Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS12djZqLXd3NngtNTRneM0uJA
Use after free in Animation
CVE-2022-0609: Use after free in Animation
- https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0609
Google is aware of reports that exploits for CVE-2022-0609 exist in the wild.
The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available.
There is currently little other public information on the issue other than it has been flagged as High severity.
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS12djZqLXd3NngtNTRneM0uJA
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: almost 3 years ago
Updated: almost 2 years ago
CVSS Score: 8.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Percentage: 0.02672
EPSS Percentile: 0.90125
Identifiers: GHSA-vv6j-ww6x-54gx, CVE-2022-0609
References:
- https://github.com/cefsharp/CefSharp/security/advisories/GHSA-vv6j-ww6x-54gx
- https://nvd.nist.gov/vuln/detail/CVE-2022-0609
- https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html
- https://crbug.com/1296150
- https://github.com/advisories/GHSA-vv6j-ww6x-54gx
Blast Radius: 1.0
Affected Packages
nuget:CefSharp.Wpf.NETCore
Dependent packages: 9Dependent repositories: 0
Downloads: 589,938 total
Affected Version Ranges: <= 98.1.190
Fixed in: 98.1.210
All affected versions: 87.1.132, 88.2.90, 89.0.170, 90.6.50, 90.6.70, 91.1.160, 91.1.210, 91.1.211, 91.1.230, 92.0.251, 92.0.260, 93.1.111, 93.1.140, 94.4.20, 94.4.50, 94.4.110, 95.7.141, 96.0.141, 96.0.142, 96.0.170, 96.0.180, 97.1.11, 97.1.12, 97.1.60, 97.1.61, 98.1.190
All unaffected versions: 98.1.210, 99.2.90, 99.2.120, 99.2.140, 100.0.140, 100.0.230, 101.0.150, 101.0.180, 102.0.90, 102.0.100, 103.0.80, 103.0.90, 103.0.120, 104.4.180, 104.4.240, 105.3.330, 105.3.390, 106.0.260, 106.0.290, 107.1.40, 107.1.50, 107.1.90, 107.1.120, 108.4.130, 109.1.110, 110.0.250, 110.0.280, 110.0.300, 111.2.20, 111.2.70, 112.2.70, 112.3.0, 113.1.40, 113.3.50, 114.2.100, 114.2.120, 115.3.110, 115.3.130, 116.0.130, 116.0.150, 116.0.190, 116.0.230, 117.2.20, 117.2.40, 118.6.80, 119.1.20, 119.4.30, 120.1.80, 120.1.110, 120.2.50, 120.2.70, 121.3.70, 121.3.130, 122.1.120, 123.0.60, 124.3.20, 124.3.50, 124.3.80, 125.0.210, 126.2.70, 126.2.180, 127.3.50, 128.4.90, 129.0.110, 130.1.90, 131.2.70, 131.3.10, 131.3.50
nuget:CefSharp.WinForms.NETCore
Dependent packages: 12Dependent repositories: 0
Downloads: 279,100 total
Affected Version Ranges: <= 98.1.190
Fixed in: 98.1.210
All affected versions: 87.1.132, 88.2.90, 89.0.170, 90.6.50, 90.6.70, 91.1.160, 91.1.210, 91.1.211, 91.1.230, 92.0.251, 92.0.260, 93.1.111, 93.1.140, 94.4.20, 94.4.50, 94.4.110, 95.7.141, 96.0.141, 96.0.142, 96.0.170, 96.0.180, 97.1.11, 97.1.12, 97.1.60, 97.1.61, 98.1.190
