CVE-2024-0519

2024-01-1622:15:37

Google

osv.dev

cve-2024-0519

google chrome

heap corruption

html page

remote attacker

security severity

high

memory access

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.3%

JSON

Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CPENameOperatorVersion
chromiumeq108.0.5359.124-1~deb11u1
chromiumeq110.0.5481.77-1~deb11u1
chromiumeq120.0.6099.224-1
chromiumeq80.0.3987.162-1
chromiumeq117.0.5938.62-1~deb11u1
chromiumeq76.0.3809.100-1
chromiumeq117.0.5938.149-1~deb12u1
chromiumeq101.0.4951.64-1
chromiumeq110.0.5481.77-1
chromiumeq120.0.6099.71-1

Name	Operator	Version
chromium	eq	108.0.5359.124-1~deb11u1
chromium	eq	110.0.5481.77-1~deb11u1
chromium	eq	120.0.6099.224-1
chromium	eq	80.0.3987.162-1
chromium	eq	117.0.5938.62-1~deb11u1
chromium	eq	76.0.3809.100-1
chromium	eq	117.0.5938.149-1~deb12u1
chromium	eq	101.0.4951.64-1
chromium	eq	110.0.5481.77-1
chromium	eq	120.0.6099.71-1