CVE-2022-4955

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 108.0.5359.71

Description The issue is related to an inappropriate implementation in DevTools, which allowed an attacker to bypass file access restrictions. This could be achieved by convincing a user to install a malicious extension and using a crafted HTML page. The exploitation of this issue may allow a remote attacker to modify files.

Recommendations For Google Chrome versions prior to 108.0.5359.71, update to version 108.0.5359.71 or later to resolve the issue. As a temporary workaround, consider restricting the installation of extensions to trusted sources and avoiding the use of crafted HTML pages.