Sammouda on 2021-11-16
• [1268240] Medium CVE-2022-0463: Use after free in Accessibility. Reported by Zhihua Yao of KunLun Lab on 2021-11-09
• [1270095] Medium CVE-2022-0464: Use after free in Accessibility. Reported by Zhihua Yao of KunLun Lab on 2021-11-14
• [1281941] Medium CVE-2022-0465: Use after free in Extensions. Reported by Samet Bekmezci @sametbekmezci on 2021-12-22
• [1115460] Medium CVE-2022-0466: Inappropriate implementation in Extensions Platform. Reported by David Erceg on 2020-08-12
• [1239496] Medium CVE-2022-0467: Inappropriate implementation in Pointer Lock. Reported by Alesandro Ortiz on 2021-08-13
• [1252716] Medium CVE-2022-0468: Use after free in Payments. Reported by Krace on 2021-09-24
• [1279531] Medium CVE-2022-0469: Use after free in Cast. Reported by Thomas Orlita on 2021-12-14
• [1269225] Low CVE-2022-0470: Out of bounds memory access in V8. Reported by Looben Yang on 2021-11-11

< 98.0.4758.80

Google Chrome Releases reports:

[121347] Medium CVE-2012-2865: Out-of-bounds read in line breaking. Credit to miaubiz.

[134897] High CVE-2012-2866: Bad cast with run-ins. Credit to miaubiz.

[135485] Low CVE-2012-2867: Browser crash with SPDY.

[136881] Medium CVE-2012-2868: Race condition with workers and XHR. Credit to miaubiz.

[137778] High CVE-2012-2869: Avoid stale buffer in URL loading. Credit to Fermin Serna of the Google Security Team.

[138672] [140368] Low CVE-2012-2870: Lower severity memory management issues in XPath. Credit to Nicolas Gregoire.

[138673] High CVE-2012-2871: Bad cast in XSL transforms. Credit to Nicolas Gregoire.

[142956] Medium CVE-2012-2872: XSS in SSL interstitial. Credit to Emmanuel Bronshtein.

< 21.0.1180.89

Chrome Releases reports:

This release includes 47 security fixes, including the below. Google is aware of reports that an exploit for CVE-2021-21166 exists in the wild. Please see URL for details.

< 89.0.4389.72

Google Chrome Releases reports:

[520422] High CVE-2015-1302: Information leak in PDF viewer. Credit to Rob Wu.

< 46.0.2490.86

Chrome Releases reports:

This release contains 11 security fixes, including:

• [1349322] Critical CVE-2022-2852: Use after free in FedCM. Reported by Sergei Glazunov of Google Project Zero on 2022-08-02
• [1337538] High CVE-2022-2854: Use after free in SwiftShader. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-06-18
• [1345042] High CVE-2022-2855: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-07-16
• [1338135] High CVE-2022-2857: Use after free in Blink. Reported by Anonymous on 2022-06-21
• [1341918] High CVE-2022-2858: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-07-05
• [1350097] High CVE-2022-2853: Heap buffer overflow in Downloads. Reported by Sergei Glazunov of Google Project Zero on 2022-08-04
• [1345630] High CVE-2022-2856: Insufficient validation of untrusted input in Intents. Reported by Ashley Shen and Christian Resell of Google Threat Analysis Group on 2022-07-19
• [1338412] Medium CVE-2022-2859: Use after free in Chrome OS Shell. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-06-22
• [1345193] Medium CVE-2022-2860: Insufficient policy enforcement in Cookies. Reported by Axel Chong on 2022-07-18
• [1346236] Medium CVE-2022-2861: Inappropriate implementation in Extensions API. Reported by Rong Jian of VRI on 2022-07-21

< 104.0.5112.101

Chrome Releases reports:

This release contains 24 security fixes, including:

