Security update for opera SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2023:0115-1 Final 1 1 2023-05-27T12:01:50Z current 2023-05-27T12:01:50Z 2023-05-27T12:01:50Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for opera This update for opera fixes the following issues: - Update to 99.0.4788.13 * CHR-9290 Update Chromium on desktop-stable-113-4788 to 113.0.5672.127 * DNA-107317 __delayLoadHelper2 crash in crashreporter - The update to chromium 113.0.5672.127 fixes following issues: CVE-2023-2721, CVE-2023-2722, CVE-2023-2723, CVE-2023-2724, CVE-2023-2725, CVE-2023-2726 - Update to 99.0.4788.9 * CHR-9283 Update Chromium on desktop-stable-113-4788 to 113.0.5672.93 * DNA-107638 Translations for O99 * DNA-107678 Crash Report [@ BrowserContextKeyedServiceFactory:: BrowserContextKeyedServiceFactory(char const*, BrowserContextDependencyManager*) ] * DNA-107795 Fix wrong german translation of 'Close All Duplicate Tabs' * DNA-107800 Fonts on section#folder and AddSitePanel not readable when animated wallpaper chosen * DNA-107840 Promote O99 to stable - Update to 98.0.4759.39 * DNA-102363 ChromeFileSystemAccessPermissionContextTest. ConfirmSensitiveEntryAccess_DangerousFile fails * DNA-105534 [Add to Opera] Incorrect scroll on modal when browser window size is too small * DNA-106649 Opening new tab when pinned tab is active gives 2 active tabs * DNA-107226 Speed Dial freezes and empty space remains after Continue booking tile dragging * DNA-107435 Building archive_source_release target fails * DNA-107441 [Start page] Right mouse click on tile in continue on section opens target site in current tab * DNA-107508 Crash at permissions::PermissionRecoverySuccessRate Tracker::TrackUsage(ContentSettingsType) * DNA-107528 Handle real-time SD impression reporting * DNA-107546 Context menus broken with one workspace * DNA-107548 Paste from Context Menu doesn’t work for Search on StartPage * DNA-107560 Optimize real-time SD impression reporting The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2023-115 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ E-Mail link for openSUSE-SU-2023:0115-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2022-3196/ SUSE CVE CVE-2022-3196 page https://www.suse.com/security/cve/CVE-2022-3197/ SUSE CVE CVE-2022-3197 page https://www.suse.com/security/cve/CVE-2022-3198/ SUSE CVE CVE-2022-3198 page https://www.suse.com/security/cve/CVE-2022-3199/ SUSE CVE CVE-2022-3199 page https://www.suse.com/security/cve/CVE-2022-3200/ SUSE CVE CVE-2022-3200 page https://www.suse.com/security/cve/CVE-2022-3201/ SUSE CVE CVE-2022-3201 page https://www.suse.com/security/cve/CVE-2022-3445/ SUSE CVE CVE-2022-3445 page https://www.suse.com/security/cve/CVE-2022-3446/ SUSE CVE CVE-2022-3446 page https://www.suse.com/security/cve/CVE-2022-3447/ SUSE CVE CVE-2022-3447 page https://www.suse.com/security/cve/CVE-2022-3448/ SUSE CVE CVE-2022-3448 page https://www.suse.com/security/cve/CVE-2022-3449/ SUSE CVE CVE-2022-3449 page https://www.suse.com/security/cve/CVE-2022-3450/ SUSE CVE CVE-2022-3450 page https://www.suse.com/security/cve/CVE-2022-3723/ SUSE CVE CVE-2022-3723 page https://www.suse.com/security/cve/CVE-2022-3885/ SUSE CVE CVE-2022-3885 page https://www.suse.com/security/cve/CVE-2022-3886/ SUSE CVE CVE-2022-3886 page https://www.suse.com/security/cve/CVE-2022-3887/ SUSE CVE CVE-2022-3887 page https://www.suse.com/security/cve/CVE-2022-3888/ SUSE CVE CVE-2022-3888 page https://www.suse.com/security/cve/CVE-2022-3889/ SUSE CVE CVE-2022-3889 page https://www.suse.com/security/cve/CVE-2022-4262/ SUSE CVE CVE-2022-4262 page https://www.suse.com/security/cve/CVE-2022-4436/ SUSE CVE CVE-2022-4436 page https://www.suse.com/security/cve/CVE-2022-4437/ SUSE CVE CVE-2022-4437 page https://www.suse.com/security/cve/CVE-2022-4438/ SUSE CVE CVE-2022-4438 page https://www.suse.com/security/cve/CVE-2022-4439/ SUSE CVE CVE-2022-4439 page https://www.suse.com/security/cve/CVE-2022-4440/ SUSE CVE CVE-2022-4440 page https://www.suse.com/security/cve/CVE-2023-0471/ SUSE CVE CVE-2023-0471 page https://www.suse.com/security/cve/CVE-2023-0472/ SUSE CVE CVE-2023-0472 page https://www.suse.com/security/cve/CVE-2023-0473/ SUSE CVE CVE-2023-0473 page https://www.suse.com/security/cve/CVE-2023-0474/ SUSE CVE CVE-2023-0474 page https://www.suse.com/security/cve/CVE-2023-0696/ SUSE CVE CVE-2023-0696 page https://www.suse.com/security/cve/CVE-2023-0697/ SUSE CVE CVE-2023-0697 page https://www.suse.com/security/cve/CVE-2023-0698/ SUSE CVE CVE-2023-0698 page https://www.suse.com/security/cve/CVE-2023-0699/ SUSE CVE CVE-2023-0699 page https://www.suse.com/security/cve/CVE-2023-0700/ SUSE CVE CVE-2023-0700 page https://www.suse.com/security/cve/CVE-2023-0701/ SUSE CVE CVE-2023-0701 page https://www.suse.com/security/cve/CVE-2023-0702/ SUSE CVE CVE-2023-0702 page https://www.suse.com/security/cve/CVE-2023-0703/ SUSE CVE CVE-2023-0703 page https://www.suse.com/security/cve/CVE-2023-0704/ SUSE CVE CVE-2023-0704 page https://www.suse.com/security/cve/CVE-2023-0705/ SUSE CVE CVE-2023-0705 page https://www.suse.com/security/cve/CVE-2023-0927/ SUSE CVE CVE-2023-0927 page https://www.suse.com/security/cve/CVE-2023-0928/ SUSE CVE CVE-2023-0928 page https://www.suse.com/security/cve/CVE-2023-0929/ SUSE CVE CVE-2023-0929 page https://www.suse.com/security/cve/CVE-2023-0930/ SUSE CVE CVE-2023-0930 page