CVE-2022-4178 — Use After Free in Google Chrome
Severity
8.8HIGHNVD
EPSS
6.1%
top 9.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 30
Latest updateDec 14
Description
Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages6 packages
🔴Vulnerability Details
2📋Vendor Advisories
4Debian▶
CVE-2022-4178: chromium - Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed a remote ...↗2022