CVE-2013-6654Improper Input Validation in Google Chrome

CWE-20Improper Input Validation2 documents2 sources
Severity
7.5HIGHNVD
EPSS
0.9%
top 24.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedFeb 24
Latest updateMay 17

Description

The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which allows remote attackers to cause a denial of service (incorrect cast) or possibly have unspecified other impact via unknown vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDgoogle/chrome33.0.1750.116+96

🔴Vulnerability Details

1
GHSA
GHSA-qqrg-wpgp-r2qm: The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement2022-05-17