• [1340253] Critical CVE-2022-3038: Use after free in Network Service. Reported by Sergei Glazunov of Google Project Zero on 2022-06-28
• [1343348] High CVE-2022-3039: Use after free in WebSQL. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-07-11
• [1341539] High CVE-2022-3040: Use after free in Layout. Reported by Anonymous on 2022-07-03
• [1345947] High CVE-2022-3041: Use after free in WebSQL. Reported by Ziling Chen and Nan Wang(@eternalsakura13) of 360 Vulnerability Research Institute on 2022-07-20
• [1338553] High CVE-2022-3042: Use after free in PhoneHub. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-06-22
• [1336979] High CVE-2022-3043: Heap buffer overflow in Screen Capture. Reported by @ginggilBesel on 2022-06-16
• [1051198] High CVE-2022-3044: Inappropriate implementation in Site Isolation. Reported by Lucas Pinheiro, Microsoft Browser Vulnerability Research on 2020-02-12
• [1339648] High CVE-2022-3045: Insufficient validation of untrusted input in V8. Reported by Ben Noordhuis on 2022-06-26
• [1346245] High CVE-2022-3046: Use after free in Browser Tag. Reported by Rong Jian of VRI on 2022-07-21
• [1342586] Medium CVE-2022-3047: Insufficient policy enforcement in Extensions API. Reported by Maurice Dauer on 2022-07-07
• [1303308] Medium CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen. Reported by Andr.Ess on 2022-03-06
• [1316892] Medium CVE-2022-3049: Use after free in SplitScreen. Reported by @ginggilBesel on 2022-04-17
• [1337132] Medium CVE-2022-3050: Heap buffer overflow in WebUI. Reported by Zhihua Yao of KunLun Lab on 2022-06-17
• [1345245] Medium CVE-2022-3051: Heap buffer overflow in Exosphere. Reported by @ginggilBesel on 2022-07-18
• [1346154] Medium CVE-2022-3052: Heap buffer overflow in Window Manager. Reported by Khalil Zhani on 2022-07-21
• [1267867] Medium CVE-2022-3053: Inappropriate implementation in Pointer Lock. Reported by Jesper van den Ende (Pelican Party Studios) on 2021-11-08
• [1290236] Medium CVE-2022-3054: Insufficient policy enforcement in DevTools. Reported by Kuilin Li on 2022-01-24
• [1351969] Medium CVE-2022-3055: Use after free in Passwords. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2022-08-11
• [1329460] Low CVE-2022-3056: Insufficient policy enforcement in Content Security Policy. Reported by Anonymous on 2022-05-26
• [1336904] Low CVE-2022-3057: Inappropriate implementation in iframe Sandbox. Reported by Gareth Heyes on 2022-06-16
• [1337676] Low CVE-2022-3058: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-06-20

< 105.0.5195.52

Chrome Releases reports:

This release contains 1 security fix:

• [1358134] High CVE-2022-3075: Insufficient data validation in Mojo. Reported by Anonymous on 2022-08-30

Google is aware that an exploit of CVE-2022-3075 exists in the wild.

< 105.0.5195.102

Chrome Releases reports:

This release contains 37 security fixes, including:

• [1025683] High CVE-2021-21201: Use after free in permissions. Reported by Gengming Liu, Jianyu Chen at Tencent Keen Security Lab on 2019-11-18
• [1188889] High CVE-2021-21202: Use after free in extensions. Reported by David Erceg on 2021-03-16
• [1192054] High CVE-2021-21203: Use after free in Blink. Reported by asnine on 2021-03-24
• [1189926] High CVE-2021-21204: Use after free in Blink. Reported by Chelse Tsai-Simek, Jeanette Ulloa, and Emily Voigtlander of Seesaw on 2021-03-19
• [1165654] High CVE-2021-21205: Insufficient policy enforcement in navigation. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2021-01-12
• [1195333] High CVE-2021-21221: Insufficient validation of untrusted input in Mojo. Reported by Guang Gong of Alpha Lab, Qihoo 360 on 2021-04-02
• [1185732] Medium CVE-2021-21207: Use after free in IndexedDB. Reported by koocola (@alo_cook) and Nan Wang (@eternalsakura13) of 360 Alpha Lab on 2021-03-08
• [1039539] Medium CVE-2021-21208: Insufficient data validation in QR scanner. Reported by Ahmed Elsobky (@0xsobky) on 2020-01-07
• [1143526] Medium CVE-2021-21209: Inappropriate implementation in storage. Reported by Tom Van Goethem (@tomvangoethem) on 2020-10-29
• [1184562] Medium CVE-2021-21210: Inappropriate implementation in Network. Reported by @bananabr on 2021-03-04
• [1103119] Medium CVE-2021-21211: Inappropriate implementation in Navigation. Reported by Akash Labade (m0ns7er) on 2020-07-08
• [1145024] Medium CVE-2021-21212: Incorrect security UI in Network Config UI. Reported by Hugo Hue and Sze Yiu Chau of the Chinese University of Hong Kong on 2020-11-03
• [1161806] Medium CVE-2021-21213: Use after free in WebMIDI. Reported by raven (@raid_akame) on 2020-12-25
• [1170148] Medium CVE-2021-21214: Use after free in Network API. Reported by Anonymous on 2021-01-24
• [1172533] Medium CVE-2021-21215: Inappropriate implementation in Autofill. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-01-30
• [1173297] Medium CVE-2021-21216: Inappropriate implementation in Autofill. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-02-02
• [1166462] Low CVE-2021-21217: Uninitialized Use in PDFium. Reported by Zhou Aiting (@zhouat1) of Qihoo 360 Vulcan Team on 2021-01-14
• [1166478] Low CVE-2021-21218: Uninitialized Use in PDFium. Reported by Zhou Aiting (@zhouat1) of Qihoo 360 Vulcan Team on 2021-01-14
• [1166972] Low CVE-2021-21219: Uninitialized Use in PDFium. Reported by Zhou Aiting (@zhouat1) of Qihoo 360 Vulcan Team on 2021-01-15

