The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5223 advisory.

  - Use after free in Network Service. (CVE-2022-3038)

  - Use after free in WebSQL. (CVE-2022-3039, CVE-2022-3041)

  - Use after free in Layout. (CVE-2022-3040)

  - Use after free in PhoneHub. (CVE-2022-3042)

  - Heap buffer overflow in Screen Capture. (CVE-2022-3043)

  - Inappropriate implementation in Site Isolation. (CVE-2022-3044)

  - Insufficient validation of untrusted input in V8. (CVE-2022-3045)

  - Use after free in Browser Tag. (CVE-2022-3046)

  - Insufficient policy enforcement in Extensions API. (CVE-2022-3047)

  - Inappropriate implementation in Chrome OS lockscreen. (CVE-2022-3048)

  - Use after free in SplitScreen. (CVE-2022-3049)

  - Heap buffer overflow in WebUI. (CVE-2022-3050)

  - Heap buffer overflow in Exosphere. (CVE-2022-3051)

  - Heap buffer overflow in Window Manager. (CVE-2022-3052)

  - Inappropriate implementation in Pointer Lock. (CVE-2022-3053)

  - Insufficient policy enforcement in DevTools. (CVE-2022-3054)

  - Use after free in Passwords. (CVE-2022-3055)

  - Insufficient policy enforcement in Content Security Policy. (CVE-2022-3056)

  - Inappropriate implementation in iframe Sandbox. (CVE-2022-3057)

  - Use after free in Sign-In Flow. (CVE-2022-3058)

  - Use after free in Tab Strip. (CVE-2022-3071)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Debian DSA-5223-1 : chromium - security update

high Nessus Plugin ID 164648

Version 1.6