CVE-2022-24074
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-24074
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any SendMessage request from the content script itself that could lead to controlling Whale Bridge if the rendering process compromises.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
将资源暴露给错误范围
Source: NVD (National Vulnerability Database)
Vulnerability Title
Naver Whale Browser 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Naver Whale Browser是韩国Naver公司的一款支持用户自定义界面的网页浏览器。 Naver Whale Browser 3.12.129.18 之前存在安全漏洞,该漏洞源于 Whale 浏览器中的默认扩展允许接收来自内容脚本本身的任何 SendMessage 请求。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| NAVER | NAVER Whale browser | unspecified ~ 3.12.129.46 | - |
II. Public POCs for CVE-2022-24074
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-24074
请登录查看更多情报信息。
Same Patch Batch · NAVER · 2022-03-17 · 4 CVEs total
| CVE-2022-24072 | Naver Whale Browser 安全漏洞 | |
| CVE-2022-24073 | Naver Whale Browser 安全漏洞 | |
| CVE-2022-24075 | Naver Whale Browser 安全漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-668
- CVE-2026-44552
Open WebUI: Redis Cache Keys tool_servers and terminal_serve - CVE-2026-45411
vm2: Sandbox Breakout Using Async Generator - CVE-2026-44009
vm2: Sandbox Breakout Through Null Proto Exception - CVE-2026-44008
vm2: Snabox breakout via `neutralizeArraySpeciesBatch` - CVE-2026-41368
OpenClaw < 2026.3.28 - Environment Variable Disclosure via j
V. Comments for CVE-2022-24074
No comments yet