CVE-2022-4177

Severity CVSS v4.0:
Pending analysis
Type:
CWE-416 Use After Free
Publication date:
30/11/2022
Last modified:
25/11/2023

Description

Use after free in Extensions in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install an extension to potentially exploit heap corruption via a crafted Chrome Extension and UI interaction. (Chromium security severity: High)

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* 108.0.5359.71 (excluding)