Описание
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | firefox | Not affected | ||
| Red Hat Enterprise Linux 6 | firefox | Fixed | RHSA-2019:0373 | 19.02.2019 |
| Red Hat Enterprise Linux 6 | thunderbird | Fixed | RHSA-2019:0680 | 28.03.2019 |
| Red Hat Enterprise Linux 6 Supplementary | chromium-browser | Fixed | RHSA-2018:3803 | 10.12.2018 |
| Red Hat Enterprise Linux 7 | firefox | Fixed | RHSA-2019:0374 | 19.02.2019 |
| Red Hat Enterprise Linux 7 | thunderbird | Fixed | RHSA-2019:0681 | 28.03.2019 |
| Red Hat Enterprise Linux 8 | thunderbird | Fixed | RHSA-2019:1144 | 13.05.2019 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
8.8 High
CVSS3
Связанные уязвимости
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
An integer overflow in path handling lead to a use after free in Skia ...
An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Уязвимость графической библиотеки Skia веб-браузера Google Chrome, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
EPSS
8.8 High
CVSS3