CVE-2022-2164

2022-07-2800:41:01

Chrome

www.cve.org

google chrome

extensions api

inappropriate implementation

cve-2022-2164

discretionary access control

html page

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

48.2%

JSON

Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page.

CNA Affected

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "103.0.5060.53",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]