CVE-2022-4025 — Vulnetix

CVE-2022-4025 PUBLISHED CVSS 4.300000190734863 MEDIUM

Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. (Chrome security severity: Low)

EPSS 0.17% · 38.3th percentile

Risk Scores

CVSS v3.1

4.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

EPSS Score

0.17%

38.3th percentile

Affected Products

Vendor	Product	Versions
google	chrome	0
Google	Chrome	unspecified

Timeline

Jan 2, 2023 CVE Published
Jan 3, 2023 EPSS Score
Feb 13, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 26, 2023 EPSS Score
May 6, 2023 EPSS Score
Jun 16, 2023 EPSS Score
Jul 27, 2023 EPSS Score
Sep 6, 2023 EPSS Score
Oct 17, 2023 EPSS Score
Nov 28, 2023 EPSS Score
Jan 8, 2024 EPSS Score

References

https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html url
https://crbug.com/1260250 url
https://nvd.nist.gov/vuln/detail/CVE-2022-4025 advisory

Open in Interactive Console →