CVE-2017-5097 — Improper Input Validation in Google Chrome
Severity
8.8HIGHNVD
EPSS
0.6%
top 29.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 27
Latest updateMay 14
Description
Insufficient validation of untrusted input in Skia in Google Chrome prior to 60.0.3112.78 for Linux allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9