{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-19T19:49:40.072","vulnerabilities":[{"cve":{"id":"CVE-2022-24075","sourceIdentifier":"cve@navercorp.com","published":"2022-03-17T06:15:06.950","lastModified":"2026-06-17T04:31:15.587","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Whale browser before 3.12.129.18 allowed extensions to replace JavaScript files of the HWP viewer website which could access to local HWP files. When the HWP files were opened, the replaced script could read the files."},{"lang":"es","value":"Whale browser versiones anteriores a 3.12.129.18, permitía que las extensiones sustituyeran a archivos JavaScript del sitio web del visualizador de HWP que podían acceder a archivos locales de HWP. Cuando eran abiertos archivos HWP, el script sustituido podía leer los archivos"}],"affected":[{"source":"cve@navercorp.com","affectedData":[{"vendor":"NAVER","product":"NAVER Whale browser","versions":[{"version":"unspecified","lessThan":"3.12.129.46","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"cve@navercorp.com","type":"Secondary","description":[{"lang":"en","value":"CWE-552"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-552"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:navercorp:whale:*:*:*:*:*:*:*:*","versionEndExcluding":"3.12.129.18","matchCriteriaId":"47138F1B-655D-4459-905C-7BFA3A326DC5"}]}]}],"references":[{"url":"https://cve.naver.com/detail/cve-2022-24075","source":"cve@navercorp.com","tags":["Vendor Advisory"]},{"url":"https://cve.naver.com/detail/cve-2022-24075","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}