The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
The ParamTraits<SkBitmap>::Read function in common/common_param_traits.cc in Google Chrome before 18.104.22.168 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data, related to use of a (1) thumbnail database or (2) HTML canvas.
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* versions up to 22.214.171.124 (inclusive)