CVE-2024-1694

2024-06-0720:15:10

Debian Security Bug Tracker

security-tracker.debian.org

google updator

local attacker

access control

google chrome

security vulnerability

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a local attacker to bypass discretionary access control via a malicious file. (Chromium security severity: High)

OSVersionArchitecturePackageVersionFilename
Debian12allchromium< 121.0.6167.139-1~deb12u1chromium_121.0.6167.139-1~deb12u1_all.deb
Debian11allchromium< 120.0.6099.224-1~deb11u1chromium_120.0.6099.224-1~deb11u1_all.deb
Debian10allchromium< 90.0.4430.212-1~deb10u1chromium_90.0.4430.212-1~deb10u1_all.deb
Debian999allchromium< 126.0.6478.126-1chromium_126.0.6478.126-1_all.deb
Debian13allchromium< 125.0.6422.60-1chromium_125.0.6422.60-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	chromium	< 121.0.6167.139-1~deb12u1	chromium_121.0.6167.139-1~deb12u1_all.deb
Debian	11	all	chromium	< 120.0.6099.224-1~deb11u1	chromium_120.0.6099.224-1~deb11u1_all.deb
Debian	10	all	chromium	< 90.0.4430.212-1~deb10u1	chromium_90.0.4430.212-1~deb10u1_all.deb
Debian	999	all	chromium	< 126.0.6478.126-1	chromium_126.0.6478.126-1_all.deb
Debian	13	all	chromium	< 125.0.6422.60-1	chromium_125.0.6422.60-1_all.deb