Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)
References
Link | Resource |
---|---|
https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_30.html | Release Notes Vendor Advisory |
https://crbug.com/1427431 | Issue Tracking Vendor Advisory |
https://security.gentoo.org/glsa/202311-11 | |
https://security.gentoo.org/glsa/202401-34 | |
https://www.debian.org/security/2023/dsa-5418 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Chrome
Published: 2023-05-30T21:31:41.044Z
Updated: 2023-05-30T21:31:41.044Z
Reserved: 2023-05-27T19:39:15.074Z
Link: CVE-2023-2939
JSON object: View
NVD Information
Status : Modified
Published: 2023-05-30T22:15:10.477
Modified: 2024-01-31T17:15:11.687
Link: CVE-2023-2939
JSON object: View
Redhat Information
No data.
CWE