VDB
CVE-2024-10229
CVE-2024-10229
PUBLISHED
Es existieren mehrere Schwachstellen in Google Chrome und Microsoft Edge. Diese bestehen aufgrund einer unsachgemäßen Implementierung in Extensions und aufgrund zweier Type Confusion Probleme in V8. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmechanismen zu umgehen und potenziell Code auszuführen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
EPSS 0.05% · 17.5th percentile
Risk Scores
EPSS Score
0.05%
17.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Google Chrome <130.0.6723.70 | ||
| Fedora | Fedora Linux | |
| Microsoft | Microsoft Edge <130.0.2849.56 | |
| Google Chrome <130.0.6723.69 | ||
| Debian | Debian Linux | |
| SUSE | SUSE openSUSE |
Exploit Intelligence
- CIRCL published-proof-of-concept: CVE-2024-10229 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2024-10229 (circl-sighting)
- CIRCL seen: CVE-2024-10229 (circl-sighting)
- https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html (circl)
- https://issues.chromium.org/issues/371011220 (circl)
Timeline
- Oct 22, 2024 Coalition ESS Score
- Oct 22, 2024 CVE Published
- Oct 23, 2024 EPSS Score
- Oct 23, 2024 Coalition ESS Score
- Oct 23, 2024 PoC Published
- Oct 24, 2024 Coalition ESS Score
- Oct 25, 2024 Coalition ESS Score
- Oct 31, 2024 CVE Updated
- Nov 10, 2024 EPSS Score
- Nov 12, 2024 Coalition ESS Score
- Nov 13, 2024 Coalition ESS Score
- Nov 29, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3253.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3253 advisory
- https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#october-24-2024 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-f1117faa03 advisory
- https://lists.debian.org/debian-security-announce/2024/msg00213.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-1178c53bb1 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-db9e2d0206 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-6a0e07c9c7 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-983c32d3fa advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5PEJPFZ7F3SICZGHQRWBWYOGKITIYN67/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5PEJPFZ7F3SICZGHQRWBWYOGKITIYN67/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4R5O2A7YWRMJ264VSOCYPGODK2ARV2NO/ advisory