Lucene search

Alpine Linux Development TeamALPINE:CVE-2024-6777

HistoryJul 16, 2024 - 10:15 p.m.

CVE-2024-6777

2024-07-1622:15:07

Alpine Linux Development Team

security.alpinelinux.org

google chrome

vulnerability

heap corruption

malicious extension

cve-2024-6777

chromium

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

High

JSON

Use after free in Navigation in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

OSVersionArchitecturePackageVersionFilename
Alpineedge-communitynoarchqt6-qtwebengine< 6.7.2-r2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-community	noarch	qt6-qtwebengine	< 6.7.2-r2	UNKNOWN

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

High

JSON

Related for ALPINE:CVE-2024-6777