Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed remote attacker to potentially exploit heap corruption via crafted HTML page (Chromium security severity: High)

CVE-2024-12382

8.8HIGH

Key Information

Vendor
Google
Status
Chrome
Vendor
CVE Published:
12 December 2024

Badges

đź“° News Worthy

Summary

Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Affected Version(s)

Chrome < 131.0.6778.139

News Articles

favicon imageDataconomy

Update Chrome immediately: Two high-risk vulnerabilities revealed

Google has identified two high-severity vulnerabilities in its Chrome web browser, specifically CVE-2024-12381 and CVE-2024-12382, prompting an urgent call

1 week ago

favicon imageForbes

Update Chrome Now—Google Warns Of 2 New High-Risk Vulnerabilities

Two new high-severity Chrome browser security vulnerabilities have been confirmed by Google—ensure you update and activate the new protections now.

2 weeks ago

Refferences

https://chromereleases.googleblog.com/2024/12/stable-chan...
https://issues.chromium.org/issues/379516109

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • First article discovered by Forbes

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre DatabaseGoogle Feed2 News Article(s)
.