VDB
CVE-2022-2853
CVE-2022-2853
PUBLISHED
CVSS 8.8 HIGH
Reported by Chrome · Published September 26, 2022
Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
Risk Scores
CVSS 3.1
8.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | unspecified | |
| Chrome | * |
Exploit Intelligence
Timeline
- Aug 25, 2022 CVE Published
- Sep 27, 2022 EPSS Score
- Nov 11, 2022 EPSS Score
- Dec 25, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 8, 2023 EPSS Score
- Jun 21, 2023 EPSS Score
- Aug 5, 2023 EPSS Score
- Sep 18, 2023 EPSS Score
- Nov 2, 2023 EPSS Score
- Dec 16, 2023 EPSS Score
References
- FEDORA-2022-3f28aa88cf vendor-advisory
- https://issues.chromium.org/issues/40060491 exploit