CVE-2022-3443

Summary

CVE	CVE-2022-3443
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-11-01 20:15:00 UTC
Updated	2023-11-07 03:51:00 UTC
Description	Insufficient data validation in File System API in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass File System restrictions via a crafted HTML page. (Chromium security severity: Low)

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Google	Chrome	All	All	All	All

References

Reference	Source	Link	Tags
[SECURITY] Fedora 37 Update: chromium-115.0.5790.170-2.fc37 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
[SECURITY] Fedora 37 Update: chromium-115.0.5790.170-2.fc37 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
[SECURITY] Fedora 38 Update: chromium-115.0.5790.170-1.fc38 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
[SECURITY] Fedora 38 Update: chromium-115.0.5790.170-1.fc38 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
Chrome Releases: Stable Channel Update for Desktop	MISC	chromereleases.googleblog.com
1243802 - chromium - An open-source project to help move the web forward. - Monorail	MISC	crbug.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

183262 Debian Security Update for chromium (CVE-2022-3443)
284385 Fedora Security Update for chromium (FEDORA-2023-ea7128b5ce)
284422 Fedora Security Update for chromium (FEDORA-2023-6c8de2cd15)