Lucene search

[email protected]NVD:CVE-2024-4947

HistoryMay 15, 2024 - 9:15 p.m.

CVE-2024-4947

2024-05-1521:15:09

CWE-843

[email protected]

web.nvd.nist.gov

google chrome

type confusion

remote attack

arbitrary code

sandbox

crafted html page

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.3%

JSON

Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Affected configurations

NVD

Node

googlechromeRange<125.0.6422.60

References

chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html

issues.chromium.org/issues/340221135

lists.fedoraproject.org/archives/list/[email protected]/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

lists.fedoraproject.org/archives/list/[email protected]/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/

lists.fedoraproject.org/archives/list/[email protected]/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.3%

JSON

Related for NVD:CVE-2024-4947

debiancve1 cisa_kev1 attackerkb1 redhatcve1 vulnrichment1 mscve1 osv2 cve1 ubuntucve1 cvelist1 wolfi1 openvas9 qualysblog1 kaspersky2 mageia1 debian1 nessus8 chrome1 fedora3 thn3 freebsd1