Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
| Vendor | Product | Versions |
|---|---|---|
| chrome | 150.0.7871.47 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| apple | macos | cve_cpe | 95% |
| chrome | cert_advisory | 90% |
Updated vendor to Microsoft, added product Edge, and marked exploit as available and actively exploited.
Updated affected versions to include 149.0.7827.201 and changed severity to CRITICAL.
Initial creation