CVE-2024-4331
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
6.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.3%
Use after free in Picture In Picture in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CNA Affected
[
{
"vendor": "Google",
"product": "Chrome",
"versions": [
{
"version": "124.0.6367.118",
"status": "affected",
"lessThan": "124.0.6367.118",
"versionType": "custom"
}
]
}
]References
chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html
issues.chromium.org/issues/335003891
lists.fedoraproject.org/archives/list/[email protected]/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/
lists.fedoraproject.org/archives/list/[email protected]/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/
lists.fedoraproject.org/archives/list/[email protected]/message/L7I4FMQSOVTCIIH4XT2MJGEQRUACLPB6/
lists.fedoraproject.org/archives/list/[email protected]/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/
lists.fedoraproject.org/archives/list/[email protected]/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/
Social References
More
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
6.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.3%