CVE-2018-6157

HIGH

Google Chrome <68.0.3440.75 - Heap Corruption

Title source: llm

Description

Type confusion in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

References (2)

[Release Notes, Vendor Advisory] https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html

[Issue Tracking] https://crbug.com/840536

Scores

CVSS v3 8.8

EPSS 0.0030

EPSS Percentile 53.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-704

Status published

Products (1)

google/chrome < 68.0.3440.75

Published Jun 27, 2019

Tracked Since Feb 18, 2026