CVE-2024-38218Type Confusion in Microsoft Edge

CWE-843Type ConfusionCWE-787Out-of-bounds WriteCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
7.8HIGHNVD
CNA8.4
EPSS
0.5%
top 32.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft EdgeMicrosoft Edge Chromium
Timeline
PublishedAug 12
Latest updateAug 13

Description

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDmicrosoft/edge_chromium< 127.0.2651.98
CVEListV5microsoft/microsoft_edge1.0.0127.0.2651.98

🔴Vulnerability Details

2
GHSA
GHSA-x4w8-rv9m-fp3j: Microsoft Edge (HTML-based) Memory Corruption Vulnerability2024-08-12
CVEList
Microsoft Edge (HTML-based) Memory Corruption Vulnerability2024-08-08

📋Vendor Advisories

1
Microsoft
Microsoft Edge (HTML-based) Memory Corruption Vulnerability2024-08-13
CVE-2024-38218 — Type Confusion in Microsoft Edge | cvebase