Lucene search

K
cveChromeCVE-2022-4922
HistoryJul 29, 2023 - 12:15 a.m.

CVE-2022-4922

2023-07-2900:15:11
Chrome
web.nvd.nist.gov
45
cve-2022-4922
blink
google chrome
ui spoofing
html page
nvd
medium severity

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

55.1%

Inappropriate implementation in Blink in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Affected configurations

Nvd
Vulners
Node
googlechromeRange<99.0.4844.51
VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Chrome",
    "versions": [
      {
        "version": "99.0.4844.51",
        "status": "affected",
        "lessThan": "99.0.4844.51",
        "versionType": "custom"
      }
    ]
  }
]

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

55.1%