CVE-2022-38163

CVE Database · CVE-2022-38163

CVE-2022-38163

· LOWModified

CVSS v3.1

3.5

EPSS

0.55%

Published

Nov 7, 2022

Modified

May 2, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the address bar.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Weaknesses (CWE)

CWE-451

Affected Products (2)

f-secure · safevulnerable

References (6)

https://withsecure.com

Vendor Advisory

https://www.f-secure.com/en/home/support/security-advisories

Vendor Advisory

https://www.f-secure.com/en/home/support/security-advisories/cve-2022-38163

Vendor Advisory

https://withsecure.com

Vendor Advisory

https://www.f-secure.com/en/home/support/security-advisories

Vendor Advisory

https://www.f-secure.com/en/home/support/security-advisories/cve-2022-38163

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs