Unrated severityNVD Advisory· Published Sep 26, 2022· Updated Aug 3, 2024
CVE-2022-3201
CVE-2022-3201
Description
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)
Affected products
9- osv-coords8 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.3%20NonFreepkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.4%20NonFreepkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.5%20NonFreepkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP3pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP4
< 105.0.5195.127-bp154.2.29.1+ 7 more
- (no CPE)range: < 105.0.5195.127-bp154.2.29.1
- (no CPE)range: < 105.0.5195.127-bp154.2.29.1
- (no CPE)range: < 105.0.5195.127-1.1
- (no CPE)range: < 91.0.4516.20-lp153.2.63.1
- (no CPE)range: < 91.0.4516.20-lp154.2.23.1
- (no CPE)range: < 99.0.4788.13-lp155.3.6.1
- (no CPE)range: < 105.0.5195.127-bp154.2.29.1
- (no CPE)range: < 105.0.5195.127-bp154.2.29.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- security.gentoo.org/glsa/202311-11mitrevendor-advisory
- chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.htmlmitre
- crbug.com/1343104mitre
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE/mitre
- security.gentoo.org/glsa/202209-23mitre
- security.gentoo.org/glsa/202210-16mitre
- www.debian.org/security/2022/dsa-5244mitre
News mentions
0No linked articles in our index yet.