Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-3075

Published: 26/09/2022 Updated: 15/02/2024
CVSS v3 Base Score: 9.6 | Impact Score: 6 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Chrome

Vulnerability Summary

Insufficient data validation in Mojo in Google Chrome before 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

fedoraproject fedora 37

Vendor Advisories

Debian Security Advisories: DSA-5225-1 chromium -- security update
A security issue was discovered in Chromium, which could result in the execution of arbitrary code For the stable distribution (bullseye), this problem has been fixed in version 10505195102-1~deb11u1 We recommend that you upgrade your chromium packages For the detailed security status of chromium please refer to its security tracker page at: ...
Google Chrome: Stable Channel Update for Desktop
The Stable channel has been updated to 10505195102 for Windows,Mac and Linux which will roll out over the coming days/weeks A full list of changes in this build is available in the log Security Fixes and RewardsNote: Access to bug details and links may be kept restricted until a majority of users are updated with a fix We will also reta ...
Google Chrome: Long Term Support Candidate Channel for ChromeOS
A new LTS Candidate, LTC- 10205005177 (Platform Version: 146951280),  is rolling out for most ChromeOS devices Release notes for LTC-102 can be found here Want to know more about Long-term Support? Click here This update includes the following Security fixes:1327087HighCVE-2022-2296Use after free in C ...

Recent Articles

IT threat evolution in Q3 2022. Non-mobile statistics
Securelist • AMR • 18 Nov 2022

IT threat evolution in Q3 2022 IT threat evolution in Q3 2022. Non-mobile statistics IT threat evolution in Q3 2022. Mobile statistics These statistics are based on detection verdicts of Kaspersky products and services received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, in Q3 2022: Kaspersky solutions blocked 956,074,958 attacks from online resources across the globe. Web Anti-Virus recognized 251,288,987...

Read more...

References

CWE-20https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.htmlhttps://crbug.com/1358134https://security.gentoo.org/glsa/202209-23https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/https://www.debian.org/security/2022/dsa-5225https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook