Lucene search

K
freebsdFreeBSD323F900D-AC6D-11EC-A0B8-3065EC8FD3EC
HistoryMar 25, 2022 - 12:00 a.m.

chromium -- V8 type confusion

2022-03-2500:00:00
vuxml.freebsd.org
109
chromium
v8
type confusion
security fix
cve-2022-1096
exploit
unix

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.014

Percentile

86.5%

Chrome Releases reports:

This release contains 1 security fix:

[1309225] High CVE-2022-1096: Type Confusion in V8. Reported by
anonymous on 2022-03-23

Google is aware that an exploit for CVE-2022-1096 exists in the wild.

Affected configurations

Vulners
Node
chromiumchromiumRange<99.0.4844.84
VendorProductVersionCPE
chromiumchromium*cpe:2.3:a:chromium:chromium:*:*:*:*:*:*:*:*

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.014

Percentile

86.5%