Lucene search

[email protected]NVD:CVE-2024-5839

HistoryJun 11, 2024 - 9:15 p.m.

CVE-2024-5839

2024-06-1121:15:54

[email protected]

web.nvd.nist.gov

google chrome

memory allocator

heap corruption

crafted html page

remote attacker

cve-2024-5839

chromium

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

21.9%

JSON

Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Affected configurations

NVD

Node

googlechromeRange<126.0.6478.54

Node

fedoraprojectfedoraMatch39

fedoraprojectfedoraMatch40

References

chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html

issues.chromium.org/issues/340122160

lists.fedoraproject.org/archives/list/[email protected]/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/

lists.fedoraproject.org/archives/list/[email protected]/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

21.9%

JSON

Related for NVD:CVE-2024-5839

ubuntucve1 cve1 vulnrichment1 wolfi1 osv3 cvelist1 mscve1 debiancve1 alpinelinux1 nessus7 openvas6 fedora2 chrome1 mageia1 kaspersky2 freebsd1