CVE-2024-1939

high

Description

Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

References

https://lists.fedoraproject.org/archives/list/[email protected]/message/YTGM2WHYSZAUUPENB7YO6E5ONAKE6AKJ/

https://lists.fedoraproject.org/archives/list/[email protected]/message/L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG/

https://lists.fedoraproject.org/archives/list/[email protected]/message/FGWSP5MIK7CDWJQHN2SJJX2YGSSS7E4O/

https://issues.chromium.org/issues/323694592

https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_27.html

Details

Source: Mitre, NVD

Published: 2024-02-29

Updated: 2024-12-19

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.27372

Detections

Analytics