CVE-2022-1872

EPSS 0.19% · P40 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-1872

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Google Chrome 权限许可和访问控制问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Google Chrome是美国谷歌（Google）公司的一款Web浏览器。 Google Chrome 70.0.3538.67 到 101.0.4951.67 版本存在权限许可和访问控制问题漏洞，该漏洞源于 Extensions API 中的策略执行不足。远程攻击者利用该漏洞可绕过实施的安全限制。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Google	Chrome	unspecified ~ 102.0.5005.61	-

II. Public POCs for CVE-2022-1872

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-1872

请登录查看更多情报信息。

Security: chrome.downloads.download could be abused to steal user's environment variables like secrets, tokens or keys on windows. [40059207] - Chromiumx_refsource_MISC
https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_24.htmlx_refsource_MISC
https://security.gentoo.org/glsa/202208-25vendor-advisoryx_refsource_GENTOO
https://nvd.nist.gov/vuln/detail/CVE-2022-1872

Same Patch Batch · Google · 2022-07-27 · 24 CVEs total

CVE-2022-1864		Google Chrome 资源管理错误漏洞
CVE-2022-1853		Google Chrome 资源管理错误漏洞
CVE-2022-1854		Google Chrome 资源管理错误漏洞
CVE-2022-1855		Google Chrome 资源管理错误漏洞
CVE-2022-1856		Google Chrome 资源管理错误漏洞
CVE-2022-1857		Google Chrome 安全漏洞
CVE-2022-1858		Google Chrome 缓冲区错误漏洞
CVE-2022-1859		Google Chrome 资源管理错误漏洞
CVE-2022-1860		Google Chrome 资源管理错误漏洞
CVE-2022-1861		Google Chrome 资源管理错误漏洞
CVE-2022-1862		Google Chrome 安全特征问题漏洞
CVE-2022-1863		Google Chrome 资源管理错误漏洞
CVE-2022-1876		Google Chrome 缓冲区错误漏洞
CVE-2022-1865		Google Chrome 资源管理错误漏洞
CVE-2022-1866		Google Chrome 资源管理错误漏洞
CVE-2022-1867		Google Chrome 安全漏洞
CVE-2022-1868		Google Chrome 安全特征问题漏洞
CVE-2022-1869		Google Chrome 安全漏洞
CVE-2022-1870		Google Chrome 资源管理错误漏洞
CVE-2022-1871		Google Chrome 权限许可和访问控制问题漏洞

Showing top 20 of 24 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Chrome

Same vendor: Google

V. Comments for CVE-2022-1872

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-1872

I. Basic Information for CVE-2022-1872

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-1872

III. Intelligence Information for CVE-2022-1872

Same Patch Batch · Google · 2022-07-27 · 24 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-1872

Leave a comment