CVE-2022-2858 — Vulnetix

CVE-2022-2858 PUBLISHED CVSS 8.8 HIGH

Reported by Chrome · Published September 26, 2022

Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction.

Risk Scores

CVSS v3.1

8.8

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Google	Chrome	unspecified
Google	Chrome	unspecified

Timeline

Aug 25, 2022 CVE Published
Sep 27, 2022 EPSS Score
Nov 10, 2022 EPSS Score
Dec 25, 2022 EPSS Score
Dec 29, 2022 EPSS Score
Feb 7, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 24, 2023 EPSS Score
May 7, 2023 EPSS Score
Jun 21, 2023 EPSS Score
Aug 4, 2023 EPSS Score
Sep 18, 2023 EPSS Score

References

x_refsource_MISC
x_refsource_MISC
FEDORA-2022-3f28aa88cf vendor-advisoryx_refsource_FEDORA

Open in Interactive Console →