CVE-2024-6778

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-6778
Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

8.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html
https://issues.chromium.org/issues/341136300
Configurations

No configuration.

History

01 Aug 2024, 14:00

Type Values Removed Values Added
Summary
  • (es) Race in DevTools en Google Chrome anterior a 126.0.6478.182 permitió que un atacante convenciera a un usuario de instalar una extensión maliciosa para inyectar scripts o HTML en una página privilegiada a través de una extensión de Chrome manipulada. (Severidad de seguridad de Chrome: alta)
CWE CWE-366
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.8

16 Jul 2024, 22:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-16 22:15

Updated : 2024-08-01 14:00

NVD link : CVE-2024-6778

Mitre link : CVE-2024-6778

CVE.ORG link : CVE-2024-6778

JSON object : View

Products Affected

No product.

CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-366

Race Condition within a Thread


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024