Google » Chrome : Security Vulnerabilities, CVEs, Published In 2017 (Information Leak) CVSS score >= 6
Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Linux and Windows allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.86%
Published
2017-10-27
Updated
2017-12-31
Google Chrome prior to 56.0.2924.76 for Windows insufficiently sanitized DevTools URLs, which allowed a remote attacker who convinced a user to install a malicious extension to read filesystem contents via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.52%
Published
2017-02-17
Updated
2018-01-05
PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to read local files via a crafted PDF file.
Max CVSS
6.5
EPSS Score
0.42%
Published
2017-01-19
Updated
2018-01-05
Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android insufficiently sanitized DevTools URLs, which allowed a remote attacker to read local files via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.42%
Published
2017-01-19
Updated
2018-01-05
A leak of privateClass in the extensions API in Google Chrome prior to 54.0.2840.100 for Linux, and 54.0.2840.99 for Windows, and 54.0.2840.98 for Mac allowed a remote attacker to access privileged JavaScript code via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.50%
Published
2017-01-19
Updated
2018-01-05
5 vulnerabilities found