8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome's latest stable channel update for Windows, Mac, and Linux fixes several vulnerabilities. There are eight high-severity security flaws and 14 medium-severity flaws. The most significant of these flaws is CVE-2022-4174, a type confusion flaw in the web browser's V8 JavaScript engine that, when exploited, allows arbitrary code to be executed on the target device. Lacros Graphics was found to have an out-of-bounds write, while the use-after-free trigger error obtained access to sensitive information. These weaknesses affect Chrome components such as Camera Capture, Extensions Mojo, Audio, and Forms.