CVE-2022-0117

MEDIUM

Google Chrome < 97.0.4692.71 - Policy Bypass via Crafted HTML Page

Title source: llm

Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Core 5

Core References

Release Notes, Vendor Advisory x_refsource_misc

Exploit, Issue Tracking, Patch, Vendor Advisory x_refsource_misc

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

CVSS v3 6.5

EPSS 0.0014

EPSS Percentile 32.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE

CWE-863

Status published

Products (4)

fedoraproject/fedora 34

fedoraproject/fedora 35

fedoraproject/fedora 36

google/chrome < 97.0.4692.71

Published Feb 12, 2022

Tracked Since Feb 18, 2026