CVE-2022-4186

Summary

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass Downloads restrictions via a crafted HTML page. (Chromium security severity: Medium)

Affected Software

VendorProductVersion RangeStatus
GoogleChromeunspecified < 108.0.5359.71affected

Weaknesses

  • Insufficient validation of untrusted input

ADP Enrichment

CVE Program Container

Additional References

References