VDB
CVE-2024-3158
CVE-2024-3158
PUBLISHED
Es existieren mehrere Schwachstellen in Google Chrome und Microsoft Edge aufgrund einer unsachgemäßen Implementierung und Fehlern bei Speicherzugriffen. Ein Angreifer kann diese Schwachstellen ausnutzen, um potenziell beliebigen Code auszuführen oder andere, nicht näher beschriebene Auswirkungen zu erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
EPSS 1.38% · 80.7th percentile
Risk Scores
EPSS Score
1.38%
80.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Google Chrome <123.0.6312.106 | ||
| Fedora | Fedora Linux | |
| Google Chrome <123.0.6312.107 | ||
| Gentoo | Gentoo Linux | |
| Google Chrome <123.0.6312.105 | ||
| Microsoft | Microsoft Edge | |
| SUSE | SUSE openSUSE | |
| Microsoft | Microsoft Edge <123.0.2420.81 | |
| Debian | Debian Linux |
Exploit Intelligence
- CIRCL seen: CVE-2024-3158 (circl-sighting)
- CIRCL seen: CVE-2024-3158 (circl-sighting)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U26WECLV5QAQVTIFAUDSRO6QX3NTHYVC/ (circl)
- https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html (circl)
- https://issues.chromium.org/issues/329965696 (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/ (circl)
Timeline
- Apr 2, 2024 CVE Published
- Apr 7, 2024 EPSS Score
- May 2, 2024 EPSS Score
- May 9, 2024 PoC Published
- May 27, 2024 EPSS Score
- Jul 17, 2024 EPSS Score
- Aug 11, 2024 EPSS Score
- Sep 5, 2024 EPSS Score
- Oct 1, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 26, 2024 EPSS Score
- Nov 20, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0765.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0765 advisory
- https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#april-3-2024 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-5e32ce95a3 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-39b249a59c advisory
- https://lists.debian.org/debian-security-announce/2024/msg00062.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-f92626814d advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-7bc0a1d338 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-fe061342ca advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#april-4-2024 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-3cb841c5f0 advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2S7S4HVABEMIRHPQD4H3O6EA36PLCUCI/ advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2S7S4HVABEMIRHPQD4H3O6EA36PLCUCI/ advisory
- https://security.gentoo.org/glsa/202412-05 advisory