< 90.0.4430.72

Chrome Releases reports:

This release includes 5 security fixes:

• [1125337] High CVE-2020-16000: Inappropriate implementation in Blink. Reported by amaebi_jp on 2020-09-06
• [1135018] High CVE-2020-16001: Use after free in media. Reported by Khalil Zhani on 2020-10-05
• [1137630] High CVE-2020-16002: Use after free in PDFium. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2020-10-13
• [1139963] High CVE-2020-15999: Heap buffer overflow in Freetype. Reported by Sergei Glazunov of Google Project Zero on 2020-10-19
• [1134960] Medium CVE-2020-16003: Use after free in printing. Reported by Khalil Zhani on 2020-10-04

< 86.0.4240.111

Google Chrome releases reports:

5 security fixes in this release, including:

• [725032] High CVE-2017-5087: Sandbox Escape in IndexedDB. Reported by Ned Williamson on 2017-05-22
• [729991] High CVE-2017-5088: Out of bounds read in V8. Reported by Xiling Gong of Tencent Security Platform Department on 2017-06-06
• [714196] Medium CVE-2017-5089: Domain spoofing in Omnibox. Reported by Michal Bentkowski on 2017-04-21
• [732498] Various fixes from internal audits, fuzzing and other initiatives

< 59.0.3071.104

Google Chrome Releases reports:

[560011] High CVE-2016-1630: Same-origin bypass in Blink.

[569496] High CVE-2016-1631: Same-origin bypass in Pepper Plugin.

[549986] High CVE-2016-1632: Bad cast in Extensions.

[572537] High CVE-2016-1633: Use-after-free in Blink.

[559292] High CVE-2016-1634: Use-after-free in Blink.

[585268] High CVE-2016-1635: Use-after-free in Blink.

[584155] High CVE-2016-1636: SRI Validation Bypass.

[555544] Medium CVE-2016-1637: Information Leak in Skia.

[585282] Medium CVE-2016-1638: WebAPI Bypass.

[572224] Medium CVE-2016-1639: Use-after-free in WebRTC.

[550047] Medium CVE-2016-1640: Origin confusion in Extensions UI.

[583718] Medium CVE-2016-1641: Use-after-free in Favicon.

[591402] CVE-2016-1642: Various fixes from internal audits, fuzzing and other initiatives.

Multiple vulnerabilities in V8 fixed.

< 49.0.2623.75

Google Chrome Releases reports:

2 security fixes in this release, including:

• [777728] Critical CVE-2017-15398: Stack buffer overflow in QUIC. Reported by Ned Williamson on 2017-10-24
• [776677] High CVE-2017-15399: Use after free in V8. Reported by Zhao Qixun of Qihoo 360 Vulcan Team on 2017-10-20

< 62.0.3202.89

Google Chrome Releases reports:

14 security fixes in this release, including:

• [330420] High CVE-2013-6649: Use-after-free in SVG images. Credit to Atte Kettunen of OUSPG.
• [331444] High CVE-2013-6650: Memory corruption in V8. This issue was fixed in v8 version 3.22.24.16. Credit to Christian Holler.

< 32.0.1700.102

Chrome Releases reports:

This release contains 5 security fixes, including:

• [1263457] Critical CVE-2021-4098: Insufficient data validation in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-10-26
• [1270658] High CVE-2021-4099: Use after free in Swiftshader. Reported by Aki Helin of Solita on 2021-11-16
• [1272068] High CVE-2021-4100: Object lifecycle issue in ANGLE. Reported by Aki Helin of Solita on 2021-11-19
• [1262080] High CVE-2021-4101: Heap buffer overflow in Swiftshader. Reported by Abraruddin Khan and Omair on 2021-10-21
• [1278387] High CVE-2021-4102: Use after free in V8. Reported by Anonymous on 2021-12-09

< 96.0.4664.110

Google Chrome Releases reports:

50 security fixes in this release, including:

• [386988] Critical CVE-2014-3176, CVE-2014-3177: A special reward to lokihardt@asrt for a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox.
• [369860] High CVE-2014-3168: Use-after-free in SVG. Credit to cloudfuzzer.
• [387389] High CVE-2014-3169: Use-after-free in DOM. Credit to Andrzej Dyjak.
• [390624] High CVE-2014-3170: Extension permission dialog spoofing. Credit to Rob Wu.
• [390928] High CVE-2014-3171: Use-after-free in bindings. Credit to cloudfuzzer.
• [367567] Medium CVE-2014-3172: Issue related to extension debugging. Credit to Eli Grey.
• [376951] Medium CVE-2014-3173: Uninitialized memory read in WebGL. Credit to jmuizelaar.
• [389219] Medium CVE-2014-3174: Uninitialized memory read in Web Audio. Credit to Atte Kettunen from OUSPG.
• [406143] CVE-2014-3175: Various fixes from internal audits, fuzzing and other initiatives (Chrome 37).

