VDB
CNVD-2024-16875
CNVD-2024-16875
PUBLISHED
CVSS 6.5 MEDIUM
Google Chrome是美国谷歌(Google)公司的一款Web浏览器。 Google Chrome存在安全绕过漏洞,该漏洞源于iOS中存在执行不当问题。攻击者可利用此漏洞绕过安全限制。
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | 123.0.6312.58 |
Exploit Intelligence
- CIRCL seen: CVE-2024-2630 (circl-sighting)
- https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html (circl)
- https://issues.chromium.org/issues/41481877 (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/ (circl)
Timeline
- Mar 19, 2024 CVE Published
- Apr 9, 2024 PoC Published
References
- https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html url
- https://issues.chromium.org/issues/41481877 url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/ url