Google on Friday released emergency fixes to address a vulnerability, tracked as CVE-2022-3075, in the Chrome web browser that is being actively exploited in the wild.
The CVE-2022-3075 flaw is caused by insufficient data validating in Mojo. Mojo is a collection of runtime libraries providing a platform-agnostic abstraction of common IPC primitives, a message IDL format, and a bindings library with code generation for multiple target languages to facilitate convenient message passing across arbitrary inter- and intra-process boundaries.
The vulnerability was reported by an anonymous researcher on August 30, 2022.
“Google is aware of reports that an exploit for CVE-2022-3075 exists in the wild.” reads the advisory published by Google.
An anonymous researcher has been credited with reporting the high-severity flaw on August 30, 2022.
This is the sixth zero-day vulnerability in Chrome that the IT giant addressed in 2022, the previous ones are:
Users should update to version 105.0.5195.102 for Windows, macOS, and Linux.
The issue also affects other Chromium-based browsers, including Microsoft Edge, Brave, and Opera.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Chrome)
[adrotate banner=”5″]
[adrotate banner=”13″]
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over…
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…
This website uses cookies.