VDB
CVE-2024-0517
CVE-2024-0517
PUBLISHED
In Google Chrome und Microsoft Edge existieren mehrere Schwachstellen. Diese sind auf verschiedene Out-of-Bounds-Speicherfehler sowie Fehler bei der Typisierung in der Komponente "V8" zurückzuführen. Ein enrtfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
EPSS 75.48% · 98.9th percentile
Risk Scores
EPSS Score
75.48%
98.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IGEL | IGEL OS 12 | |
| Fedora | Fedora Linux | |
| Debian | Debian Linux | |
| Gentoo | Gentoo Linux | |
| IGEL | IGEL OS 11 | |
| Microsoft | Microsoft Edge | |
| Microsoft | Microsoft Edge < 120.0.2210.144 |
Timeline
- Jan 16, 2024 CVE Published
- Jan 17, 2024 PoC Published
- Jan 17, 2024 PoC Published
- Jan 20, 2024 PoC Published
- Jan 20, 2024 PoC Published
- Jan 20, 2024 PoC Published
- Jan 24, 2024 EPSS Score
- Feb 10, 2024 PoC Published
- Mar 9, 2024 PoC Published
- Mar 16, 2024 PoC Published
- Oct 4, 2024 Coalition ESS Score
- Dec 27, 2024 PoC Published
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0112.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0112 advisory
- https://security.gentoo.org/glsa/202402-14 advisory
- https://security.gentoo.org/glsa/202402-23 advisory
- http://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html advisory
- https://lists.debian.org/debian-security-announce/2024/msg00009.html advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#january-17-2024 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-2f5bf56806 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-107e90b6b6 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-0d11a63127 advisory
- https://kb.igel.com/securitysafety/en/isn-2024-07-chromium-vulnerabilities-119870009.html advisory