VDB
CNVD-2024-38807
CNVD-2024-38807
PUBLISHED
CVSS 6.300000190734863 MEDIUM
Google Chrome是美国谷歌(Google)公司的一款Web浏览器。 Google Chrome 122.0.6261.57版本之前存在安全绕过漏洞,该漏洞源于Navigation模块存在实施不当问题。攻击者可利用此漏洞绕过安全限制。
Risk Scores
CVSS 3.1
6.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | 122.0.6261.57 |
Exploit Intelligence
- CIRCL seen: CVE-2024-1674 (circl-sighting)
- CIRCL seen: CVE-2024-1674 (circl-sighting)
- CIRCL seen: CVE-2024-1674 (circl-sighting)
- CIRCL seen: CVE-2024-1674 (circl-sighting)
- https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html (circl)
- https://issues.chromium.org/issues/40095183 (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/ (circl)
Timeline
- Feb 20, 2024 CVE Published
- Feb 21, 2024 PoC Published
- Feb 22, 2024 PoC Published
- Feb 23, 2024 PoC Published
- Mar 8, 2024 PoC Published
References
- https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html url
- https://issues.chromium.org/issues/40095183 url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/ url