All unaffected versions: 98.1.210, 99.2.90, 99.2.120, 99.2.140, 100.0.140, 100.0.230, 101.0.150, 101.0.180, 102.0.90, 102.0.100, 103.0.80, 103.0.90, 103.0.120, 104.4.180, 104.4.240, 105.3.330, 105.3.390, 106.0.260, 106.0.290, 107.1.40, 107.1.50, 107.1.90, 107.1.120, 108.4.130, 109.1.110, 110.0.250, 110.0.280, 110.0.300, 111.2.20, 111.2.70, 112.2.70, 112.3.0, 113.1.40, 113.3.50, 114.2.100, 114.2.120, 115.3.110, 115.3.130, 116.0.130, 116.0.150, 116.0.190, 116.0.230, 117.2.20, 117.2.40, 118.6.80, 119.1.20, 119.4.30, 120.1.80, 120.1.110, 120.2.50, 120.2.70, 121.3.70, 121.3.130, 122.1.120, 123.0.60, 124.3.20, 124.3.50, 124.3.80, 125.0.210, 126.2.70, 126.2.180, 127.3.50, 128.4.90, 129.0.110, 130.1.90, 131.2.70, 131.3.10, 131.3.50
nuget:CefSharp.OffScreen.NETCore
Dependent packages: 1Dependent repositories: 0
Downloads: 398,409 total
Affected Version Ranges: <= 98.1.190
Fixed in: 98.1.210
All affected versions: 87.1.132, 88.2.90, 89.0.170, 90.6.50, 90.6.70, 91.1.160, 91.1.210, 91.1.211, 91.1.230, 92.0.251, 92.0.260, 93.1.111, 93.1.140, 94.4.20, 94.4.50, 94.4.110, 95.7.141, 96.0.141, 96.0.142, 96.0.170, 96.0.180, 97.1.11, 97.1.12, 97.1.60, 97.1.61, 98.1.190
All unaffected versions: 98.1.210, 99.2.90, 99.2.120, 99.2.140, 100.0.140, 100.0.230, 101.0.150, 101.0.180, 102.0.90, 102.0.100, 103.0.80, 103.0.90, 103.0.120, 104.4.180, 104.4.240, 105.3.330, 105.3.390, 106.0.260, 106.0.290, 107.1.40, 107.1.50, 107.1.90, 107.1.120, 108.4.130, 109.1.110, 110.0.250, 110.0.280, 110.0.300, 111.2.20, 111.2.70, 112.2.70, 112.3.0, 113.1.40, 113.3.50, 114.2.100, 114.2.120, 115.3.110, 115.3.130, 116.0.130, 116.0.150, 116.0.190, 116.0.230, 117.2.20, 117.2.40, 118.6.80, 119.1.20, 119.4.30, 120.1.80, 120.1.110, 120.2.50, 120.2.70, 121.3.70, 121.3.130, 122.1.120, 123.0.60, 124.3.20, 124.3.50, 124.3.80, 125.0.210, 126.2.70, 126.2.180, 127.3.50, 128.4.90, 129.0.110, 130.1.90, 131.2.70, 131.3.10, 131.3.50
nuget:CefSharp.Common.NETCore
Dependent packages: 18Dependent repositories: 0
Downloads: 1,236,485 total
Affected Version Ranges: <= 98.1.190
Fixed in: 98.1.210
All affected versions: 87.1.132, 88.2.90, 89.0.170, 90.6.50, 90.6.70, 91.1.160, 91.1.210, 91.1.211, 91.1.230, 92.0.251, 92.0.260, 93.1.111, 93.1.140, 94.4.20, 94.4.50, 94.4.110, 95.7.141, 96.0.141, 96.0.142, 96.0.170, 96.0.180, 97.1.11, 97.1.12, 97.1.60, 97.1.61, 98.1.190
