Vulnerability DatabaseCVE-2022-0459

CVE-2022-0459:
vulnerability analysis and mitigation

Overview

A Use-after-free vulnerability in the Screen Capture component of Google Chrome (CVE-2022-0459) was discovered prior to version 98.0.4758.80. The vulnerability was initially reported on August 28, 2021, by a security researcher known as raven (@raid_akame) and was officially addressed in the February 2022 Chrome stable channel update (Chrome Release).

Technical details

The vulnerability is classified as a Use-after-free (UAF) issue specifically affecting the Screen Capture functionality in Google Chrome. The flaw could be exploited through heap corruption via a crafted HTML page, requiring specific user interaction and a compromised renderer process (NVD).

Impact

When successfully exploited, this vulnerability could allow a remote attacker who has compromised the renderer process to execute arbitrary code within the context of the browser, potentially leading to heap corruption. The impact is considered High severity, as indicated by Chrome's security advisory (Chrome Release).

Mitigation and workarounds

Google addressed this vulnerability in Chrome version 98.0.4758.80 for Windows, Mac, and Linux platforms. Users are advised to update their Chrome browsers to this version or later to receive the security fix (Chrome Release, Debian Security).

Additional resources

Source: This report was generated using AI

View vulnerable instances

Not a customer? See how Wiz maps CVEs like this one to real cloud attack paths.

Watch 12-min demo

8.8

Score

Published April 5, 2022

Severity HIGH

CNA Score N/A

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 67

Exploitation Probability (EPSS) 0.5

Affected packages and libraries

chromedriver
cpe:2.3:a:google:chrome

Sources

Alpine Security Tracker
- Alpine 3.15 Severity HIGHHas FixAdded at: Mar 09, 2022
- Alpine 3.16 Severity HIGHHas FixAdded at: May 24, 2022
- Alpine 3.17 Severity HIGHHas FixAdded at: Nov 23, 2022
- Alpine 3.18 Severity HIGHHas FixAdded at: May 10, 2023
- Alpine 3.19 Severity HIGHHas FixAdded at: Dec 10, 2023
- Alpine 3.20 Severity HIGHHas FixAdded at: May 26, 2024
- Alpine 3.21 Severity HIGHHas FixAdded at: Dec 08, 2024
- Alpine 3.22 Severity HIGHHas FixAdded at: Jun 01, 2025
- Alpine 3.23 Severity HIGHHas FixAdded at: Dec 04, 2025
- Alpine edge Severity HIGHHas FixAdded at: Jun 19, 2023
Debian Security Tracker
- Debian 9, 10 Severity HIGHNo FixAdded at: Mar 28, 2022
- Debian 11 Severity HIGHHas FixAdded at: Feb 08, 2022
- Debian 12 Severity HIGHHas FixAdded at: Feb 07, 2022
- Debian 13 Severity HIGHHas FixAdded at: Jun 11, 2023
- Debian 14 Severity HIGHHas FixAdded at: Aug 10, 2025
Echo
- Echo Severity HIGHHas FixAdded at: Nov 18, 2025
Gentoo Advisory Database
- Gentoo Severity HIGHHas FixAdded at: Jul 24, 2022
Nix
- Nix Severity HIGHHas FixAdded at: May 26, 2024
Ubuntu Security Tracker
- Ubuntu 18.04 Severity MEDIUMHas FixAdded at: Feb 09, 2022
NVD
- Linux Severity HIGHHas FixAdded at: Apr 11, 2022
- Windows Severity HIGHHas FixAdded at: Feb 07, 2022