< 37.0.2062.94

Chrome Releases reports:

This release includes one security fix:

• [1311641] High CVE-2022-1232: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2022-03-30

< 100.0.4896.75

Google Chrome Releases reports:

[73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event. Credit to Daniel Cheng of the Chromium development community.

[92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to Collin Payne.

[93106] High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit to David Grogan of the Chromium development community.

[103630] Low CVE-2011-3956: Incorrect handling of sandboxed origins inside extensions. Credit to Devdatta Akhawe, UC Berkeley.

[104056] High CVE-2011-3957: Use-after-free in PDF garbage collection. Credit to Aki Helin of OUSPG.

[105459] High CVE-2011-3958: Bad casts with column spans. Credit to miaubiz.

[106441] High CVE-2011-3959: Buffer overflow in locale handling. Credit to Aki Helin of OUSPG.

[108416] Medium CVE-2011-3960: Out-of-bounds read in audio decoding. Credit to Aki Helin of OUSPG.

[108871] Critical CVE-2011-3961: Race condition after crash of utility process. Credit to Shawn Goertzen.

[108901] Medium CVE-2011-3962: Out-of-bounds read in path clipping. Credit to Aki Helin of OUSPG.

[109094] Medium CVE-2011-3963: Out-of-bounds read in PDF fax image handling. Credit to Atte Kettunen of OUSPG.

[109245] Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to Code Audit Labs of VulnHunt.com.

[109664] Low CVE-2011-3965: Crash in signature check. Credit to Slawomir Blazek.

[109716] High CVE-2011-3966: Use-after-free in stylesheet error handling. Credit to Aki Helin of OUSPG.

[109717] Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben Carrillo.

[109743] High CVE-2011-3968: Use-after-free in CSS handling. Credit to Arthur Gerkis.

[110112] High CVE-2011-3969: Use-after-free in SVG layout. Credit to Arthur Gerkis.

[110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to Aki Helin of OUSPG.

[110374] High CVE-2011-3971: Use-after-free with mousemove events. Credit to Arthur Gerkis.

[110559] Medium CVE-2011-3972: Out-of-bounds read in shader translator. Credit to Google Chrome Security Team (Inferno).

< 17.0.963.46

Google Chrome Releases reports:

[118633] Low CVE-2012-2815: Leak of iframe fragment id. Credit to Elie Bursztein of Google.

[120222] High CVE-2012-2817: Use-after-free in table section handling. Credit to miaubiz.

[120944] High CVE-2012-2818: Use-after-free in counter layout. Credit to miaubiz.

[120977] High CVE-2012-2819: Crash in texture handling. Credit to Ken "gets" Russell of the Chromium development community.

[121926] Medium CVE-2012-2820: Out-of-bounds read in SVG filter handling. Credit to Atte Kettunen of OUSPG.

[122925] Medium CVE-2012-2821: Autofill display problem. Credit to "simonbrown60".

[various] Medium CVE-2012-2822: Misc. lower severity OOB read issues in PDF. Credit to awesome ASAN and various Googlers (Kostya Serebryany, Evgeniy Stepanov, Mateusz Jurczyk, Gynvael Coldwind).

[124356] High CVE-2012-2823: Use-after-free in SVG resource handling. Credit to miaubiz.

[125374] High CVE-2012-2824: Use-after-free in SVG painting. Credit to miaubiz.

[128688] Medium CVE-2012-2826: Out-of-bounds read in texture conversion. Credit to Google Chrome Security Team (Inferno).

[Mac only] [129826] Low CVE-2012-2827: Use-after-free in Mac UI. Credit to the Chromium development community (Dharani Govindan).

[129857] High CVE-2012-2828: Integer overflows in PDF. Credit to Mateusz Jurczyk of Google Security Team and Google Chrome Security Team (Chris Evans).

[129947] High CVE-2012-2829: Use-after-free in first-letter handling. Credit to miaubiz.

[129951] High CVE-2012-2830: Wild pointer in array value setting. Credit to miaubiz.

[130356] High CVE-2012-2831: Use-after-free in SVG reference handling. Credit to miaubiz.

[131553] High CVE-2012-2832: Uninitialized pointer in PDF image codec. Credit to Mateusz Jurczyk of Google Security Team.

[132156] High CVE-2012-2833: Buffer overflow in PDF JS API. Credit to Mateusz Jurczyk of Google Security Team.

[132779] High CVE-2012-2834: Integer overflow in Matroska container. Credit to Juri Aedla.

< 20.0.1132.43