DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2024-8907

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-8907

CGA ID

CGA-v8gv-p2pq-vx4x

Severity

6.1

Medium

CVSS V3

Description

Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. (Chromium security severity: Medium)

References

  • https://images.chainguard.dev/security/CGA-v8gv-p2pq-vx4x

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images