CVE-2024-2625

2024-03-2017:06:43

Chrome

github.com

cve-2024-2625

object lifecycle

google chrome

remote attacker

object corruption

crafted html page

chromium

high severity

AI Score

6.7

Confidence

High

SSVC

Exploitation

poc

Automatable

Technical Impact

total

JSON

Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"
    ],
    "vendor": "google",
    "product": "chrome",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "123.0.6312.58",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*"
    ],
    "vendor": "fedoraproject",
    "product": "fedora",
    "versions": [
      {
        "status": "affected",
        "version": "39"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*"
    ],
    "vendor": "fedoraproject",
    "product": "fedora",
    "versions": [
      {
        "status": "affected",
        "version": "40"
      }
    ],
    "defaultStatus": "unknown"
  }
]