CVE-2024-0805

Medium

Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via…

Chrome·NVD-CWE-noinfo·Published 2024-01-23

CVSS

4.3

EPSS

0.00

KEV

Exploits

cve.orgen

198 chars

Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)

NVDen

198 chars

Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)

La implementación inadecuada en Downloads en Google Chrome anterior a 121.0.6167.85 permitió a un atacante remoto realizar una suplantación de dominio a través de un nombre de dominio manipulado. (Severidad de seguridad de Chromium: media)

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	4.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
3.1	Primary	NVD	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
3.1	Primary	cve.org	4.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
3.1	Secondary	NVD	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N