CVE-2022-30738Improper Check or Handling of Exceptional Conditions in Mobile Samsung Internet

CWE-703Improper Check or Handling of Exceptional ConditionsCWE-754Improper Check for Unusual or Exceptional Conditions3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.3%
top 47.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Samsung Mobile Samsung InternetSamsung Internet
Timeline
PublishedJun 7
Latest updateJun 8

Description

Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

NVDsamsung/internet< 17.0.1.69
CVEListV5samsung_mobile/samsung_internetunspecified17.0.1.69

🔴Vulnerability Details

2
GHSA
GHSA-f8w8-8342-ph9j: Improper check in Loader in Samsung Internet prior to 172022-06-08
CVEList
CVE-2022-30738: Improper check in Loader in Samsung Internet prior to 172022-06-07
CVE-2022-30738 — Mobile Samsung Internet vulnerability | cvebase