Lucene search

K
nvd[email protected]NVD:CVE-2022-3196
HistorySep 26, 2022 - 4:15 p.m.

CVE-2022-3196

2022-09-2616:15:13
CWE-416
web.nvd.nist.gov
1
chrome
use after free
pdf
heap corruption
remote attacker
crafted file
cve-2022-3196

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

69.3%

Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

Affected configurations

NVD
Node
googlechromeRange<105.0.5195.125
Node
fedoraprojectfedoraMatch37

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

69.3%