Lucene search

PRIOn knowledge basePRION:CVE-2021-4323

HistoryJul 29, 2023 - 12:15 a.m.

Input validation

2023-07-2900:15:00

PRIOn knowledge base

www.prio-n.com

validation

extensions

google chrome

security vulnerability

local files

attack

malicious extension

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.1%

JSON

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to access local files via a crafted Chrome Extension. (Chromium security severity: Medium)

CPENameOperatorVersion
chromelt90.0.4430.72

CPE	Name	Operator	Version
	chrome	lt	90.0.4430.72

References

chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html

crbug.com/1176031

lists.fedoraproject.org/archives/list/[email protected]/message/PQKT7EGDD2P3L7S3NXEDDRCPK4NNZNWJ/