CVE-2022-2998 — Vulnetix

CVE-2022-2998 PUBLISHED CVSS 8.800000190734863 HIGH

Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap corruption via a crafted HTML page.

EPSS 4.47% · 89.3th percentile

Risk Scores

CVSS v3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

4.47%

89.3th percentile

Affected Products

Vendor	Product	Versions
google	chrome	0
Google	Chrome	unspecified

Timeline

Sep 26, 2022 CVE Published
Sep 27, 2022 EPSS Score
Dec 25, 2022 EPSS Score
Dec 30, 2022 EPSS Score
Feb 22, 2023 EPSS Score
Mar 7, 2023 EPSS Score
May 7, 2023 EPSS Score
Aug 4, 2023 EPSS Score
Sep 18, 2023 EPSS Score
Dec 15, 2023 EPSS Score
Mar 13, 2024 EPSS Score
Apr 18, 2024 EPSS Score

References

https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html url
https://crbug.com/1329794 url
https://nvd.nist.gov/vuln/detail/CVE-2022-2998 advisory

Open in Interactive Console →