EPSS
Percentile
70.8%
chrome-launcher is vulnerable to Command Injection. The vulnerability exists because an attacker can get control of the $HOME environment variable in Linux operating systems, leading to an execution of malicious command.
$HOME
github.com/GoogleChrome/chrome-launcher/commit/2ae5591df683d21d6851f9bfbb67ec5fdc037b2a
github.com/GoogleChrome/chrome-launcher/pull/197