Good question. There is a list of recent CVE's here
https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html.
What does "Insufficient policy enforcement in Extensions API." mean?
On Sun, Mar 12, 2023 at 4:27 AM Guy Korland wrote:
> Why does it say in the title of the
Why does it say in the title of the CVE "*via a crafted HTML page**." **?*
On Sunday, 12 March 2023 at 12:56:30 UTC+2 Ben Noordhuis wrote:
> On Sun, Mar 12, 2023 at 9:44 AM Meir Shpilraien wrote:
> >
> > Hello v8-dev,
> >
> > I saw some CVE descriptions which look like this:
> >
> > Type
On Sun, Mar 12, 2023 at 9:44 AM Meir Shpilraien wrote:
>
> Hello v8-dev,
>
> I saw some CVE descriptions which look like this:
>
> Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote
> attacker to potentially exploit heap corruption via a crafted HTML page.
> (Chromium
Hello v8-dev,
I saw some CVE descriptions which look like this:
*Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a
remote attacker to potentially exploit heap corruption via a crafted HTML
page. (Chromium security severity: High)*
I tried to find more specific information