Описание
Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 91.0.4472.77-0ubuntu0.18.04.1 |
| devel | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | focal was not-affected [code not present] |
| focal | not-affected | code not present |
| groovy | not-affected | code not present |
| hirsute | not-affected | code not present |
| impish | not-affected | code not present |
| jammy | not-affected | code not present |
| trusty | ignored | end of standard support |
Показывать по
Ссылки на источники
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page.
Use after free in WebAuthentication in Google Chrome on Android prior ...
Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page.
Уязвимость реализации WebAuthentication браузера Google Chrome, связанная с использованием памяти после её освобождения, позволяющая нарушителю создать скомпрометировать процесс рендеринга пользователя
6.8 Medium
CVSS2
8.8 High
CVSS3