Published: 23/07/2022 Updated: 25/10/2022

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

Inappropriate implementation in Extensions in Google Chrome before 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome

Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure For the stable distribution (bullseye), these problems have been fixed in version 1000489660-1~deb11u1 We recommend that you upgrade your chromium packages For the detailed security status of ...

The Chrome team is delighted to announce the promotion of Chrome 100 to the stable channel for Windows, Mac and Linux Chrome 100 is also promoted to our new extended stable channel for Windows and Mac This will roll out over the coming days/weeksChrome 1000489660 contains a number of fixes and improvements -- a list of changes is available in ...

CVE-2022-1137 Inappropriate implementation in Extensions in Google Chrome prior to 1000489660 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page authentication complexity vector not available not available not available confidentiality integrity availability not availab

CWE-668 https://crbug.com/1289846 https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html https://security.gentoo.org/glsa/202208-25 https://github.com/Live-Hack-CVE/CVE-2022-1137 https://nvd.nist.gov https://www.debian.org/security/2022/dsa-5112

CVE-2022-1137

Vulnerability Summary

Most Upvoted Vulmon Research Post

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect