Search for vulnerabilities
Vulnerability details: VCID-tz9z-ayh2-aaam
Vulnerability ID VCID-tz9z-ayh2-aaam
Aliases CVE-2022-2620
Summary Use after free in WebUI in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
Status Published
Exploitability 0.5
Weighted Severity 7.9
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-665 Improper Initialization
CWE-416 Use After Free
System Score Found at
epss 0.00294 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00294 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00294 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00294 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00294 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00294 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00294 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00294 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00294 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00294 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00294 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00328 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00481 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00481 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00481 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00481 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00481 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00481 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00481 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00481 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00481 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00481 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00481 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00481 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00604 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.00863 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.0092 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.0092 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.0092 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.0092 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.0092 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.0092 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.0092 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
epss 0.0092 https://api.first.org/data/v1/epss?cve=CVE-2022-2620
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2620
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-2620
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-2620
https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html
https://crbug.com/1337304
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2603
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2604
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2605
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2606
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2607
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2608
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2610
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2611
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2612
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2613
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2614
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2615
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2616
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2617
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2618
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2619
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2620
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2621
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2622
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2624
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2743
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4914
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/
https://security.gentoo.org/glsa/202208-35
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
CVE-2022-2620 https://nvd.nist.gov/vuln/detail/CVE-2022-2620
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-2620
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-2620
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.69778
EPSS Score 0.00294
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.