CVE-2024-0519
CVE-2024-0519
In short
A memory safety flaw in Chrome's V8 engine allows attackers to access memory outside safe boundaries through a malicious webpage, potentially corrupting the browser's memory and executing harmful code.
Technical detail
Out-of-bounds read/write in V8 JavaScript engine (CWE-125, CWE-787) exploitable via crafted HTML delivered to remote users; heap corruption may enable arbitrary code execution with victim's browser privileges. Requires user interaction (visiting malicious page).
Summary generated and translated by AI from the official description.
Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Google · ChromeWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.htmlhttps://crbug.com/1517354https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IIUBRVICICWREJQUVT67RS7E4PVZQ5RS/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNN4SO5UI3U3Q6ASTVT6WMZ4723FYDLH/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-0519https://www.couchbase.com/alerts/