cvedb.io
CVE-2022-21817
CRITICAL · CVSS 9.3
EPSS exploitation probability: 0%
Published 2022-02-02T13:15:08.340 · Last modified 2026-06-17T04:27:02.467

Summary

NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity.

Affected products

nvidia — omniverse_launcher

Does this affect you?

Add your gear to cvedb and we'll alert you only when nvidia ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.