Your submission was sent successfully! Close

CVE-2022-3075

Published: 26 September 2022

Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Notes

AuthorNote
amurray
The Debian chromium source package is called chromium-browser in
Ubuntu
mdeslaur
starting with Ubuntu 19.10, the chromium-browser package is just
a script that installs the Chromium snap
Priority

Medium

CVSS 3 base score: 9.6

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
bionic
Released (105.0.5195.102-0ubuntu0.18.04.1)
focal Not vulnerable
(code not present)
jammy Not vulnerable
(code not present)
kinetic Not vulnerable
(code not present)
trusty Ignored
(out of standard support)
upstream
Released (105.0.5195.102)
xenial Ignored
(out of standard support)