CVE-2022-3314 — Use After Free in Google Chrome
Severity
6.5MEDIUMNVD
EPSS
0.2%
top 57.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 1
Latest updateNov 2
Description
Use after free in logging in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6