VDB
CVE-2024-11395
CVE-2024-11395
PUBLISHED
Es besteht eine Schwachstelle in Google Chrome / Microsoft Edge. Die Schwachstelle wird durch ein Type Confusion Problem in der V8 JavaScript Engine verursacht. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuführen, indem er eine bösartige HTML-Seite erstellt, die während der Verarbeitung eine Heap Corruption in der V8-Engine auslöst. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 0.32% · 54.8th percentile
Risk Scores
EPSS Score
0.32%
54.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Google Chrome Linux <131.0.6778.85 | ||
| IGEL | IGEL OS | |
| SUSE | SUSE openSUSE | |
| Microsoft | Microsoft Edge <131.0.2903.63 | |
| Fedora | Fedora Linux | |
| Google Chrome Windows <131.0.6778.86 | ||
| Debian | Debian Linux | |
| Google Chrome Mac <131.0.6778.86 |
Timeline
- Nov 19, 2024 Coalition ESS Score
- Nov 19, 2024 CVE Published
- Nov 20, 2024 EPSS Score
- Nov 21, 2024 CVE Updated
- Dec 8, 2024 EPSS Score
- Dec 26, 2024 EPSS Score
- Jan 12, 2025 EPSS Score
- Jan 30, 2025 EPSS Score
- Feb 16, 2025 EPSS Score
- Mar 5, 2025 EPSS Score
- Mar 23, 2025 EPSS Score
- Mar 30, 2025 Coalition ESS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3502.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3502 advisory
- https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_19.html advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#november-21-2024 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-7a7d342b23 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-582d2a7648 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-63b3a88151 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-09b0f49aa6 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-292aa2c246 advisory
- https://lists.debian.org/debian-security-announce/2024/msg00232.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-ecfbcfce86 advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VODVJPGUNF2TZRNAXRAEOIL7M5WLDECS/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KRCYQ3DNIALF3YZPIC5DK2WC5O6L6AJP/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RQZPQUHICPPGFTCTMGWIXLS75I4W2Y75/ advisory
- https://kb.igel.com/security-safety/current/isn-2024-24-chromium-vulnerability advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/Q3PEGRWS7VSTXHREFS3ULWWCUPH6HWX2/ advisory