Heap Corruption Vulnerability in Google Chrome Prior to 130.0.6723.116
CVE-2024-10827

8.8HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 6 November 2024

Badges

📰 News Worthy

Summary

A vulnerability in Google Chrome exists due to a use after free error in the Serial component, which could be exploited by a malicious actor. If successfully executed, this could potentially lead to heap corruption when a user interacts with a specially crafted HTML page. This presents a significant risk to user data and privacy, emphasizing the need for timely updates to maintain security integrity.

News Articles

The Cyber Express

CVE-2024-10826 CVE-2024-10827

Cert-In Reports Vulnerabilities In Google Chrome

CERT-In reports critical vulnerabilities in Google Chrome that could lead to code execution, data theft, and system crashes.

References

https://chromereleases.googleblog.com/2024/11/stable-chan...

https://issues.chromium.org/issues/375065084

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

📰
First article discovered by The Cyber Express
Nov 12, 2024
Vulnerability published
Nov 6, 2024

Key Information:

Badges

Summary

Get notified when SecurityVulnerability.io launches alerting 🔔

News Articles

Cert-In Reports Vulnerabilities In Google Chrome

References

CVSS V3.1

Timeline