Skia
by Google
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-6648 | Hig | 0.49 | 7.5 | 0.00 | Apr 13, 2017 | SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash). | ||
| CVE-2026-8579 | Low | 0.20 | 3.1 | 0.00 | May 14, 2026 | Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted print file. (Chromium security severity: Medium) |
- risk 0.49cvss 7.5epss 0.00
SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash).
- risk 0.20cvss 3.1epss 0.00
Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted print file. (Chromium security severity: Medium)