CVE-2018-17462: Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page.

critical9.6CVSS 3.0

AVNACLPRNUIRSCCHIHAH

Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page.

Affected

6 ranges

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
google	chrome	< 70.0.3538.67	70.0.3538.67
google	chrome	>= unspecified < 70.0.3538.67	70.0.3538.67
redhat	linux_desktop	—	—
redhat	linux_server	—	—
redhat	linux_workstation	—	—

CVSS provenance

nvdv3.09.6CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

osv9.6CRITICAL