Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2024-5274

Published: 28/05/2024 Updated: 10/06/2024
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0

Vulnerability Summary

Type Confusion in V8 in Google Chrome before 125.0.6422.112 allowed a remote malicious user to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

Vendor Advisories

Google Chrome: Stable Channel Update for Desktop
 The Stable channel has been updated to 12506422112/113 for Windows, Mac and 12506422112 for Linux which will roll out over the coming days/weeks A full list of changes in this build is available in the LogSecurity Fixes and RewardsNote: Access to bug details and links may be kept restricted until a majority of users are upd ...
Google Chrome: Long Term Support Channel Update for ChromeOS
LTS-120 is being updated in the LTS (Long Term Support) channel, version 12006099313 (Platform Version: 156621100), for most ChromeOS devices Release notes for LTS-120 can be found here Want to know more about Long-term Support? Click hereThis update contains selective Security fixes, including:Chrome Browser Security Fixes3389 ...

Recent Articles

Google fixes eighth actively exploited Chrome zero-day this year
BleepingComputer • Bill Toulas • 24 May 2024

Google fixes eighth actively exploited Chrome zero-day this year By Bill Toulas May 24, 2024 05:30 AM 0 Google has released a new emergency security update to address the eighth zero-day vulnerability in Chrome browser confirmed to be actively exploited in the wild. The security issue was discovered internally by Google's Clément Lecigne and is tracked as CVE-2024-5274. It is a high-severity 'type confusion' in V8, Chrome's JavaScript engine responsible for executing JS code.  "Google is a...

Read more...

References

CWE-843https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.htmlhttps://issues.chromium.org/issues/341663589https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T6IBUYVPD4MIFQNNYBGAPI5MOECWXXOB/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVC3FNI7HZLVSRIFBVUSBHI233DZYBKP/https://nvd.nist.govhttps://www.bleepingcomputer.com/news/security/google-fixes-eighth-actively-exploited-chrome-zero-day-this-year/https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316firmwareCVE-2024-30078CVE-2024-5995remote code executionlogic flawCVE-2024-20693CVE-2024-37315CVE-2024-5464
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook