Lucene search

K
redhatcveRedhat.comRH:CVE-2022-22628
HistoryApr 11, 2022 - 5:32 a.m.

CVE-2022-22628

2022-04-1105:32:19
redhat.com
access.redhat.com
57
webkitgtk
wpe webkit
use-after-free
remote attacker
arbitrary code execution
web content

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

70.7%

A use-after-free issue was found in WebKitGTK and WPE WebKit. This flaw allows a remote attacker to process maliciously crafted web content, leading to arbitrary code execution.

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

70.7%