All unaffected versions: 98.1.210, 99.2.90, 99.2.120, 99.2.140, 100.0.140, 100.0.230, 101.0.150, 101.0.180, 102.0.90, 102.0.100, 103.0.80, 103.0.90, 103.0.120, 104.4.180, 104.4.240, 105.3.330, 105.3.390, 106.0.260, 106.0.290, 107.1.40, 107.1.50, 107.1.90, 107.1.120, 108.4.130, 109.1.110, 110.0.250, 110.0.280, 110.0.300, 111.2.20, 111.2.70, 112.2.70, 112.3.0, 113.1.40, 113.3.50, 114.2.100, 114.2.120, 115.3.110, 115.3.130, 116.0.130, 116.0.150, 116.0.190, 116.0.230, 117.2.20, 117.2.40, 118.6.80, 119.1.20, 119.4.30, 120.1.80, 120.1.110, 120.2.50, 120.2.70, 121.3.70, 121.3.130, 122.1.120, 123.0.60, 124.3.20, 124.3.50, 124.3.80, 125.0.210, 126.2.70, 126.2.180, 127.3.50, 128.4.90, 129.0.110, 130.1.90, 131.2.70, 131.3.10, 131.3.50
nuget:CefSharp.Wpf.HwndHost
Dependent packages: 0Dependent repositories: 0
Downloads: 84,659 total
Affected Version Ranges: <= 98.1.190
Fixed in: 98.1.210
All affected versions: 84.4.10, 85.3.121, 85.3.130, 86.0.241, 88.2.90, 89.0.170, 90.6.50, 90.6.70, 91.1.160, 91.1.210, 91.1.211, 91.1.230, 92.0.260, 93.1.140, 94.4.50, 94.4.110, 95.7.141, 96.0.170, 96.0.180, 97.1.11, 97.1.61
All unaffected versions: 98.1.210, 99.2.90, 99.2.120, 99.2.140, 100.0.140, 101.0.150, 101.0.180, 102.0.90, 103.0.90, 103.0.120, 104.4.180, 104.4.240, 105.3.330, 105.3.390, 106.0.260, 106.0.290, 107.1.40, 107.1.90, 107.1.120, 108.4.130, 109.1.110, 110.0.250, 110.0.280, 110.0.300, 111.2.20, 111.2.70, 112.2.70, 112.3.0, 113.1.40, 113.3.50, 114.2.100, 114.2.120, 115.3.110, 115.3.130, 116.0.150, 116.0.230, 117.2.20, 118.6.80, 119.1.20, 120.1.80, 120.1.110, 120.2.50, 120.2.70, 121.3.70, 123.0.60, 124.3.20, 124.3.50, 124.3.80, 125.0.210, 126.2.70, 127.3.50, 128.4.90, 129.0.110, 130.1.90, 131.2.70, 131.3.50
nuget:CefSharp.Wpf
Dependent packages: 17Dependent repositories: 0
Downloads: 3,853,332 total
Affected Version Ranges: <= 98.1.190
Fixed in: 98.1.210
All affected versions: 1.25.3, 1.25.4, 1.25.5, 1.25.6, 1.25.7, 1.25.8, 33.0.0, 33.0.2, 37.0.0, 37.0.1, 37.0.3, 39.0.0, 39.0.1, 39.0.2, 41.0.0, 41.0.1, 43.0.0, 43.0.1, 45.0.0, 47.0.0, 47.0.1, 47.0.2, 47.0.3, 47.0.4, 49.0.0, 49.0.1, 51.0.0, 53.0.0, 53.0.1, 55.0.0, 57.0.0, 63.0.0, 63.0.1, 63.0.2, 63.0.3, 65.0.0, 65.0.1, 67.0.0, 69.0.0, 71.0.0, 71.0.1, 71.0.2, 73.1.130, 75.1.141, 75.1.142, 75.1.143, 79.1.350, 79.1.360, 81.3.100, 83.4.20, 84.4.10, 85.3.121, 85.3.130, 86.0.241, 87.1.132, 88.2.90, 89.0.170, 90.6.50, 90.6.70, 91.1.160, 91.1.210, 91.1.211, 91.1.230, 92.0.251, 92.0.260, 93.1.111, 93.1.140, 94.4.20, 94.4.50, 94.4.110, 95.7.141, 96.0.141, 96.0.142, 96.0.170, 96.0.180, 97.1.11, 97.1.12, 97.1.60, 97.1.61, 98.1.190
