CVE-2024-6778 — Race Condition in Google Chrome
Severity
7.5HIGHNVD
EPSS
12.8%
top 5.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 16
Latest updateDec 10
Description
Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9