Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wordpress-seo domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/hindustandot.com/site/web/wp-includes/functions.php on line 6114
CERT-in alerts users on Chrome, gitLab vulnerabilities | Hindustan Dot
Technology

CERT-in alerts users on Chrome, gitLab vulnerabilities

CERT-In, an Indian Computer Emergency Response Team, a wing of the Ministry of Electronic and Information Technology, has reported multiple vulnerabilities discovered by them on Google Chrome and GitLab, a product company with an open-core business model. 

This reveals that these security vulnerabilities can enable attackers to obtain sensitive information, bypass the security restrictions on the targets, and cause DoS (denial of service) conditions on the targets’ systems.

Being listed in the vulnerability if described as CVE-2022-3844, users of Linux, Mac, and Windows versions of Chrome before would also be affected by versions 124.0.6367.118/.119. While the case for GitLab stands for Community Edition (CE) and Enterprise Edition (EE) versions, it comprises those specifically before versions 16.11.1, 16.10.4, and 16.9.6, respectively.

As per CERT-In’s advisory, the protect vulnerabilities in Google Chrome are related to the use-after-free flaw in Dawn and Picture-in-Picture components that can enable the remote attacker to execute remote code and DoS conditions by triggering them in a remote way.

On the other hand, there is also a list of GitLab vulnerabilities, such as improper authentication mechanisms, domain-based addresses handled incorrectly, a vulnerability due to path traversal, and poor regular expression processing. These troubles make it possible for goods purporting to authenticate to bypass security restrictions and even attack services.

The security agency has said that an assailant may manipulate them by delivering a website made for this purpose. CERT-In has exhorted the users to diligently check their Google and GitLab security updates since that is the key to neutralizing probable risks.

This shows that security should be prioritized since programs and systems’ vulnerabilities may become cyber threat entry points. The immediate response of technology companies and users is necessary for the robust protection of the digital environment by preventing sensitive data leakages into the wrong hands and, ultimately, the safety of data.

Source
DNA india

HD News Desk

From local issues to national events and global affairs, Hindustan Dot's news desk covers the latest news and developments from India and the world.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button