Lucene search

ChromeCVELIST:CVE-2022-4452

HistoryAug 25, 2023 - 2:44 p.m.

CVE-2022-4452

2023-08-2514:44:44

Chrome

www.cve.org

google chrome

crosvm

data validation

object corruption

html page

security vulnerability

AI Score

8.6

Confidence

High

EPSS

0.002

Percentile

52.1%

JSON

Insufficient data validation in crosvm in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Chrome",
    "versions": [
      {
        "version": "107.0.5304.62",
        "status": "affected",
        "lessThan": "107.0.5304.62",
        "versionType": "custom"
      }
    ]
  }
]

References

bugs.chromium.org/p/chromium/issues/detail?id=1372457

crbug.com/1372457