Resource Management Errors Affecting chromium package, versions [,23.0.1271.97)


Severity

Recommended
0.0
critical
0
10

CVSS assessment made by Snyk's Security Team. Learn more

Threat Intelligence

EPSS
7.81% (95th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-UNMANAGED-CHROMIUM-2409352
  • published26 Jan 2022
  • disclosed11 Oct 2012
  • creditUnknown

Introduced: 11 Oct 2012

CVE-2012-5112  (opens in a new tab)
CWE-399  (opens in a new tab)

How to fix?

Upgrade chromium to version 23.0.1271.97 or higher.

Overview

Affected versions of this package are vulnerable to Resource Management Errors. Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 22.0.1229.94, allows remote attackers to execute arbitrary code via unspecified vectors.

References

CVSS Base Scores

version 3.1