Heap Corruption Vulnerability in Google Chrome Prior to 130.0.6723.116
CVE-2024-10827

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 6 November 2024

Summary

A vulnerability in Google Chrome exists due to a use after free error in the Serial component, which could be exploited by a malicious actor. If successfully executed, this could potentially lead to heap corruption when a user interacts with a specially crafted HTML page. This presents a significant risk to user data and privacy, emphasizing the need for timely updates to maintain security integrity.

References

https://chromereleases.googleblog.com/2024/11/stable-chan...

https://issues.chromium.org/issues/375065084

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 6, 2024

Collectors

NVD DatabaseGoogle Feed