The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3a1a0a664e advisory.

    update to 127.0.6533.88

    * Critical CVE-2024-6990: Uninitialized Use in Dawn
    * High CVE-2024-7255: Out of bounds read in WebTransport
    * High CVE-2024-7256: Insufficient data validation in Dawn

    ----

     update to 127.0.6533.72

               * CVE-2024-6988: Use after free in Downloads
               * CVE-2024-6989: Use after free in Loader
               * CVE-2024-6991: Use after free in Dawn
               * CVE-2024-6992: Out of bounds memory access in ANGLE
               * CVE-2024-6993: Inappropriate implementation in Canvas
               * CVE-2024-6994: Heap buffer overflow in Layout
               * CVE-2024-6995: Inappropriate implementation in Fullscreen
               * CVE-2024-6996: Race in Frames
               * CVE-2024-6997: Use after free in Tabs
               * CVE-2024-6998: Use after free in User Education
               * CVE-2024-6999: Inappropriate implementation in FedCM
               * CVE-2024-7000: Use after free in CSS. Reported by Anonymous
               * CVE-2024-7001: Inappropriate implementation in HTML
               * CVE-2024-7003: Inappropriate implementation in FedCM
               * CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing
               * CVE-2024-7005: Insufficient validation of untrusted input in Safe


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Fedora 40 : chromium (2024-3a1a0a664e)

high Nessus Plugin ID 204982

Version 1.5