Published: 02/01/2023 Updated: 09/01/2023

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

Inappropriate implementation in File System API in Google Chrome on Windows before 97.0.4692.71 allowed a remote malicious user to obtain potentially sensitive information via a crafted HTML page. (Chrome security severity: High)

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome

The Chrome team is delighted to announce the promotion of Chrome 97 to the stable channel for Windows, Mac and LinuxThis will roll out over the coming days/weeksChrome 970469271 contains a number of fixes and improvements -- a list of changes is available in the log Watch out for upcoming Chrome and Chromium blog post ...

🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337

🤝 Show your support - give a ⭐️ if you liked the content | SHARE on Twitter | Follow me on CVE-2022-0337 System environment variables leak on Google Chrome, Microsoft Edge and Opera 📝 Description Successful exploitation of this vulnerability can lead to the leak of user's secrets stored inside a system environment variables A security bug was found in Chro

CWE-668 https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html https://crbug.com/1247389 https://nvd.nist.gov https://github.com/Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html

CVE-2022-0337

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect