Lucene search

K
cvelistChromeCVELIST:CVE-2018-18356
HistoryDec 11, 2018 - 3:00 p.m.

CVE-2018-18356

2018-12-1115:00:00
Chrome
www.cve.org
2

9.2 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

89.9%

An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CNA Affected

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "71.0.3578.80",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]