Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-5yug-84fj-7yfs
Vulnerability ID VCID-5yug-84fj-7yfs
Aliases CVE-2022-2010
Summary Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.01124 https://api.first.org/data/v1/epss?cve=CVE-2022-2010
epss 0.01124 https://api.first.org/data/v1/epss?cve=CVE-2022-2010
epss 0.01124 https://api.first.org/data/v1/epss?cve=CVE-2022-2010
epss 0.01124 https://api.first.org/data/v1/epss?cve=CVE-2022-2010
epss 0.01124 https://api.first.org/data/v1/epss?cve=CVE-2022-2010
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-2010
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2007
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2008
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2010
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2011
GLSA-202208-25 https://security.gentoo.org/glsa/202208-25
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.78612
EPSS Score 0.01124
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:31:01.463451+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0