cvedb.io
CVE-2022-24074
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2022-03-17T06:15:06.887 · Last modified 2026-06-17T04:31:15.487

Summary

Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any SendMessage request from the content script itself that could lead to controlling Whale Bridge if the rendering process compromises.

Affected products

navercorp — whale

Does this affect you?

Add your gear to cvedb and we'll alert you only when navercorp ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.