Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-7004

Aug. 6, 2024, 4:30 p.m.

Product(s) Impacted

Google Chrome

  • prior to 127.0.6533.72

Description

Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. (Chromium security severity: Low)

Weaknesses

CWE-20
Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE ID: 20

Date

Published: Aug. 6, 2024, 4:15 p.m.

Last Modified: Aug. 6, 2024, 4:30 p.m.

Status : Undergoing Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

chrome-cve-admin@google.com

References

https://chromereleases.googleblog.com/ chrome-cve-admin@google.com

https://issues.chromium.org/ chrome-cve-admin@google.com