Cybersecurity and Infrastructure Security Agency (CISA) added the Google Chrome zero-day to its catalog of exploited vulnerabilities.
The bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed.
An attacker could exploit the vulnerability and compromise a victim when they simply visit a website that hosts malicious HTML code.
Source: https://therecord.media/cisa-adds-google-zero-day-to-exploited-vulnerabilities-list/
"id": "GOO181291222",
"linkid": "google-chrome",
"type": "Vulnerability",
"date": "12/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"