CVE-2018-18338

Опубликовано: 04 дек. 2018

Источник: redhat

CVSS3: 8.8

EPSS Низкий

Описание

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Ссылки на источники

Дополнительная информация

Статус:

Important

https://bugzilla.redhat.com/show_bug.cgi?id=1656552chromium-browser: Heap buffer overflow in Canvas

EPSS

Процентиль: 81%

0.01563

Низкий

8.8 High

CVSS3

Связанные уязвимости

CVE-2018-18338

CVSS3: 8.8

ubuntu

около 7 лет назад

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2018-18338

CVSS3: 8.8

nvd

около 7 лет назад

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2018-18338

CVSS3: 8.8

debian

около 7 лет назад

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome pri ...

GHSA-gjrj-22h7-68pw

CVSS3: 8.8

github

больше 3 лет назад

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

BDU:2019-00006

CVSS3: 8.8

fstec

больше 7 лет назад

Уязвимость компонента Canvas веб-браузера Google Chrome, позволяющая нарушителю вызвать переполнение буфера

EPSS

Процентиль: 81%

0.01563

Низкий

8.8 High

CVSS3