CVE-2022-3310
MEDIUM6.5EPSS 0.13%Published: 11/1/2022Modified: 4/28/2026
Description
Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. (Chromium security severity: Medium)
Affected packages (1)
- Debian/chromiumfrom 0, < 106.0.5249.61-1~deb11u1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |