Security Advisory

CVE-2022-4186

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-29 00:00:00

Last updated 2024-08-03 01:34:49

Assigner Chrome

State PUBLISHED

Description

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass Downloads restrictions via a crafted HTML page. (Chromium security severity: Medium)

← Browse all CVEs View on cve.org ↗