Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Affected configurations

NVD

Node

googlechromeRange<98.0.4758.102

References

chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html

crbug.com/1296150

veracode 1

gitlab 9

alpinelinux 1

debiancve 1

thn 12

attackerkb 1

ubuntucve 1

hivepro 3

osv 2

cvelist 1

github 1

mscve 1

cnvd 1

cve 1

checkpoint_advisories 1

schneier 1

cisa_kev 1

prion 1

threatpost 4

malwarebytes 2

ics 1

trellix 2

avleonov 1

chrome 1

debian 1

nessus 7

kaspersky 2

openvas 5

freebsd 1

suse 3

cisa 1

qualysblog 2

securelist 2

gentoo 1

veracode

Use After Free

2022-02-20 05:48:53

gitlab

Use after free in Animation

2022-02-22 00:00:00

Use after free in Animation

2022-02-22 00:00:00

Use after free in Animation

2022-02-22 00:00:00

alpinelinux

CVE-2022-0609

2022-04-05 00:15:17

debiancve

CVE-2022-0609

2022-04-05 00:15:17

thn

New Chrome 0-Day Bug Under Active Attack – Update Your Browser ASAP!

2022-02-15 05:06:00

N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX

2023-04-21 09:55:00

North Korean Hackers Exploited Chrome Zero-Day to Target Fintech, IT, and Media Firms

2022-03-25 06:45:00

attackerkb

CVE-2022-0609

2022-04-05 00:00:00

ubuntucve

CVE-2022-0609

2022-04-05 00:00:00

hivepro

North Korean state-sponsored threat actor Lazarus Group exploiting Chrome Zero-day vulnerability

2022-03-25 14:16:43

First zero-day vulnerability of Google Chrome this year actively exploited in wild

2022-02-15 14:31:12

Weekly Threat Digest: 21 – 27 March 2022

2022-03-29 13:56:10

osv

Use after free in Animation

2022-02-22 21:51:19

chromium - security update

2022-02-17 00:00:00

cvelist

CVE-2022-0609

2022-04-04 23:55:32

github

Use after free in Animation

2022-02-22 21:51:19

mscve

Chromium: CVE-2022-0609 Use after free in Animation

2022-02-16 08:00:00

cnvd

Google Chrome Animation code execution vulnerability

2022-02-16 00:00:00

cve

CVE-2022-0609

2022-04-05 00:15:17

checkpoint_advisories

Google Chrome Use After Free (CVE-2022-0609)

2022-03-27 00:00:00

schneier

Chrome Zero-Day from North Korea

2022-03-31 11:13:50

cisa_kev

Google Chromium Animation Use-After-Free Vulnerability

2022-02-15 00:00:00

prion

Design/Logic Flaw

2022-04-05 00:15:00

threatpost

Google Chrome Zero-Day Bugs Exploited Weeks Ahead of Patch

2022-03-25 13:19:59

Google Patches Chrome’s Fifth Zero-Day of the Year

2022-08-18 14:31:38

Google Patches Actively Exploited Chrome Bug

2022-07-05 11:54:21

malwarebytes

Security vulnerabilities: 5 times that organizations got hacked

2022-06-21 10:04:02

Update now! Chrome patches actively exploited zero-day vulnerability

2022-02-15 13:50:16

ics

Rockwell Automation Connected Components Workbench

2023-09-21 12:00:00

trellix

The Bug Report - February 2022 Edition

2022-03-02 00:00:00

The Bug Report - February 2022 Edition

2022-03-02 00:00:00

avleonov

Microsoft Patch Tuesday March 2022

2022-03-14 17:33:28

chrome

Stable Channel Update for Desktop

2022-02-14 00:00:00

debian

[SECURITY] [DSA 5079-1] chromium security update

2022-02-17 22:13:55

nessus

FreeBSD : chromium -- multiple vulnerabilities (e12432af-8e73-11ec-8bc4-3065ec8fd3ec)

2022-02-15 00:00:00

Microsoft Edge (Chromium) < 98.0.1108.55 Multiple Vulnerabilities

2022-02-16 00:00:00

Debian DSA-5079-1 : chromium - security update

2022-02-18 00:00:00

kaspersky

KLA12464 Multiple vulnerabilities in Microsoft Browser

2022-02-16 00:00:00

KLA12462 Multiple vulnerabilities in Google Chrome

2022-02-14 00:00:00

openvas

Google Chrome Security Update (stable-channel-update-for-desktop_14-2022-02) - Linux

2022-02-16 00:00:00

Google Chrome Security Update (stable-channel-update-for-desktop_14-2022-02) - Windows

2022-02-16 00:00:00

Debian: Security Advisory (DSA-5079-1)

2022-02-19 00:00:00

freebsd

chromium -- multiple vulnerabilities

2022-02-14 00:00:00

suse

Security update for opera (important)

2022-03-07 00:00:00

Security update for chromium (important)

2022-02-17 00:00:00

Security update for opera (important)

2022-04-08 00:00:00

cisa

CISA Adds Nine Known Exploited Vulnerabilities to Catalog

2022-02-15 00:00:00

qualysblog

The 9th Google Chrome Zero-Day Threat this Year – Again Just Before the Weekend

2022-12-03 05:24:27

Managing CISA Known Exploited Vulnerabilities with Qualys VMDR

2022-02-23 05:39:00

securelist

IT threat evolution in Q1 2022. Non-mobile statistics

2022-05-27 08:00:05

IT threat evolution in Q2 2022. Non-mobile statistics

2022-08-15 12:00:43

gentoo

Chromium, Google Chrome: Multiple vulnerabilities

2022-02-20 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.042 Low

EPSS

Percentile

92.3%

JSON

Related for NVD:CVE-2022-0609

veracode1 gitlab9 alpinelinux1 debiancve1 thn12 attackerkb1 ubuntucve1 hivepro3 osv2 cvelist1 github1 mscve1 cnvd1 cve1 checkpoint_advisories1 schneier1 cisa_kev1 prion1 threatpost4 malwarebytes2 ics1 trellix2 avleonov1 chrome1 debian1 nessus7 kaspersky2 openvas5 freebsd1 suse3 cisa1 qualysblog2 securelist2 gentoo1