VDB
CVE-2022-3449
CVE-2022-3449
PUBLISHED
CVSS 8.8 HIGH
Reported by Chrome · Published November 9, 2022
Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)
Risk Scores
CVSS 3.1
8.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | unspecified | |
| Chrome | * | |
| chrome | 0 |
Timeline
- Oct 13, 2022 CVE Published
- Nov 10, 2022 EPSS Score
- Dec 23, 2022 EPSS Score
- Dec 29, 2022 EPSS Score
- Feb 4, 2023 EPSS Score
- Feb 22, 2023 EPSS Score
- Mar 19, 2023 EPSS Score
- May 1, 2023 EPSS Score
- Jun 13, 2023 EPSS Score
- Jul 26, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
- Oct 20, 2023 EPSS Score
References
- GLSA-202305-10 vendor-advisory