CVE-2022-2856
Google Chromium Intents Insufficient Input Validation Vulnerability
CVSS
—
No CVSS
EPSS
4.5%
p90
KEV
YES
Aug 18, 2022
Exploit Today
77
0-100
Published: — · Last modified: —
Product
Google / Chromium Intents
Vulnerability
Google Chromium Intents Insufficient Input Validation Vulnerability
Added to KEV
Aug 18, 2022
Remediate by
Sep 8, 2022
Known ransomware use
No
Summary description
Google Chromium Intents contains an insufficient validation of untrusted input vulnerability that allows a remote attacker to browse to a malicious website via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required action
Apply updates per vendor instructions.
Notes
https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html; https://nvd.nist.gov/vuln/detail/CVE-2022-2856