{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-3661","assignerOrgId":"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28","assignerShortName":"Chrome","dateUpdated":"2024-08-03T01:14:03.268Z","dateReserved":"2022-10-21T00:00:00.000Z","datePublished":"2022-11-01T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28","shortName":"Chrome","dateUpdated":"2023-09-27T18:56:51.015Z"},"descriptions":[{"lang":"en","value":"Insufficient data validation in Extensions in Google Chrome prior to 107.0.5304.62 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome extension. (Chromium security severity: Low)"}],"affected":[{"vendor":"Google","product":"Chrome","versions":[{"version":"unspecified","lessThan":"107.0.5304.62","status":"affected","versionType":"custom"}]}],"references":[{"url":"https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html"},{"url":"https://crbug.com/1350111"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Insufficient data validation"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T01:14:03.268Z"},"title":"CVE Program Container","references":[{"url":"https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_25.html","tags":["x_transferred"]},{"url":"https://crbug.com/1350111","tags":["x_transferred"]}]}]}}