https://www.suse.com/security/cve/CVE-2023-0931/ SUSE CVE CVE-2023-0931 page https://www.suse.com/security/cve/CVE-2023-0932/ SUSE CVE CVE-2023-0932 page https://www.suse.com/security/cve/CVE-2023-0933/ SUSE CVE CVE-2023-0933 page https://www.suse.com/security/cve/CVE-2023-0941/ SUSE CVE CVE-2023-0941 page https://www.suse.com/security/cve/CVE-2023-1213/ SUSE CVE CVE-2023-1213 page https://www.suse.com/security/cve/CVE-2023-1214/ SUSE CVE CVE-2023-1214 page https://www.suse.com/security/cve/CVE-2023-1215/ SUSE CVE CVE-2023-1215 page https://www.suse.com/security/cve/CVE-2023-1216/ SUSE CVE CVE-2023-1216 page https://www.suse.com/security/cve/CVE-2023-1217/ SUSE CVE CVE-2023-1217 page https://www.suse.com/security/cve/CVE-2023-1218/ SUSE CVE CVE-2023-1218 page https://www.suse.com/security/cve/CVE-2023-1219/ SUSE CVE CVE-2023-1219 page https://www.suse.com/security/cve/CVE-2023-1220/ SUSE CVE CVE-2023-1220 page https://www.suse.com/security/cve/CVE-2023-1221/ SUSE CVE CVE-2023-1221 page https://www.suse.com/security/cve/CVE-2023-1222/ SUSE CVE CVE-2023-1222 page https://www.suse.com/security/cve/CVE-2023-1223/ SUSE CVE CVE-2023-1223 page https://www.suse.com/security/cve/CVE-2023-1224/ SUSE CVE CVE-2023-1224 page https://www.suse.com/security/cve/CVE-2023-1225/ SUSE CVE CVE-2023-1225 page https://www.suse.com/security/cve/CVE-2023-1226/ SUSE CVE CVE-2023-1226 page https://www.suse.com/security/cve/CVE-2023-1227/ SUSE CVE CVE-2023-1227 page https://www.suse.com/security/cve/CVE-2023-1228/ SUSE CVE CVE-2023-1228 page https://www.suse.com/security/cve/CVE-2023-1229/ SUSE CVE CVE-2023-1229 page https://www.suse.com/security/cve/CVE-2023-1230/ SUSE CVE CVE-2023-1230 page https://www.suse.com/security/cve/CVE-2023-1231/ SUSE CVE CVE-2023-1231 page https://www.suse.com/security/cve/CVE-2023-1232/ SUSE CVE CVE-2023-1232 page https://www.suse.com/security/cve/CVE-2023-1233/ SUSE CVE CVE-2023-1233 page https://www.suse.com/security/cve/CVE-2023-1234/ SUSE CVE CVE-2023-1234 page https://www.suse.com/security/cve/CVE-2023-1235/ SUSE CVE CVE-2023-1235 page https://www.suse.com/security/cve/CVE-2023-1236/ SUSE CVE CVE-2023-1236 page https://www.suse.com/security/cve/CVE-2023-1528/ SUSE CVE CVE-2023-1528 page https://www.suse.com/security/cve/CVE-2023-1529/ SUSE CVE CVE-2023-1529 page https://www.suse.com/security/cve/CVE-2023-1530/ SUSE CVE CVE-2023-1530 page https://www.suse.com/security/cve/CVE-2023-1531/ SUSE CVE CVE-2023-1531 page https://www.suse.com/security/cve/CVE-2023-1532/ SUSE CVE CVE-2023-1532 page https://www.suse.com/security/cve/CVE-2023-1533/ SUSE CVE CVE-2023-1533 page https://www.suse.com/security/cve/CVE-2023-1534/ SUSE CVE CVE-2023-1534 page https://www.suse.com/security/cve/CVE-2023-2033/ SUSE CVE CVE-2023-2033 page https://www.suse.com/security/cve/CVE-2023-2133/ SUSE CVE CVE-2023-2133 page https://www.suse.com/security/cve/CVE-2023-2134/ SUSE CVE CVE-2023-2134 page https://www.suse.com/security/cve/CVE-2023-2135/ SUSE CVE CVE-2023-2135 page https://www.suse.com/security/cve/CVE-2023-2136/ SUSE CVE CVE-2023-2136 page https://www.suse.com/security/cve/CVE-2023-2137/ SUSE CVE CVE-2023-2137 page https://www.suse.com/security/cve/CVE-2023-2721/ SUSE CVE CVE-2023-2721 page https://www.suse.com/security/cve/CVE-2023-2722/ SUSE CVE CVE-2023-2722 page https://www.suse.com/security/cve/CVE-2023-2723/ SUSE CVE CVE-2023-2723 page https://www.suse.com/security/cve/CVE-2023-2724/ SUSE CVE CVE-2023-2724 page https://www.suse.com/security/cve/CVE-2023-2725/ SUSE CVE CVE-2023-2725 page https://www.suse.com/security/cve/CVE-2023-2726/ SUSE CVE CVE-2023-2726 page openSUSE Leap 15.5 NonFree opera-99.0.4788.13-lp155.3.6.1 opera-99.0.4788.13-lp155.3.6.1 as a component of openSUSE Leap 15.5 NonFree Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) CVE-2022-3196 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3196.html CVE-2022-3196 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) CVE-2022-3197 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3197.html CVE-2022-3197 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) CVE-2022-3198 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3198.html CVE-2022-3198 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3199 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3199.html CVE-2022-3199 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3200 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3200.html CVE-2022-3200 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High) CVE-2022-3201 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3201.html CVE-2022-3201 https://bugzilla.suse.com/1203419 SUSE Bug 1203419 https://bugzilla.suse.com/1203808 SUSE Bug 1203808 Use after free in Skia in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3445 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3445.html CVE-2022-3445 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Heap buffer overflow in WebSQL in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3446 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3446.html CVE-2022-3446 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) CVE-2022-3447 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3447.html CVE-2022-3447 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3448 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3448.html CVE-2022-3448 