CVE-2022-3075 - Google Chromium Mojo Insufficient Data Validation Vulnerability

CVE-2022-3075: Google | Chromium Mojo

Date Added:
2022-09-08

Due Date:
2022-09-29

Vulnerability Name: Google Chromium Mojo Insufficient Data Validation Vulnerability

Description: Google Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply updates per vendor instructions.

Additional Notes: https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html, https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3075; https://nvd.nist.gov/vuln/detail/CVE-2022-3075

Free security scan for your website

Don't show website scan report rating on the leaderboard