CVE-2022-4907

2023-07-2823:26:49

Chrome

www.cve.org

uninitialized use

ffmpeg

google chrome

remote attacker

arbitrary code

sandbox

crafted html page

chromium

medium security

8.8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.4%

JSON

Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Chrome",
    "versions": [
      {
        "version": "108.0.5359.71",
        "status": "affected",
        "lessThan": "108.0.5359.71",
        "versionType": "custom"
      }
    ]
  }
]