First published: Tue Mar 29 2022(Updated: )
A local attacker, as a different local user, may be able to send a HTTP request to 127.0.0.1:10000 after the user (typically a developer) manually invoked the ./tools/run-dev-server script. It is recommended to upgrade to any version beyond 24.2
Credit: cve-coordination@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Perfetto | <=24.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.