Search for vulnerabilities
Vulnerability details: VCID-3guj-7v74-hufr
Vulnerability ID VCID-3guj-7v74-hufr
Aliases CVE-2022-1638
Summary Heap buffer overflow in V8 Internationalization in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-787 Out-of-bounds Write
System Score Found at
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
epss 0.00496 https://api.first.org/data/v1/epss?cve=CVE-2022-1638
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1638
archlinux High https://security.archlinux.org/AVG-2720
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-1638
https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_10.html
https://crbug.com/1316946
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1633
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1634
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1635
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1636
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1637
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1638
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1639
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1640
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1641
AVG-2720 https://security.archlinux.org/AVG-2720
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
CVE-2022-1638 https://nvd.nist.gov/vuln/detail/CVE-2022-1638
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-1638
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.6475
EPSS Score 0.00496
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:52:33.718918+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.18/community.json 37.0.0