VDB
CVE-2024-8639
CVE-2024-8639
PUBLISHED
Es bestehen mehrere Schwachstellen in Google Chrome und Microsoft Edge. Diese betreffen unter anderem die Komponenten V8 und SKIA aufgrund von Heap- Buffer Overflows, Use-After-Free Fehlern und Typkonfusion. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen oder nicht näher beschriebene Auswirkungen erzielen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 0.27% · 51.0th percentile
Risk Scores
EPSS Score
0.27%
51.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | |
| Google Chrome <128.0.6613.138 | ||
| IGEL | IGEL OS 11 | |
| Microsoft | Microsoft Edge <128.0.2739.79 | |
| Google Chrome <128.0.6613.137 | ||
| SUSE | SUSE openSUSE | |
| IGEL | IGEL OS 12 | |
| Fedora | Fedora Linux |
Exploit Intelligence
Timeline
- Sep 10, 2024 CVE Published
- Sep 12, 2024 EPSS Score
- Oct 2, 2024 EPSS Score
- Oct 5, 2024 Coalition ESS Score
- Oct 22, 2024 EPSS Score
- Oct 27, 2024 CVE Updated
- Nov 6, 2024 Coalition ESS Score
- Nov 30, 2024 EPSS Score
- Dec 21, 2024 EPSS Score
- Jan 10, 2025 EPSS Score
- Jan 30, 2025 EPSS Score
- Feb 8, 2025 Coalition ESS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2107.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2107 advisory
- https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-37f95ce86b advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-1434b533be advisory
- https://lists.debian.org/debian-security-announce/2024/msg00181.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-0a4a65f805 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-9e85c72624 advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#september-12-2024 advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/X5R3A7VNTZ3JKV7YDW56C7TEUFBJLNKE/ advisory
- https://kb.igel.com/security-safety/current/isn-2024-20-chromium-vulnerabilities advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/GYIF7RESU4PKGREHH5YVHUYYGB57P4CQ/ advisory