VDB
CNVD-2024-10262
CNVD-2024-10262
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Google Chrome是美国谷歌(Google)公司的一款Web浏览器。 Google Chrome 121.0.6167.85版本及之前版本存在安全绕过漏洞,该漏洞源于DevTools模块存在政策执行力度不够问题。攻击者可利用此漏洞绕过安全限制。
Risk Scores
CVSS 3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | 121.0.6167.85 |
Exploit Intelligence
- https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html (circl)
- https://crbug.com/1496250 (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/ (circl)
- CIRCL seen: CVE-2024-0810 (circl-sighting)
- CIRCL seen: CVE-2024-0810 (circl-sighting)
- CIRCL seen: CVE-2024-0810 (circl-sighting)
- CIRCL seen: CVE-2024-0810 (circl-sighting)
Timeline
- Jan 23, 2024 CVE Published
- Jan 24, 2024 PoC Published
- Jan 26, 2024 PoC Published
- Feb 17, 2024 PoC Published
- May 22, 2025 PoC Published
References
- https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html url
- https://crbug.com/1496250 url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/ url