CRITICAL 9.6 KEV Publié le 2022-09-26

CVE-2022-3075

Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CISA Known Exploited Vulnerability

Ajouté au KEV: 2022-09-08
Deadline remédiation: 2022-09-29
Action requise: Apply updates per vendor instructions.
Ransomware: Non

Voir sur NVD ↗ Catalogue CISA KEV ↗