CVE-2024-10229 - Remote Bypass of Site Isolation in Chrome Extensions Explained
Date Disclosed: 2024-04-15
Severity: High
Affected: Google Chrome prior to 130..6723.69, Chromium-based browsers
Vector: Remote, crafted Chrome extension
What is CVE-2024-10229?
CVE-2024-10229 is
CVE-2024-9964 - How UI Spoofing in Google Chrome Payments Was Exploited Using Malicious Extensions
---
Google Chrome is one of the most secure browsers, but even the best aren’t invincible. In early 2024, a vulnerability tracked as CVE-2024-9964
CVE-2024-9966 - Exploiting Google Chrome Navigation Flaws to Bypass Content Security Policy
In March 2024, a new vulnerability was assigned: CVE-2024-9966. This flaw was found in the way Google Chrome (before version 130..6723.58) handled site
CVE-2024-9963 - UI Spoofing Vulnerability in Google Chrome’s Download Feature
In early June 2024, Google Chrome patched a security issue, now tracked as CVE-2024-9963. This vulnerability affects versions of Chrome before 130..6723.58 and
CVE-2024-9958 - UI Spoofing in Google Chrome Picture-in-Picture — Full Analysis & Exploit Explained
Published June 2024
Exploit Difficulty: Medium · Severity: Medium
Scope: Chrome < 130..6723.58 · Reported by Google Project Zero
Introduction
On June 2024, Google published
Episode
00:00:00
00:00:00