Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-8904HistorySep 17, 2024 - 9:15 p.m.
CVE-2024-8904
2024-09-1721:15:12
Debian Security Bug Tracker
security-tracker.debian.org
1
type confusion
google chrome
heap corruption
crafted html page
v8
cve-2024-8904
unix
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.9
Confidence
High
EPSS
0
Percentile
9.6%
Type Confusion in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | chromium | < 129.0.6668.58-1~deb12u1 | chromium_129.0.6668.58-1~deb12u1_all.deb |
| Debian | 11 | all | chromium | <= 120.0.6099.224-1~deb11u1 | chromium_120.0.6099.224-1~deb11u1_all.deb |
| Debian | 999 | all | chromium | < 129.0.6668.58-1 | chromium_129.0.6668.58-1_all.deb |
| Debian | 13 | all | chromium | <= 128.0.6613.113-1~deb13u1 | chromium_128.0.6613.113-1~deb13u1_all.deb |
Related
cvelist
cvelist
CVE-2024-8904
2024-09-17 21:07:18
vulnrichment
vulnrichment
CVE-2024-8904
2024-09-17 21:07:18
alpinelinux
alpinelinux
CVE-2024-8904
2024-09-17 21:15:12
osv
osv
CVE-2024-8904
2024-09-17 21:15:12
cve
cve
CVE-2024-8904
2024-09-17 21:15:12
nvd
nvd
CVE-2024-8904
2024-09-17 21:15:12
mscve
mscve
Chromium: CVE-2024-8904 Type Confusion in V8
2024-09-19 14:11:36
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
2024-09-19 07:00:00
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
2024-09-19 07:00:00
nessus
nessus
Google Chrome < 129.0.6668.58 Multiple Vulnerabilities
2024-09-17 00:00:00
Google Chrome < 129.0.6668.58 Multiple Vulnerabilities
2024-09-17 00:00:00
Debian dsa-5773 : chromium - security update
2024-09-19 00:00:00
kaspersky
kaspersky
KLA73437 Multiple vulnerabilities in Google Chrome
2024-09-17 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2024-09-17 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.9
Confidence
High
EPSS
0
Percentile
9.6%
Related for DEBIANCVE:CVE-2024-8904