{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2024-062.pdf"
    },
    "title": "Vulnerabilities in Chrome and Chromium based Browsers",
    "serial_number": "2024-062",
    "publish_date": "12-12-2024 10:28:13",
    "description": "Google has released a critical security update for its Chrome Browser, addressing six high-severity vulnerabilities that could lead to serious security issues. Chromium-based browsers are also impacted. <br>\n",
    "url_title": "2024-062",
    "content_markdown": "---\ntitle: 'Vulnerabilities in Chrome and\u00a0Chromium\u00a0based\u00a0Browsers'\nnumber: '2024-062'\nversion: '1.0'\noriginal_date: 'June 21, 2024'\ndate: 'June 21, 2024'\n---\n\n_History:_\n\n* _21/06/2024 --- v1.0 -- Initial publication_\n\n# Summary\n\nGoogle has released a critical security update for its Chrome Browser, addressing six high-severity vulnerabilities that could lead to serious security issues. Chromium-based browsers are also impacted. \n\n# Technical Details\n\nThe vulnerabilities patched in this update include:\n\n- **CVE-2024-6100**: Type confusion in V8\n- **CVE-2024-6101**: Inappropriate implementation in WebAssembly\n- **CVE-2024-6102**: Out-of-bounds memory access in Dawn\n- **CVE-2024-6103**: Use-after-free in Dawn\n\n# Affected Products\n\n- Google Chrome versions prior to 126.0.6478.114/115 for Windows and Mac\n- Google Chrome versions prior to 126.0.6478.114 for Linux\n- Chromium-based browsers\n\n# Recommendations\n\nUsers are strongly advised to update their Chromium-based browsers to the latest version available. \n\n# References\n\n[1] <https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html>\n\n[2] <https://cybersecuritynews.com/google-chrome-security-patch-2/>",
    "content_html": "<p><em>History:</em></p><ul><li><em>21/06/2024 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>Google has released a critical security update for its Chrome Browser, addressing six high-severity vulnerabilities that could lead to serious security issues. Chromium-based browsers are also impacted. </p><h2 id=\"technical-details\">Technical Details</h2><p>The vulnerabilities patched in this update include:</p><ul><li><strong>CVE-2024-6100</strong>: Type confusion in V8</li><li><strong>CVE-2024-6101</strong>: Inappropriate implementation in WebAssembly</li><li><strong>CVE-2024-6102</strong>: Out-of-bounds memory access in Dawn</li><li><strong>CVE-2024-6103</strong>: Use-after-free in Dawn</li></ul><h2 id=\"affected-products\">Affected Products</h2><ul><li>Google Chrome versions prior to 126.0.6478.114/115 for Windows and Mac</li><li>Google Chrome versions prior to 126.0.6478.114 for Linux</li><li>Chromium-based browsers</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>Users are strongly advised to update their Chromium-based browsers to the latest version available. </p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html\">https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://cybersecuritynews.com/google-chrome-security-patch-2/\">https://cybersecuritynews.com/google-chrome-security-patch-2/</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}