Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium)
References
Link | Resource |
---|---|
https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_29.html | Release Notes Vendor Advisory |
https://crbug.com/1381217 | Issue Tracking Permissions Required |
https://security.gentoo.org/glsa/202305-10 | |
https://security.gentoo.org/glsa/202311-11 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Chrome
Published: 2022-11-29T00:00:00
Updated: 2023-11-25T11:08:51.976832
Reserved: 2022-11-29T00:00:00
Link: CVE-2022-4187
JSON object: View
NVD Information
Status : Modified
Published: 2022-11-30T00:15:10.680
Modified: 2023-11-25T11:15:11.750
Link: CVE-2022-4187
JSON object: View
Redhat Information
No data.
CWE