CVE-2022-24074

Summary

Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any SendMessage request from the content script itself that could lead to controlling Whale Bridge if the rendering process compromises.

Affected Software

VendorProductVersion RangeStatus
NAVERNAVER Whale browserunspecified < 3.12.129.46affected

Weaknesses

  • CWE-668: CWE-668: Exposure of Resource to Wrong Sphere

ADP Enrichment

CVE Program Container

Additional References

References