Vulnerability DatabaseCVE-2022-0455

CVE-2022-0455:
vulnerability analysis and mitigation

Overview

CVE-2022-0455 is a high-severity vulnerability related to inappropriate implementation in Full Screen Mode in Google Chrome. The vulnerability was discovered by Irvan Kurniawan (sourc7) and reported on November 16, 2021. It was officially addressed in Chrome version 98.0.4758.80/81/82 for Windows and Chrome 98.0.4758.80 for macOS and Linux, released in February 2022 (Chrome Releases).

Technical details

The vulnerability was classified as a high-severity security flaw due to inappropriate implementation in the Full Screen Mode feature of Chrome. Google awarded a bug bounty of $7,500 for this vulnerability discovery, indicating its significant impact on browser security (SecurityWeek).

Impact

While specific exploit details were not publicly disclosed, as a high-severity vulnerability, CVE-2022-0455 could potentially be exploited to execute arbitrary code with the same privileges as the Chrome browser has on the target system (SecurityWeek).

Mitigation and workarounds

The vulnerability was patched in Chrome version 98.0.4758.80/81/82 for Windows and version 98.0.4758.80 for macOS and Linux. Users are advised to update their Chrome browsers to these versions or newer to mitigate the risk (Chrome Releases).

Additional resources

Source: This report was generated using AI

View vulnerable instances

Not a Wiz customer? See which CVEs are exploitable in your environment.

Get a CVE Assessment

6.5

Score

Published April 5, 2022

Severity MEDIUM

CNA Score N/A

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 53.4

Exploitation Probability (EPSS) 0.3

Affected packages and libraries

chromium-browser
chromedriver

Sources

Alpine Security Tracker
- Alpine 3.15 Severity MEDIUMHas FixAdded at: Mar 28, 2022
- Alpine 3.16 Severity MEDIUMHas FixAdded at: May 24, 2022
- Alpine 3.17 Severity MEDIUMHas FixAdded at: Nov 23, 2022
- Alpine 3.18 Severity MEDIUMHas FixAdded at: May 10, 2023
- Alpine 3.19 Severity MEDIUMHas FixAdded at: Dec 10, 2023
- Alpine 3.20 Severity MEDIUMHas FixAdded at: May 26, 2024
- Alpine 3.21 Severity MEDIUMHas FixAdded at: Dec 08, 2024
- Alpine 3.22 Severity MEDIUMHas FixAdded at: Jun 01, 2025
- Alpine 3.23 Severity MEDIUMHas FixAdded at: Dec 04, 2025
- Alpine edge Severity MEDIUMHas FixAdded at: Jun 19, 2023
Debian Security Tracker
- Debian 9, 10 Severity MEDIUMNo FixAdded at: Mar 28, 2022
- Debian 11 Severity MEDIUMHas FixAdded at: Feb 08, 2022
- Debian 12 Severity MEDIUMHas FixAdded at: Feb 07, 2022
- Debian 13 Severity MEDIUMHas FixAdded at: Jun 11, 2023
- Debian 14 Severity MEDIUMHas FixAdded at: Aug 10, 2025
Echo
- Echo Severity MEDIUMHas FixAdded at: Nov 18, 2025
Gentoo Advisory Database
- Gentoo Severity HIGHHas FixAdded at: Jul 24, 2022
Nix
- Nix Severity MEDIUMHas FixAdded at: May 26, 2024
Ubuntu Security Tracker
- Ubuntu 18.04 Severity MEDIUMHas FixAdded at: Feb 09, 2022
NVD
- Linux Severity MEDIUMHas FixAdded at: Apr 11, 2022
- Windows Severity MEDIUMHas FixAdded at: Feb 07, 2022