On 30th August 2022, an anonymous user reported a zero-day vulnerability that is actively exploited in the wild, the vulnerability was identified in chrome and chromium-based browsers such as Microsoft Edge.

This vulnerability was found in mojo(Mojo is a collection of runtime libraries providing a platform-agnostic abstraction of common IPC primitives) which leads to insufficient data validation, where the vulnerability passes the input without proper validation, it was also reported that by taking advantage of this vulnerability a successful attacker can send customized links as part of exploitation, this the vulnerability was classified as CVE-2022-3075 in Common Vulnerability and exposures vulnerability database, which has a severity of “High” and a vulnerability score of 8.8 as per CVSS v3(Common vulnerability scoring system).

On 2nd September chrome published a blog with a patch and details of vulnerabilities and keeps the bug details restricted until the majority of the users update the fix.


CVSS v3: 8.8 (High)


Attack Vector: Network

Attack Complexity: Low

Privileges Required: None

User Interaction: Required

Scope: Unchanged

Confidentiality: High

Integrity: High

Availability: High



  • Update Google Chrome version 105.0.5195.102 or later.
  • Update Microsoft Chromium Edge to 105.0.1343.27 or later.



Chrome Releases


Get in touch

Send us a Message

Looking for general information or have a specific question. Fill the form below or drop
us a line at