Lucene search

K
cvelistChromeCVELIST:CVE-2024-0333
HistoryJan 10, 2024 - 9:28 p.m.

CVE-2024-0333

2024-01-1021:28:12
Chrome
www.cve.org
google chrome
extensions
data validation
html page
security issue
network position
privileged

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.8%

Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. (Chromium security severity: High)

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Chrome",
    "versions": [
      {
        "version": "120.0.6099.216",
        "status": "affected",
        "lessThan": "120.0.6099.216",
        "versionType": "custom"
      }
    ]
  }
]