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High) CVE-2022-3449 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3449.html CVE-2022-3449 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Use after free in Peer Connection in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3450 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3450.html CVE-2022-3450 https://bugzilla.suse.com/1204223 SUSE Bug 1204223 Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3723 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3723.html CVE-2022-3723 https://bugzilla.suse.com/1204819 SUSE Bug 1204819 Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3885 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3885.html CVE-2022-3885 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3886 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3886.html CVE-2022-3886 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3887 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3887.html CVE-2022-3887 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3888 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3888.html CVE-2022-3888 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-3889 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-3889.html CVE-2022-3889 https://bugzilla.suse.com/1205221 SUSE Bug 1205221 Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4262 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-4262.html CVE-2022-4262 https://bugzilla.suse.com/1205999 SUSE Bug 1205999 Use after free in Blink Media in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4436 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-4436.html CVE-2022-4436 https://bugzilla.suse.com/1206403 SUSE Bug 1206403 Use after free in Mojo IPC in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4437 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-4437.html CVE-2022-4437 https://bugzilla.suse.com/1206403 SUSE Bug 1206403 Use after free in Blink Frames in Google Chrome prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2022-4438 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-4438.html CVE-2022-4438 https://bugzilla.suse.com/1206403 SUSE Bug 1206403 Use after free in Aura in Google Chrome on Windows prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chromium security severity: High) CVE-2022-4439 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-4439.html CVE-2022-4439 https://bugzilla.suse.com/1206403 SUSE Bug 1206403 Use after free in Profiles in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2022-4440 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2022-4440.html CVE-2022-4440 https://bugzilla.suse.com/1206403 SUSE Bug 1206403 Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0471 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0471.html CVE-2023-0471 https://bugzilla.suse.com/1207512 SUSE Bug 1207512 Use after free in WebRTC in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0472 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0472.html CVE-2023-0472 https://bugzilla.suse.com/1207512 SUSE Bug 1207512 Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0473 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0473.html CVE-2023-0473 https://bugzilla.suse.com/1207512 SUSE Bug 1207512 Use after free in GuestView in Google Chrome prior to 109.0.5414.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a Chrome web app. (Chromium security severity: Medium) CVE-2023-0474 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0474.html CVE-2023-0474 https://bugzilla.suse.com/1207512 SUSE Bug 1207512 Type confusion in V8 in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0696 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0696.html CVE-2023-0696 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 110.0.5481.77 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: High) CVE-2023-0697 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0697.html CVE-2023-0697 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Out of bounds read in WebRTC in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) CVE-2023-0698 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0698.html CVE-2023-0698 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Use after free in GPU in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page and browser shutdown. (Chromium security severity: Medium) CVE-2023-0699 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0699.html CVE-2023-0699 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0700 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0700.html CVE-2023-0700 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Heap buffer overflow in WebUI in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interaction . (Chromium security severity: Medium) CVE-2023-0701 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0701.html CVE-2023-0701 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Type confusion in Data Transfer in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-0702 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0702.html CVE-2023-0702 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: Medium) CVE-2023-0703 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0703.html CVE-2023-0703 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass same origin policy and proxy settings via a crafted HTML