Lucene search

K
cve[email protected]CVE-2024-4949
HistoryMay 15, 2024 - 9:15 p.m.

CVE-2024-4949

2024-05-1521:15:09
web.nvd.nist.gov
36
20
cve-2024-4949
heap corruption
remote attacker
crafted html page
google chrome
v8
nvd
chromium
medium severity

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

8.9%

Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Affected configurations

Vulners
Node
googlechromeRange<125.0.6422.60

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Chrome",
    "versions": [
      {
        "version": "125.0.6422.60",
        "status": "affected",
        "lessThan": "125.0.6422.60",
        "versionType": "custom"
      }
    ]
  }
]

Social References

More

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

8.9%