Potential Heap Corruption Vulnerability in Google Chrome Before 130.0.6723.92
CVE-2024-10488

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 29 October 2024

Summary

A heap corruption vulnerability exists in the WebRTC component of Google Chrome that affects versions prior to 130.0.6723.92. By crafting a malicious HTML page, an attacker could exploit this vulnerability remotely, potentially leading to unexpected behavior in the affected application. Users are advised to update to the latest version of Google Chrome to mitigate the risks associated with this security flaw.

Affected Version(s)

Chrome 130.0.6723.92

References

https://chromereleases.googleblog.com/2024/10/stable-chan...

https://issues.chromium.org/issues/374310077

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 29, 2024

Collectors

NVD DatabaseMitre DatabaseGoogle Feed