Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to potentially perform a sandbox escape via a malicious file. (Chromium security severity: Medium)
| Vendor | Product | Versions |
|---|---|---|
| chrome | 150.0.7871.47 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| android | cve_cpe | 95% |
Updated vendor to Microsoft and product to Edge, and marked exploit as available.
Updated severity to CRITICAL, added new affected version 149.0.7827.201, and changed exploit availability status.
Initial creation