page. (Chromium security severity: Low) CVE-2023-0704 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0704.html CVE-2023-0704 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Integer overflow in Core in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who had one a race condition to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) CVE-2023-0705 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0705.html CVE-2023-0705 https://bugzilla.suse.com/1208029 SUSE Bug 1208029 Use after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0927 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0927.html CVE-2023-0927 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in SwiftShader in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0928 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0928.html CVE-2023-0928 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in Vulkan in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0929 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0929.html CVE-2023-0929 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Heap buffer overflow in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0930 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0930.html CVE-2023-0930 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0931 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0931.html CVE-2023-0931 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in WebRTC in Google Chrome on Windows prior to 110.0.5481.177 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-0932 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0932.html CVE-2023-0932 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Integer overflow in PDF in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) CVE-2023-0933 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0933.html CVE-2023-0933 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in Prompts in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) CVE-2023-0941 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-0941.html CVE-2023-0941 https://bugzilla.suse.com/1208589 SUSE Bug 1208589 Use after free in Swiftshader in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1213 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1213.html CVE-2023-1213 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1214 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1214.html CVE-2023-1214 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Type confusion in CSS in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1215 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1215.html CVE-2023-1215 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Use after free in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had convienced the user to engage in direct UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1216 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1216.html CVE-2023-1216 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Stack buffer overflow in Crash reporting in Google Chrome on Windows prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) CVE-2023-1217 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1217.html CVE-2023-1217 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Use after free in WebRTC in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1218 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1218.html CVE-2023-1218 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Heap buffer overflow in Metrics in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1219 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1219.html CVE-2023-1219 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Heap buffer overflow in UMA in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1220 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1220.html CVE-2023-1220 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Extensions API in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium) CVE-2023-1221 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1221.html CVE-2023-1221 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1222 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1222.html CVE-2023-1222 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Autofill in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1223 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1223.html CVE-2023-1223 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1224 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1224.html CVE-2023-1224 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 111.0.5563.64 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1225 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1225.html CVE-2023-1225 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1226 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1226.html CVE-2023-1226 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Use after free in Core in Google Chrome on Lacros prior to 111.0.5563.64 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium) CVE-2023-1227 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1227.html CVE-2023-1227 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1228 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1228.html CVE-2023-1228 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1229 