Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:42523
HistoryAug 06, 2023 - 11:41 p.m.

Use After Free

2023-08-0623:41:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
chromium
vulnerability
ui
read/write
html page

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

53.6%

chromium is vulnerable to Use After Free. The vulnerability exists in the UI of the library, allowing an attacker to perform arbitrary read/write via a maliciously crafted HTML page

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

53.6%