<p>Upgrade <code>chromium</code> to version 103.0.5060.53 or higher.</p>

Improper Input Validation Affecting chromium package, versions [,103.0.5060.53)

Snyk CVSS

Attack Complexity Low

Threat Intelligence

EPSS 0.39% (74^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-UNMANAGED-CHROMIUM-2961650
published 28 Jul 2022
disclosed 28 Jul 2022
credit Rayyan Bijoora

Report a new vulnerability Found a mistake?

Introduced: 28 Jul 2022

CVE-2022-2165 Open this link in a new tab CWE-20 Open this link in a new tab

How to fix?

Upgrade chromium to version 103.0.5060.53 or higher.

Overview

Affected versions of this package are vulnerable to Improper Input Validation due to insufficient data validation in URL formatting, allows a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

References

Chrome Bug
Chrome Releases