QwikSec

Security Database

CVE

CWE

Training

CVE-2022-2479

Published: Jul 28, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page.

Vendor	Product	Versions
Google	Chrome	affected `unspecified - < 103.0.5060.134`

References

https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop_19.html

https://crbug.com/1329987

vendor-advisory

FEDORA-2023-ea7128b5ce

vendor-advisory

FEDORA-2023-6c8de2cd15

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.