Overview
- Description
- Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
CVE-2024-5836 / CVE-2024-6778 : Chromium Sandbox Escape via Extension Exploits https://t.co/AZefBo36Zb
@un_exceptional
7 Nov 2024
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: Critical Chrome Vulnerabilities Let Malicious Apps Run Shell Command on Your PC CVE-2024-5836 CVE-2024-6778 Severity: ⚠️ Critical Maturity: 💢 Emerging Learn more: https://t.co/Y1Fubw5jOQ #CyberSecurity #ThreatIntel #InfoSec (1/3)
@fletch_ai
23 Oct 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
A POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension. https://t.co/Vw6kMahtsv
@Dinosn
23 Oct 2024
5019 Impressions
20 Retweets
86 Likes
34 Bookmarks
0 Replies
0 Quotes
Escaping the Chrome Sandbox Through DevTools : https://t.co/hQHGhvwRgC A POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : https://t.co/433NhrlWTa https://t.co/AEmnjaazB9
@binitamshah
22 Oct 2024
8047 Impressions
34 Retweets
102 Likes
50 Bookmarks
0 Replies
1 Quote
GitHub - r00tjunip3r1/POC-CVE-2024-6778 - https://t.co/OzlzXTTozv
@piedpiper1616
20 Oct 2024
2938 Impressions
6 Retweets
28 Likes
11 Bookmarks
0 Replies
0 Quotes
デベロッパーツールを通じてChromeサンドボックスの脆弱性を探る Chromiumウェブブラウザで発見されたCVE-2024-6778やCVE-2024-5836といった脆弱性は、サイバーセキュリティの専門... https://t.co/TZ8NOrgMYr https://t.co/FxvDlIagzR
@bdog_ja
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Good one 😃 #Chrome sandbox escape via DevTools: #highschool student published technical write-up on CVE-2024-6778 + CVE-2024-5836 (Chromium bugs) .. received a $20,000 bounty https://t.co/2jDi3VsAVm "You also can't trust that very old code will remain safe after many years"
@ovelarsen
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-5386 CVE-2024-5836 / CVE-2024-6778 This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within the Chromium web browser which allowed for a san... https://t.co/M6C2EsNyYF
@VulmonFeeds
51 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes