Chrome Patches Heap Corruption Flaw Before Attackers Can Exploit
CVE-2024-10231

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 22 October 2024

Summary

A type confusion vulnerability in the V8 engine of Google Chrome can be exploited by attackers through specially crafted HTML content. This weakness may lead to heap corruption, potentially allowing a remote attacker to execute arbitrary code. Users are advised to update their browsers to the latest version, as security patches addressing this vulnerability are essential for safeguarding against such attacks.

Affected Version(s)

Chrome 130.0.6723.69

References

https://chromereleases.googleblog.com/2024/10/stable-chan...

https://issues.chromium.org/issues/372269618

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 22, 2024
Vulnerability Reserved
Oct 22, 2024

Collectors

NVD DatabaseMitre DatabaseGoogle Feed