CVE-2022-24074

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-24074

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24074.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-24074

Published

2022-03-17T06:15:06.887Z

Modified

2026-03-14T11:36:11.197233Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any SendMessage request from the content script itself that could lead to controlling Whale Bridge if the rendering process compromises.

References

https://cve.naver.com/detail/cve-2022-24074

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24074.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "3.12.129.18"
            }
        ]
    }
]