Google Chromium Network Service Use-After-Free Vulnerability

Added March 30, 2023 • Due April 20, 2023 • CVE-2022-3038

Overdue Google / Chromium Network Service CWE-416

Description

Google Chromium Network Service contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Required Action

Apply updates per vendor instructions.

References

https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html
https://nvd.nist.gov/vuln/detail/CVE-2022-3038

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 9 months, 4 weeks ago