Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:43876
HistoryOct 19, 2023 - 3:42 a.m.

Denial Of Service (DoS)

2023-10-1903:42:37
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
chromium
dos
vulnerability
blink history
heap corruption
html page

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

65.1%

chromium is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the use after free in Blink History of the library, allowing an attacker to cause a heap corruption via a maliciously crafted HTML page.

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

65.1%