Lucene search

Veracode Vulnerability DatabaseVERACODE:47256

HistoryMay 30, 2024 - 1:50 a.m.

Heap Buffer Overflow

2024-05-3001:50:04

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

chromium

vulnerability

heap buffer overflow

bounds checking

html page

remote attacker

out-of-bounds memory read

software

8.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.6%

JSON

chromium is vulnerable to a Heap Buffer Overflow. This vulnerability due to inadequate bounds checking via a crafted HTML page, allows a remote attacker to perform an out-of-bounds memory read.

CPENameOperatorVersion
chromium:sideq88.0.4324.182-1
chromium:sideq83.0.4103.116-3.1
chromium:sideq88.0.4324.182-1
chromium:sideq83.0.4103.116-3.1

Name	Operator	Version
chromium:sid	eq	88.0.4324.182-1
chromium:sid	eq	83.0.4103.116-3.1
chromium:sid	eq	88.0.4324.182-1
chromium:sid	eq	83.0.4103.116-3.1

References

chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html

issues.chromium.org/issues/335613092

lists.fedoraproject.org/archives/list/[email protected]/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/

lists.fedoraproject.org/archives/list/[email protected]/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/

security-tracker.debian.org/tracker/CVE-2024-5159