Search for vulnerabilities
Vulnerability details: VCID-28h7-9936-aaac
Vulnerability ID VCID-28h7-9936-aaac
Aliases CVE-2024-5843
Summary Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI via a malicious file. (Chromium security severity: Medium)
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00054 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00309 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00327 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00327 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00327 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00327 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00327 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00327 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00327 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00327 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
epss 0.00981 https://api.first.org/data/v1/epss?cve=CVE-2024-5843
cvssv3 6.5 https://nvd.nist.gov/vuln/detail/CVE-2024-5843
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2024-5843
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2024-5843
https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5843
https://issues.chromium.org/issues/333940412
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
CVE-2024-5843 https://nvd.nist.gov/vuln/detail/CVE-2024-5843
GLSA-202501-09 https://security.gentoo.org/glsa/202501-09
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-5843
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-5843
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.22945
EPSS Score 0.00054
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-06-12T09:17:09.516787+00:00 NVD Importer Import https://nvd.nist.gov/vuln/detail/CVE-2024-5843 34.0.0rc4