Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-88282
HistorySep 29, 2022 - 12:00 a.m.

Google Chrome CSS memory misquoting vulnerability

2022-09-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
8

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Google Chrome is a web browser from Google, Inc. A memory misreference vulnerability exists in versions of Google Chrome prior to 106.0.5249.62, which stems from a confusion in the CSS directive responsible for freeing memory. An attacker could exploit the vulnerability to cause a crash, arbitrary code execution, etc.

CPENameOperatorVersion
google chrome <106.eq0.5249.62

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H