CVE-2018-6132Use of Uninitialized Resource in Google Chrome

CWE-908Use of Uninitialized Resource7 documents5 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 56.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedJun 27
Latest updateMay 24

Description

Uninitialized data in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5google/chromeunspecified67.0.3396.62
NVDgoogle/chrome< 67.0.3396.62

🔴Vulnerability Details

2
GHSA
GHSA-fxgm-mp5w-fq4r: Uninitialized data in WebRTC in Google Chrome prior to 672022-05-24
OSV
CVE-2018-6132: Uninitialized data in WebRTC in Google Chrome prior to 672019-06-27

📋Vendor Advisories

1
Red Hat
chromium-browser: Use of uninitialized memory in WebRTC2018-05-29

💬Community

3
Bugzilla
CVE-2018-6123 CVE-2018-6124 CVE-2018-6125 CVE-2018-6126 CVE-2018-6127 CVE-2018-6129 CVE-2018-6130 CVE-2018-6131 CVE-2018-6132 CVE-2018-6133 CVE-2018-6134 CVE-2018-6135 CVE-2018-6136 CVE-2018-6137 CVE-2018-05-30
Bugzilla
CVE-2018-6132 chromium-browser: Use of uninitialized memory in WebRTC2018-05-30
Bugzilla
CVE-2018-6123 CVE-2018-6124 CVE-2018-6125 CVE-2018-6126 CVE-2018-6127 CVE-2018-6129 CVE-2018-6130 CVE-2018-6131 CVE-2018-6132 CVE-2018-6133 CVE-2018-6134 CVE-2018-6135 CVE-2018-6136 CVE-2018-6137 CVE-2018-05-30