Medium severity6.5NVD Advisory· Published Feb 7, 2018· Updated Jun 17, 2026

CVE-2017-15395

Description

A use after free in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an ImageCapture NULL pointer dereference.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Google/Blinkllm-fuzzy
Range: <62.0.3202.62
Google/Chromellm-fuzzy
Range: <62.0.3202.62
osv-coords2 versions
pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP2
< 93.0.4577.82-1.1+ 1 more
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 63.0.3239.84-40.1

Patches

Vulnerability mechanics

References

www.securityfocus.com/bid/101482nvd
access.redhat.com/errata/RHSA-2017:2997nvd
chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.htmlnvd
crbug.com/759457nvd
security.gentoo.org/glsa/201710-24nvd
www.debian.org/security/2017/dsa-4020nvd

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000