RedosROS-20240724-01ROS-20240724-01
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
26.9%
A vulnerability in the DevTools component of the Google Chrome browser is related to insufficient input validation.
Exploitation of the vulnerability could allow an attacker acting remotely, allowing an intruder to
execute arbitrary code through a specially crafted HTML page
A vulnerability in the Accessibility component of the Google Chrome browser is related to the execution of certain gestures of the
of the user interface. Exploitation of the vulnerability could allow an attacker, acting remotely,
execute heap corruption using certain UI gestures
A vulnerability in the V8 JavaScript script handler of the Google Chrome browser is related to insufficient validation of input data.
of input data. Exploitation of the vulnerability could allow an attacker acting remotely to exploit the
corrupting an object using a specially crafted HTML page
V8 JavaScript script handler V8 vulnerability in Google Chrome browser is related to memory usage
after release. Exploitation of the vulnerability could allow an attacker acting remotely,
exploit heap corruption using a specially crafted HTML page
A vulnerability in the DevTools component of the Google Chrome browser is related to memory usage after a
release. Exploitation of the vulnerability could allow an attacker acting remotely to exploit the
heap corruption using a specially crafted HTML page
A vulnerability in the Extensions component of the Google Chrome browser is related to insufficient input validation
data. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges by
using a specially crafted Chrome extension
A vulnerability in the Updater component of the Google Chrome browser is related to insufficient input validation.
data. Exploitation of the vulnerability could allow a remote attacker to perform a privilege escalation at the OS level using a malicious Chrome extension.
privilege escalation at the OS level using a malicious file
A vulnerability in the SwiftShader component of the Google Chrome browser is related to out-of-bounds writing.
Exploitation of the vulnerability could allow an attacker acting remotely to write outside of the
of the allocated memory using a specially crafted HTML page
A vulnerability in the WebRTC component of the Google Chrome browser is related to post-release memory usage.
Exploitation of the vulnerability could allow an attacker, acting remotely, to perform exploitable
heap corruption using certain user interface gestures
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
26.9%