VDB
CVE-2024-8637
CVE-2024-8637
PUBLISHED
Es bestehen mehrere Schwachstellen in Google Chrome und Microsoft Edge. Diese betreffen unter anderem die Komponenten V8 und SKIA aufgrund von Heap- Buffer Overflows, Use-After-Free Fehlern und Typkonfusion. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen oder nicht näher beschriebene Auswirkungen erzielen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 0.27% · 51.2th percentile
Risk Scores
EPSS Score
0.27%
51.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fedora | Fedora Linux | |
| Google Chrome <128.0.6613.138 | ||
| Debian | Debian Linux | |
| IGEL | IGEL OS 11 | |
| SUSE | SUSE openSUSE | |
| Microsoft | Microsoft Edge <128.0.2739.79 | |
| Google Chrome <128.0.6613.137 | ||
| IGEL | IGEL OS 12 |
Exploit Intelligence
Timeline
- Sep 10, 2024 CVE Published
- Sep 12, 2024 EPSS Score
- Oct 2, 2024 EPSS Score
- Oct 5, 2024 Coalition ESS Score
- Oct 22, 2024 EPSS Score
- Oct 27, 2024 CVE Updated
- Nov 30, 2024 EPSS Score
- Dec 21, 2024 EPSS Score
- Jan 10, 2025 EPSS Score
- Jan 30, 2025 EPSS Score
- Feb 18, 2025 EPSS Score
- Mar 10, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2107.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2107 advisory
- https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-37f95ce86b advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-1434b533be advisory
- https://lists.debian.org/debian-security-announce/2024/msg00181.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-0a4a65f805 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-9e85c72624 advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#september-12-2024 advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/X5R3A7VNTZ3JKV7YDW56C7TEUFBJLNKE/ advisory
- https://kb.igel.com/security-safety/current/isn-2024-20-chromium-vulnerabilities advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/GYIF7RESU4PKGREHH5YVHUYYGB57P4CQ/ advisory