Lucene search

K
osvGoogleOSV:CVE-2022-3443
HistoryNov 01, 2022 - 8:15 p.m.

CVE-2022-3443

2022-11-0120:15:21
Google
osv.dev
7
google chrome
file system api
data validation
remote attacker
restrictions

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

AI Score

5.2

Confidence

Low

EPSS

0.002

Percentile

58.6%

Insufficient data validation in File System API in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass File System restrictions via a crafted HTML page. (Chromium security severity: Low)

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

AI Score

5.2

Confidence

Low

EPSS

0.002

Percentile

58.6%