Search for vulnerabilities
Vulnerability details: VCID-6n87-qdx4-aaac
Vulnerability ID VCID-6n87-qdx4-aaac
Aliases CVE-2022-2624
Summary Heap buffer overflow in PDF in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file.
Status Published
Exploitability 0.5
Weighted Severity 7.9
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-787 Out-of-bounds Write
System Score Found at
epss 0.00208 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00208 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00208 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00208 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00208 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00208 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00208 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00208 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00208 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00208 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00208 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00208 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00232 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00232 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00232 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00232 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00557 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00557 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00557 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00557 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00557 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00557 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00557 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00557 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00557 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00557 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00557 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00557 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00564 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.008 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.01041 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.01041 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.01041 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.01041 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
epss 0.01041 https://api.first.org/data/v1/epss?cve=CVE-2022-2624
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2624
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2624
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-2624
https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html
https://crbug.com/1339745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2603
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2604
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2605
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2606
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2607
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2608
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2610
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2611
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2612
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2613
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2614
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2615
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2616
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2617
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2618
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2619
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2620
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2621
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2622
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2624
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2743
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4914
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/
https://security.gentoo.org/glsa/202208-35
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
CVE-2022-2624 https://nvd.nist.gov/vuln/detail/CVE-2022-2624
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-2624
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-2624
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.59150
EPSS Score 0.00208
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.