Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-2cw7-hww6-h37w

Опубликовано: 13 авг. 2025
Источник: github
Github: Не прошло ревью
CVSS3: 8.8

Описание

Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Ссылки

EPSS

Процентиль: 30%
0.00109
Низкий

8.8 High

CVSS3

CVE ID

CVE-2025-8882

Дефекты

CWE-416

Связанные уязвимости

ubuntu логотип

CVE-2025-8882

CVSS3: 8.8
ubuntu
10 дней назад

Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

nvd логотип

CVE-2025-8882

CVSS3: 8.8
nvd
12 дней назад

Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

msrc логотип

CVE-2025-8882

msrc
9 дней назад

Chromium: CVE-2025-8882 Use after free in Aura

debian логотип

CVE-2025-8882

CVSS3: 8.8
debian
12 дней назад

Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowe ...

fstec логотип

BDU:2025-10157

CVSS3: 8.8
fstec
13 дней назад

Уязвимость функции free компонента Aura браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 30%
0.00109
Низкий

8.8 High

CVSS3

CVE ID

CVE-2025-8882

Дефекты

CWE-416