Impact
A side‑channel memory leakage in the CSS processing engine of Google Chrome allows a remote attacker to read potentially sensitive data from the browser’s process memory when rendering a specially crafted HTML page. The vulnerability is a memory disclosure via side‑channel (CWE‑1300) and is listed by Chromium with a Medium severity rating. The attacker could retrieve confidential information stored in the process’s memory space through this flaw.
Affected Systems
All instances of Google Chrome running a version older than 150.0.7871.47 are vulnerable. The release notes for the stable channel identify this threshold. No specific operating‑system or environment restrictions are noted, so any host that runs a previously supported Chrome build is potentially in scope.
Risk and Exploitability
The exploit probability (EPSS) score is not available and the flaw is not listed in the CISA KEV catalog, indicating no known active exploitation at present. Nevertheless, the medium severity rating from Chromium indicates a risk of data exposure if a remote attacker can deliver the crafted page. Defensive measures are recommended.
OpenCVE Enrichment