VDB
CVE-2024-1672
CVE-2024-1672
PUBLISHED
In Google Chrome existieren mehrere Schwachstellen. Diese sind auf Out-of-Bounds-Fehler, Use-after-Free-Fehler sowie mehrere Fehler bei der Implementierung von Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
EPSS 0.11% · 28.9th percentile
Risk Scores
EPSS Score
0.11%
28.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gentoo | Gentoo Linux | |
| IGEL | IGEL OS 11 | |
| Fedora | Fedora Linux | |
| IGEL | IGEL OS 12 | |
| Debian | Debian Linux | |
| Google Chrome <122.0.6261.58 | ||
| Google Chrome <122.0.6261.57 |
Exploit Intelligence
- https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html (nist-nvd)
- https://issues.chromium.org/issues/41485789 (nist-nvd)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/ (circl)
Timeline
- Feb 20, 2024 CVE Published
- Feb 21, 2024 EPSS Score
- Mar 19, 2024 EPSS Score
- Apr 14, 2024 EPSS Score
- May 11, 2024 EPSS Score
- Jun 7, 2024 EPSS Score
- Jul 3, 2024 EPSS Score
- Jul 30, 2024 EPSS Score
- Aug 30, 2024 EPSS Score
- Sep 26, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 22, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0433.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0433 advisory
- http://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-4adf990562 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-6a879cfa63 advisory
- https://lists.debian.org/debian-security-announce/2024/msg00036.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-c6bf47a782 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-eadadc9b14 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-5ef433f7ed advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-99e002f742 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-dc7c97ee12 advisory
- https://kb.igel.com/securitysafety/en/isn-2024-07-chromium-vulnerabilities-119870009.html advisory
- https://security.gentoo.org/glsa/202412-05 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0477.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0477 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-1669 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-1670 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-1671 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-1672 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-1673 advisory
…and 6 more