VDB
CVE-2022-3446
CVE-2022-3446
PUBLISHED
CVSS 8.8 HIGH
Reported by Chrome · Published November 9, 2022
Heap buffer overflow in WebSQL in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Risk Scores
CVSS 3.1
8.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | unspecified | |
| chrome | 0 | |
| alpine | qt5-qtwebengine | 0, 0, 0 |
| Chrome | * |
Timeline
- Oct 13, 2022 CVE Published
- Nov 10, 2022 EPSS Score
- Dec 23, 2022 EPSS Score
- Feb 4, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 19, 2023 EPSS Score
- May 1, 2023 EPSS Score
- Jun 13, 2023 EPSS Score
- Jul 26, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
- Oct 20, 2023 EPSS Score
- Dec 2, 2023 EPSS Score
References
- GLSA-202305-10 vendor-advisory