All unaffected versions: 98.1.210, 99.2.90, 99.2.120, 99.2.140, 100.0.140, 100.0.230, 101.0.150, 101.0.180, 102.0.90, 102.0.100, 103.0.80, 103.0.90, 103.0.120, 104.4.180, 104.4.240, 105.3.330, 105.3.390, 106.0.260, 106.0.290, 107.1.40, 107.1.50, 107.1.90, 107.1.120, 108.4.130, 109.1.110, 110.0.250, 110.0.280, 110.0.300, 111.2.20, 111.2.70, 112.2.70, 112.3.0, 113.1.40, 113.3.50, 114.2.100, 114.2.120, 115.3.110, 115.3.130, 116.0.130, 116.0.150, 116.0.190, 116.0.230, 117.2.20, 117.2.40, 118.6.80, 119.1.20, 119.4.30, 120.1.80, 120.1.110, 120.2.50, 120.2.70, 121.3.70, 121.3.130, 122.1.120, 123.0.60, 124.3.20, 124.3.50, 124.3.80, 125.0.210, 126.2.70, 126.2.180, 127.3.50, 128.4.90, 129.0.110, 130.1.90, 131.2.70, 131.3.10, 131.3.50
nuget:CefSharp.WinForms
Dependent packages: 15Dependent repositories: 0
Downloads: 3,697,082 total
Affected Version Ranges: <= 98.1.190
Fixed in: 98.1.210
All affected versions: 1.25.3, 33.0.0, 33.0.2, 37.0.0, 37.0.1, 37.0.3, 39.0.0, 39.0.1, 39.0.2, 41.0.0, 41.0.1, 43.0.0, 43.0.1, 45.0.0, 47.0.0, 47.0.1, 47.0.2, 47.0.3, 47.0.4, 49.0.0, 49.0.1, 51.0.0, 53.0.0, 53.0.1, 55.0.0, 57.0.0, 63.0.0, 63.0.1, 63.0.2, 63.0.3, 65.0.0, 65.0.1, 67.0.0, 69.0.0, 71.0.0, 71.0.1, 71.0.2, 73.1.130, 75.1.141, 75.1.142, 75.1.143, 79.1.350, 79.1.360, 81.3.100, 83.4.20, 84.4.10, 85.3.121, 85.3.130, 86.0.241, 87.1.132, 88.2.90, 89.0.170, 90.6.50, 90.6.70, 91.1.160, 91.1.210, 91.1.211, 91.1.230, 92.0.251, 92.0.260, 93.1.111, 93.1.140, 94.4.20, 94.4.50, 94.4.110, 95.7.141, 96.0.141, 96.0.142, 96.0.170, 96.0.180, 97.1.11, 97.1.12, 97.1.60, 97.1.61, 98.1.190
All unaffected versions: 98.1.210, 99.2.90, 99.2.120, 99.2.140, 100.0.140, 100.0.230, 101.0.150, 101.0.180, 102.0.90, 102.0.100, 103.0.80, 103.0.90, 103.0.120, 104.4.180, 104.4.240, 105.3.330, 105.3.390, 106.0.260, 106.0.290, 107.1.40, 107.1.50, 107.1.90, 107.1.120, 108.4.130, 109.1.110, 110.0.250, 110.0.280, 110.0.300, 111.2.20, 111.2.70, 112.2.70, 112.3.0, 113.1.40, 113.3.50, 114.2.100, 114.2.120, 115.3.110, 115.3.130, 116.0.130, 116.0.150, 116.0.190, 116.0.230, 117.2.20, 117.2.40, 118.6.80, 119.1.20, 119.4.30, 120.1.80, 120.1.110, 120.2.50, 120.2.70, 121.3.70, 121.3.130, 122.1.120, 123.0.60, 124.3.20, 124.3.50, 124.3.80, 125.0.210, 126.2.70, 126.2.180, 127.3.50, 128.4.90, 129.0.110, 130.1.90, 131.2.70, 131.3.10, 131.3.50
nuget:CefSharp.OffScreen
Dependent packages: 7Dependent repositories: 0
Downloads: 1,213,192 total
Affected Version Ranges: <= 98.1.190
Fixed in: 98.1.210
All affected versions: 37.0.0, 37.0.1, 39.0.0, 39.0.1, 39.0.2, 41.0.0, 41.0.1, 43.0.0, 43.0.1, 45.0.0, 47.0.0, 47.0.1, 47.0.2, 47.0.3, 47.0.4, 49.0.0, 49.0.1, 51.0.0, 53.0.0, 53.0.1, 55.0.0, 57.0.0, 63.0.0, 63.0.1, 63.0.2, 63.0.3, 65.0.0, 65.0.1, 67.0.0, 69.0.0, 71.0.0, 71.0.1, 71.0.2, 73.1.130, 75.1.141, 75.1.142, 75.1.143, 79.1.350, 79.1.360, 81.3.100, 83.4.20, 84.4.10, 85.3.121, 85.3.130, 86.0.241, 87.1.132, 88.2.90, 89.0.170, 90.6.50, 90.6.70, 91.1.160, 91.1.210, 91.1.211, 91.1.230, 92.0.251, 92.0.260, 93.1.111, 93.1.140, 94.4.20, 94.4.50, 94.4.110, 95.7.141, 96.0.141, 96.0.142, 96.0.170, 96.0.180, 97.1.11, 97.1.12, 97.1.60, 97.1.61, 98.1.190