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1229.html CVE-2023-1229 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious WebApp to spoof the contents of the PWA installer via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1230 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1230.html CVE-2023-1230 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Inappropriate implementation in Autofill in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to potentially spoof the contents of the omnibox via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-1231 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1231.html CVE-2023-1231 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to obtain potentially sensitive information from API via a crafted HTML page. (Chromium security severity: Low) CVE-2023-1232 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1232.html CVE-2023-1232 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from API via a crafted Chrome Extension. (Chromium security severity: Low) CVE-2023-1233 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1233.html CVE-2023-1233 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Inappropriate implementation in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) CVE-2023-1234 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1234.html CVE-2023-1234 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. (Chromium security severity: Low) CVE-2023-1235 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1235.html CVE-2023-1235 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Inappropriate implementation in Internals in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to spoof the origin of an iframe via a crafted HTML page. (Chromium security severity: Low) CVE-2023-1236 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1236.html CVE-2023-1236 https://bugzilla.suse.com/1209040 SUSE Bug 1209040 Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1528 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1528.html CVE-2023-1528 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High) CVE-2023-1529 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1529.html CVE-2023-1529 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1530 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1530.html CVE-2023-1530 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1531 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1531.html CVE-2023-1531 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1532 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1532.html CVE-2023-1532 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1533 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1533.html CVE-2023-1533 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-1534 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-1534.html CVE-2023-1534 https://bugzilla.suse.com/1209598 SUSE Bug 1209598 Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-2033 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-2033.html CVE-2023-2033 https://bugzilla.suse.com/1210478 SUSE Bug 1210478 Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-2133 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-2133.html CVE-2023-2133 https://bugzilla.suse.com/1210618 SUSE Bug 1210618 Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-2134 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-2134.html CVE-2023-2134 https://bugzilla.suse.com/1210618 SUSE Bug 1210618 Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-2135 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-2135.html CVE-2023-2135 https://bugzilla.suse.com/1210618 SUSE Bug 1210618 Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVE-2023-2136 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-2136.html CVE-2023-2136 https://bugzilla.suse.com/1210618 SUSE Bug 1210618 Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-2137 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-2137.html CVE-2023-2137 https://bugzilla.suse.com/1210618 SUSE Bug 1210618 https://bugzilla.suse.com/1210660 SUSE Bug 1210660 Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) CVE-2023-2721 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-2721.html CVE-2023-2721 https://bugzilla.suse.com/1211442 SUSE Bug 1211442 Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-2722 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-2722.html CVE-2023-2722 https://bugzilla.suse.com/1211442 SUSE Bug 1211442 Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-2723 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-2723.html CVE-2023-2723 https://bugzilla.suse.com/1211442 SUSE Bug 1211442 Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-2724 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-2724.html CVE-2023-2724 https://bugzilla.suse.com/1211442 SUSE Bug 1211442 Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2023-2725 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-2725.html CVE-2023-2725 https://bugzilla.suse.com/1211442 SUSE Bug 1211442 Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium) CVE-2023-2726 openSUSE Leap 15.5 NonFree:opera-99.0.4788.13-lp155.3.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NVMVZHYNGC7MNXWYYPCKCBLKKYAGFJPY/ https://www.suse.com/security/cve/CVE-2023-2726.html CVE-2023-2726 https://bugzilla.suse.com/1211442 SUSE Bug 1211442