CVE-2022-3075: Google Chromium Mojo Insufficient Data Validation
Google Chromium Mojo Insufficient Data Validation Vulnerability. Google Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
- CISA KEV-listed (remediation due 2022-09-29)
- EPSS 2.1% (84.5% percentile)