CVE-2014-1745
published 2014-05-21CVE-2014-1745: Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of…
PriorityP428high7.1CVSS 3.1
AVNACLPRNUIRSUCHINAL
EPSS
1.67%
73.9th percentile
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp.
Affected
85 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_16.4_and_ipados | — | — |
| apple | macos_ventura | — | — |
| apple | safari | — | — |
| debian | webkit2gtk | < webkit2gtk 2.42.1-1~deb12u1 (bookworm) | webkit2gtk 2.42.1-1~deb12u1 (bookworm) |
| debian | wpewebkit | < webkit2gtk 2.42.1-1~deb12u1 (bookworm) | webkit2gtk 2.42.1-1~deb12u1 (bookworm) |
| chrome | <= 35.0.1916.113 | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — | |
| chrome | — | — |
CVSS provenance
nvdv3.17.1HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.1HIGH
vendor_debian7.1HIGH
vendor_redhat7.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pr96-m2pj-3g36: Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35
ghsa_unreviewed·2022-05-14
CVE-2014-1745 [HIGH] GHSA-pr96-m2pj-3g36: Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp.
OSV
CVE-2014-1745: Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35
osv·2014-05-21·CVSS 7.1
CVE-2014-1745 [HIGH] CVE-2014-1745: Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp.
Red Hat
webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents
vendor_redhat·2024-02-05·CVSS 7.1
CVE-2014-1745 [HIGH] CWE-400 webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents
webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp.
A use-after-free vulnerability was found in the SVG implementation within WebKitGTK. This flaw allows remote attackers to exploit the removal of an SVGFontFaceElement object, which occurs through specific vectors that trigger the deletion of the object during rendering.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet
Apple
CVE-2014-1745: Safari 16.4
vendor_apple·2023-03-27·CVSS 7.1
CVE-2014-1745 [HIGH] CVE-2014-1745: Safari 16.4
Apple Security Update: About the security content of Safari 16.4
Product: Safari
Version: 16.4
CVE: CVE-2014-1745
Component: WebKit
Impact: Processing a file may lead to a denial-of-service or potentially disclose memory contents
Description: The issue was addressed with improved checks.
Apple
CVE-2014-1745: macOS Ventura 13.3
vendor_apple·2023-03-27·CVSS 7.1
CVE-2014-1745 [HIGH] CVE-2014-1745: macOS Ventura 13.3
Apple Security Update: About the security content of macOS Ventura 13.3
Product: macOS Ventura
Version: 13.3
CVE: CVE-2014-1745
Component: WebKit
Impact: Processing a file may lead to a denial-of-service or potentially disclose memory contents
Description: The issue was addressed with improved checks.
Apple
CVE-2014-1745: iOS 16.4 and iPadOS 16.4
vendor_apple·2023-03-27·CVSS 7.1
CVE-2014-1745 [HIGH] CVE-2014-1745: iOS 16.4 and iPadOS 16.4
Apple Security Update: About the security content of iOS 16.4 and iPadOS 16.4
Product: iOS 16.4 and iPadOS
Version: 16.4
CVE: CVE-2014-1745
Component: WebKit
Impact: Processing a file may lead to a denial-of-service or potentially disclose memory contents
Description: The issue was addressed with improved checks.
Debian
CVE-2014-1745: webkit2gtk - Use-after-free vulnerability in the SVG implementation in Blink, as used in Goog...
vendor_debian·2014·CVSS 7.1
CVE-2014-1745 [HIGH] CVE-2014-1745: webkit2gtk - Use-after-free vulnerability in the SVG implementation in Blink, as used in Goog...
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp.
Scope: local
bookworm: resolved (fixed in 2.42.1-1~deb12u1)
bullseye: resolved (fixed in 2.42.1-1~deb11u1)
forky: resolved (fixed in 2.42.0-1)
sid: resolved (fixed in 2.42.0-1)
trixie: resolved (fixed in 2.42.0-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.htmlhttp://lists.opensuse.org/opensuse-updates/2014-06/msg00023.htmlhttp://secunia.com/advisories/58920http://secunia.com/advisories/59155http://security.gentoo.org/glsa/glsa-201408-16.xmlhttp://www.debian.org/security/2014/dsa-2939http://www.openwall.com/lists/oss-security/2024/02/05/8http://www.securitytracker.com/id/1030270https://code.google.com/p/chromium/issues/detail?id=346192https://src.chromium.org/viewvc/blink?revision=167993&view=revisionhttp://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.htmlhttp://lists.opensuse.org/opensuse-updates/2014-06/msg00023.htmlhttp://secunia.com/advisories/58920http://secunia.com/advisories/59155http://security.gentoo.org/glsa/glsa-201408-16.xmlhttp://www.debian.org/security/2014/dsa-2939http://www.openwall.com/lists/oss-security/2024/02/05/8http://www.securitytracker.com/id/1030270https://code.google.com/p/chromium/issues/detail?id=346192https://src.chromium.org/viewvc/blink?revision=167993&view=revision
2014-05-21
Published