Lucene search

[email protected]NVD:CVE-2022-4924

HistoryJul 29, 2023 - 12:15 a.m.

CVE-2022-4924

2023-07-2900:15:11

CWE-416

[email protected]

web.nvd.nist.gov

webrtc

google chrome

sandbox escape

remote attacker

html page

cve-2022-4924

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.2%

JSON

Use after free in WebRTC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Affected configurations

NVD

Node

googlechromeRange<97.0.4692.71

References

chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html

crbug.com/1272967

lists.fedoraproject.org/archives/list/[email protected]/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ/

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.2%

JSON

Related for NVD:CVE-2022-4924

ubuntucve1 osv2 debiancve1 cvelist1 cve1 prion1 veracode1 openvas5 kaspersky1 chrome1 nessus1 fedora1