VDB
CVE-2024-12382
CVE-2024-12382
PUBLISHED
Es bestehen mehrere Schwachstellen in Google Chrome / Microsoft Edge. Diese Fehler existieren in den Komponenten V8 und Translate wegen eines Use-after-free- und eines Type Confusion-Problems. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung ist eine Benutzerinteraktion erforderlich.
EPSS 12.57% · 94.1th percentile
Risk Scores
EPSS Score
12.57%
94.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Google Chrome <131.0.6778.140 | ||
| Debian | Debian Linux | |
| Microsoft | Microsoft Edge <131.0.2903.99 | |
| Fedora | Fedora Linux | |
| Google Chrome <131.0.6778.139 |
Exploit Intelligence
- CIRCL seen: CVE-2024-12382 (circl-sighting)
- CIRCL seen: CVE-2024-12382 (circl-sighting)
- CIRCL seen: CVE-2024-12382 (circl-sighting)
- CIRCL seen: CVE-2024-12382 (circl-sighting)
- CIRCL seen: CVE-2024-12382 (circl-sighting)
- CIRCL seen: CVE-2024-12382 (circl-sighting)
- https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_10.html (circl)
- https://issues.chromium.org/issues/379516109 (circl)
Timeline
- Dec 10, 2024 CVE Published
- Dec 10, 2024 PoC Published
- Dec 11, 2024 PoC Published
- Dec 11, 2024 PoC Published
- Dec 12, 2024 EPSS Score
- Dec 12, 2024 CVE Updated
- Dec 13, 2024 PoC Published
- Dec 29, 2024 EPSS Score
- Jan 14, 2025 EPSS Score
- Feb 17, 2025 EPSS Score
- Mar 5, 2025 EPSS Score
- Mar 22, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3664.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3664 advisory
- https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_10.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-60f7d4fb00 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-ccaff13d21 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-306ebea6f6 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-ed082ef765 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-162a4dfe4f advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#december-12-2024 advisory
- https://lists.debian.org/debian-security-announce/2024/msg00245.html advisory