← Volver a CVEs
CVE-2022-24074
CRITICAL9.8
Descripcion
Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any SendMessage request from the content script itself that could lead to controlling Whale Bridge if the rendering process compromises.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado3/17/2022
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
navercorp:whale
Debilidades (CWE)
CWE-668CWE-668
Referencias
https://cve.naver.com/detail/cve-2022-24074(cve@navercorp.com)
https://cve.naver.com/detail/cve-2022-24074(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.