CVE-2022-47524: 
NixOS vulnerability analysis and mitigation

F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack. The vulnerability was discovered and disclosed on December 23, 2022, affecting F-Secure Internet Security Browser for Android Version 19.1 and below (F-Secure Advisory).

The vulnerability allows attackers to execute IDN homograph attacks when displaying messages containing malicious URLs. This technique can deceive users into believing they are visiting a legitimate website when they are actually being directed to a malicious domain name that appears visually similar (F-Secure Advisory). The vulnerability has been assigned a CVSS v3.1 Base Score of 5.4 (MEDIUM) with vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N (NVD).

The vulnerability could allow attackers to deceive users through URL spoofing, potentially leading to phishing attacks and unauthorized access to sensitive information. The impact is considered medium severity as it requires user interaction and can result in limited confidentiality and integrity breaches (NVD).

The vulnerability has been fixed in version 19.2 of F-Secure Internet Security Browser for Android, which was released through the automatic update channel on December 22, 2022. No user action is required as the update is distributed automatically (F-Secure Advisory).