← ExploitWatch
HomeExploited Vulnerabilities

CVE-2022-3075 — Actively Exploited: Chromium Mojo (Google)

Google Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to

CVE IDCVE-2022-3075
VendorGoogle
ProductChromium Mojo
Vulnerability nameGoogle Chromium Mojo Insufficient Data Validation Vulnerability
Date added2022-09-08
Remediation due2022-09-29
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionGoogle Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →