Use-After-Free

2022-04-1709:57:27

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.002 Low

EPSS

Percentile

51.8%

JSON

chromium is vulnerable to use-after-free. A remote attacker who is able to convince a user to install a malicious extension has the potential to perform a sandbox escape on via the crafted Chrome Extension.

CPENameOperatorVersion
chromium:sideq88.0.4324.182-1
chromium:sideq83.0.4103.116-3.1
chromium:bullseyeeq83.0.4103.116-3.1
chromium-browser:bioniceq85.0.4183.83-0ubuntu0.18.04.2
chromium-browser:bioniceq92.0.4515.159-0ubuntu0.18.04.1
chromium-browser:bioniceq65.0.3325.181-0ubuntu1
chromium-browser:bioniceq86.0.4240.198-0ubuntu0.18.04.1
chromium-browser:bioniceq84.0.4147.105-0ubuntu0.18.04.1
chromium:sideq88.0.4324.182-1
chromium:sideq83.0.4103.116-3.1

Name	Operator	Version
chromium:sid	eq	88.0.4324.182-1
chromium:sid	eq	83.0.4103.116-3.1
chromium:bullseye	eq	83.0.4103.116-3.1
chromium-browser:bionic	eq	85.0.4183.83-0ubuntu0.18.04.2
chromium-browser:bionic	eq	92.0.4515.159-0ubuntu0.18.04.1
chromium-browser:bionic	eq	65.0.3325.181-0ubuntu1
chromium-browser:bionic	eq	86.0.4240.198-0ubuntu0.18.04.1
chromium-browser:bionic	eq	84.0.4147.105-0ubuntu0.18.04.1
chromium:sid	eq	88.0.4324.182-1
chromium:sid	eq	83.0.4103.116-3.1