CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
Confidence
Low
A vulnerability in the Picture in Picture component of Google Chrome browser is related to the distortion of important information in the user interface.
in the user interface. Exploitation of the vulnerability could allow an attacker acting remotely,
Spoof the contents of a URL string using a specially crafted HTML page
A vulnerability in the Permission Prompt Handler component of Google Chrome browser is related to improper validation of input data.
of input data. Exploitation of the vulnerability could allow an attacker acting remotely to install a
malicious application, potentially performing a sandbox escape using a malicious file
A vulnerability in the Skia component of the Google Chrome browser is related to an incorrect implementation of the algorithm
authentication algorithm. Exploitation of the vulnerability could allow an attacker acting remotely to perform a
Exit the sandbox using a specially crafted HTML page
A vulnerability in the WebRTC component of the Google Chrome browser is related to memory usage after release.
Exploitation of the vulnerability could allow an attacker acting remotely to exploit heap corruption
using a specially crafted HTML page