Lucene search

Veracode Vulnerability DatabaseVERACODE:38048

HistoryNov 16, 2022 - 10:28 p.m.

Information Disclosure

2022-11-1622:28:19

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

chromium

information disclosure

file system api

google chrome

remote attacker

bypass restrictions

crafted html page

vulnerability

EPSS

0.002

Percentile

57.0%

JSON

chromium is vulnerable to information disclosure. The vulnerability exists due to insufficient data validation in File System API in Google Chrome which allows a remote attacker to bypass File System restrictions via a crafted HTML page.

References

chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html

crbug.com/1208439

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKLJ3B3D5BCVWE3QNP4N7HHF26OHD567/

lists.fedoraproject.org/archives/list/[email protected]/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ/

lists.fedoraproject.org/archives/list/[email protected]/message/YKLJ3B3D5BCVWE3QNP4N7HHF26OHD567/

security-tracker.debian.org/tracker/CVE-2022-3444

EPSS

0.002

Percentile

57.0%

JSON

Related for VERACODE:38048