CVE-2022-4911 — Vulnetix

CVE-2022-4911 PUBLISHED CVSS 6.5 MEDIUM

Insufficient data validation in DevTools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

EPSS 0.04% · 11.4th percentile

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS Score

0.04%

11.4th percentile

Affected Products

Vendor	Product	Versions
Google	Chrome	106.0.5249.62
google	chrome	0

Timeline

Jul 28, 2023 CVE Published
Jul 29, 2023 EPSS Score
Sep 1, 2023 EPSS Score
Oct 5, 2023 EPSS Score
Nov 8, 2023 EPSS Score
Dec 12, 2023 EPSS Score
Jan 15, 2024 EPSS Score
Feb 18, 2024 EPSS Score
Mar 23, 2024 EPSS Score
Apr 25, 2024 EPSS Score
May 29, 2024 EPSS Score
Jul 2, 2024 EPSS Score

References

https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html url
https://crbug.com/1349493 url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ/ url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YKLJ3B3D5BCVWE3QNP4N7HHF26OHD567/ url
https://nvd.nist.gov/vuln/detail/CVE-2022-4911 advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YKLJ3B3D5BCVWE3QNP4N7HHF26OHD567 url

Open in Interactive Console →