This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2024-E60359F212.NASLFedora 39 : chromium (2024-e60359f212)
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e60359f212 advisory.
Update to 129.0.6668.70
* High CVE-2024-9120: Use after free in Dawn
* High CVE-2024-9121: Inappropriate implementation in V8
* High CVE-2024-9122: Type Confusion in V8
* High CVE-2024-9123: Integer overflow in Skia
Tenable has extracted the preceding description block directly from the Fedora security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
File data fedora_2024-e60359f212.naslReferences
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7281
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7282
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7018
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7019
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7020
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7022
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7024
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9120
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9121
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9122
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9123
bodhi.fedoraproject.org/updates/FEDORA-2024-e60359f212
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High