Search for vulnerabilities
Vulnerability details: VCID-ck63-6654-aaae
Vulnerability ID VCID-ck63-6654-aaae
Aliases CVE-2024-7001
Summary Inappropriate implementation in HTML in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Status Published
Exploitability 0.5
Weighted Severity 3.9
Risk 1.9
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00068 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00068 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00068 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00068 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00068 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00068 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00068 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00068 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00068 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00068 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00068 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00074 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.0008 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00092 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
epss 0.00234 https://api.first.org/data/v1/epss?cve=CVE-2024-7001
ssvc Track https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html
cvssv3.1 4.3 https://issues.chromium.org/issues/347509736
ssvc Track https://issues.chromium.org/issues/347509736
cvssv3 4.3 https://nvd.nist.gov/vuln/detail/CVE-2024-7001
cvssv3.1 4.3 https://nvd.nist.gov/vuln/detail/CVE-2024-7001
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2024-7001
https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7001
https://issues.chromium.org/issues/347509736
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
CVE-2024-7001 https://nvd.nist.gov/vuln/detail/CVE-2024-7001
GLSA-202501-09 https://security.gentoo.org/glsa/202501-09
No exploits are available.
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T15:29:06Z/ Found at https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://issues.chromium.org/issues/347509736
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T15:29:06Z/ Found at https://issues.chromium.org/issues/347509736
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-7001
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-7001
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.18047
EPSS Score 0.00046
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-07-25T09:03:30.430410+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 34.0.0rc4