Sunday, December 22, 2024
Advertisement
  1. You Are At:
  2. News
  3. Technology
  4. Center finds vulnerabilities in Google Chrome OS, GitLab: Here's what you need to do

Center finds vulnerabilities in Google Chrome OS, GitLab: Here's what you need to do

CERT-In has issued a warning about multiple vulnerabilities in Google Chrome OS and GitLab that could allow an attacker to execute arbitrary code on the targeted system.

Written By: Om Gupta New Delhi Published : Jul 02, 2024 18:07 IST, Updated : Jul 02, 2024 18:09 IST
Software bugs
Image Source : FREEPIK Software bugs

The Indian Computer Emergency Response Team (CERT-In), which operates under the Ministry of Electronics & Information Technology, has issued a warning regarding several vulnerabilities in Google Chrome OS and GitLab. These vulnerabilities could potentially allow an attacker to execute arbitrary code on the targeted system. The affected software includes the LTS channel for Google ChromeOS versions prior to 120.0.6099.315.

On the other hand, the affected software in GitLab includes GitLab Community Edition (CE) versions prior to 17.1.1, 17.0.3, and 16.11.5, and GitLab Enterprise Edition (EE) versions prior to 17.1.1, 17.0.3, and 16.11.5.

"Multiple vulnerabilities have been reported in the LTS channel for ChromeOS which could be exploited by an attacker to execute arbitrary code on the targeted system," said the CERT-In advisory.

According to the cyber agency, Google Chrome OS has vulnerabilities such as heap buffer overflow in WebRTC and use-after-free in Media Session. These vulnerabilities could be exploited by an attacker who persuades a victim to visit a specially crafted web page. Additionally, vulnerabilities in GitLab were reported to exist in various components of both GitLab Community Edition (CE) and Enterprise Edition (EE).

Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code, access sensitive information, cause cross-site scripting, bypass security restrictions, and create a denial of service condition on the targeted system, according to the cyber agency. 

CERT-In has recommended that users apply appropriate security updates as suggested by the companies.

Meanwhile, in May 2024, WhatsApp, a messaging platform owned by Meta, reported that it had banned over 6.6 million accounts in India for violating local laws. Out of these banned accounts, 1.25 million were blocked proactively, without any user reports, according to a statement from the company.

ALSO READ: UPI transactions skyrocket 49 per cent per year, reaching 13.89 billion in June 2024

Inputs from IANS

 

Advertisement

Read all the Breaking News Live on indiatvnews.com and Get Latest English News & Updates from Technology

Advertisement
Advertisement
Advertisement
Advertisement