Описание
Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | code not present |
| esm-infra/focal | DNE | focal was not-affected [code not present] |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| kinetic | not-affected | code not present |
| lunar | not-affected | code not present |
| trusty | ignored | end of standard support |
| upstream | released | |
| xenial | ignored | end of standard support |
Показывать по
EPSS
7.8 High
CVSS3
Связанные уязвимости
Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)
Chromium: CVE-2023-2939 Insufficient data validation in Installer
Insufficient data validation in Installer in Google Chrome on Windows ...
Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)
Уязвимость установщика браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю повысить свои привилегии
EPSS
7.8 High
CVSS3