CERT-In finds multiple bugs in Google Chrome OS, GitLab

CERT-In warns of critical vulnerabilities in Google Chrome OS and GitLab
CERT-In finds multiple bugs in Google Chrome OS, GitLab
CERT-In finds multiple bugs in Google Chrome OS, GitLab

CERT-In, the Indian Computer Emergency Response Team under the Ministry of Electronics & Information Technology, has alerted users about security issues in Google Chrome OS and GitLab. These vulnerabilities could potentially permit attackers to run unauthorized code on affected systems.

The affected software includes Google Chrome OS versions prior to 120.0.6099.315 in the LTS channel. For GitLab, vulnerabilities impact GitLab Community Edition (CE) versions before 17.1.1, 17.0.3, and 16.11.5, as well as GitLab Enterprise Edition (EE) versions prior to 17.1.1, 17.0.3, and 16.11.5.

According to CERT-In's advisory, the vulnerabilities in Google Chrome OS are related to Heap buffer overflow in WebRTC and Use after free in Media Session. These could be exploited if a user visits a maliciously crafted web page.

Also, read: Apple brings new features, language support via iOS 18 for users in India

In GitLab, the vulnerabilities affect various components of GitLab CE and EE. If successfully exploited, these could enable remote attackers to execute arbitrary code, gain access to sensitive information, perform cross-site scripting, bypass security restrictions, or cause denial of service.

CERT-In recommends users to promptly apply security updates as provided by the respective companies to mitigate these risks.

Related Stories

No stories found.
X
Indulgexpress
www.indulgexpress.com