CVE-2018-18338

Опубликовано: 11 дек. 2018

Источник: debian

EPSS Низкий

Описание

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
chromium	fixed	71.0.3578.80-1		package

EPSS

Процентиль: 81%

0.01563

Низкий

Связанные уязвимости

CVE-2018-18338

CVSS3: 8.8

ubuntu

около 7 лет назад

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2018-18338

CVSS3: 8.8

redhat

около 7 лет назад

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2018-18338

CVSS3: 8.8

nvd

около 7 лет назад

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

GHSA-gjrj-22h7-68pw

CVSS3: 8.8

github

больше 3 лет назад

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

BDU:2019-00006

CVSS3: 8.8

fstec

больше 7 лет назад

Уязвимость компонента Canvas веб-браузера Google Chrome, позволяющая нарушителю вызвать переполнение буфера

EPSS

Процентиль: 81%

0.01563

Низкий