All unaffected versions: 98.1.210, 99.2.90, 99.2.120, 99.2.140, 100.0.140, 100.0.230, 101.0.150, 101.0.180, 102.0.90, 102.0.100, 103.0.80, 103.0.90, 103.0.120, 104.4.180, 104.4.240, 105.3.330, 105.3.390, 106.0.260, 106.0.290, 107.1.40, 107.1.50, 107.1.90, 107.1.120, 108.4.130, 109.1.110, 110.0.250, 110.0.280, 110.0.300, 111.2.20, 111.2.70, 112.2.70, 112.3.0, 113.1.40, 113.3.50, 114.2.100, 114.2.120, 115.3.110, 115.3.130, 116.0.130, 116.0.150, 116.0.190, 116.0.230, 117.2.20, 117.2.40, 118.6.80, 119.1.20, 119.4.30, 120.1.80, 120.1.110, 120.2.50, 120.2.70, 121.3.70, 121.3.130, 122.1.120, 123.0.60, 124.3.20, 124.3.50, 124.3.80, 125.0.210, 126.2.70, 126.2.180, 127.3.50, 128.4.90, 129.0.110, 130.1.90, 131.2.70, 131.3.10, 131.3.50
nuget:CefSharp.Common
Dependent packages: 27Dependent repositories: 0
Downloads: 8,119,433 total
Affected Version Ranges: <= 98.1.190
Fixed in: 98.1.210
All affected versions: 33.0.0, 33.0.2, 37.0.0, 37.0.1, 37.0.2, 37.0.3, 39.0.0, 39.0.1, 39.0.2, 41.0.0, 41.0.1, 43.0.0, 43.0.1, 45.0.0, 47.0.0, 47.0.1, 47.0.2, 47.0.3, 47.0.4, 49.0.0, 49.0.1, 51.0.0, 53.0.0, 53.0.1, 55.0.0, 57.0.0, 63.0.0, 63.0.1, 63.0.2, 63.0.3, 65.0.0, 65.0.1, 67.0.0, 69.0.0, 71.0.0, 71.0.1, 71.0.2, 73.1.130, 75.1.141, 75.1.142, 75.1.143, 79.1.350, 79.1.360, 81.3.100, 83.4.20, 84.4.10, 85.3.121, 85.3.130, 86.0.241, 87.1.132, 88.2.90, 89.0.170, 90.6.50, 90.6.70, 91.1.160, 91.1.210, 91.1.211, 91.1.230, 92.0.251, 92.0.260, 93.1.111, 93.1.140, 94.4.20, 94.4.50, 94.4.110, 95.7.141, 96.0.141, 96.0.142, 96.0.170, 96.0.180, 97.1.11, 97.1.12, 97.1.60, 97.1.61, 98.1.190
All unaffected versions: 98.1.210, 99.2.90, 99.2.120, 99.2.140, 100.0.140, 100.0.230, 101.0.150, 101.0.180, 102.0.90, 102.0.100, 103.0.80, 103.0.90, 103.0.120, 104.4.180, 104.4.240, 105.3.330, 105.3.390, 106.0.260, 106.0.290, 107.1.40, 107.1.50, 107.1.90, 107.1.120, 108.4.130, 109.1.110, 110.0.250, 110.0.280, 110.0.300, 111.2.20, 111.2.70, 112.2.70, 112.3.0, 113.1.40, 113.3.50, 114.2.100, 114.2.120, 115.3.110, 115.3.130, 116.0.130, 116.0.150, 116.0.190, 116.0.230, 117.2.20, 117.2.40, 118.6.80, 119.1.20, 119.4.30, 120.1.80, 120.1.110, 120.2.50, 120.2.70, 121.3.70, 121.3.130, 122.1.120, 123.0.60, 124.3.20, 124.3.50, 124.3.80, 125.0.210, 126.2.70, 126.2.180, 127.3.50, 128.4.90, 129.0.110, 130.1.90, 131.2.70, 131.3.10, 131.3.50