CVE-2024-5830 — Type Confusion in Google Chrome

CWE-843 — Type Confusion CWE-787 — Out-of-bounds Write7 documents7 sources

Severity

8.8HIGHNVD

EPSS

6.2%

top 9.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Chrome Chromium Fedoraproject Fedora

Timeline

PublishedJun 11

Description

Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5google/chrome126.0.6478.54 — 126.0.6478.54

▶NVDgoogle/chrome< 126.0.6478.54

▶Debianchromium/chromium< 126.0.6478.56-1~deb12u1+2

Also affects: Fedora 39, 40

🔴Vulnerability Details

OSV

CVE-2024-5830: Type Confusion in V8 in Google Chrome prior to 126↗2024-06-11

▶

GHSA

GHSA-fchp-8m28-g68f: Type Confusion in V8 in Google Chrome prior to 126↗2024-06-11

▶

CVEList

CVE-2024-5830: Type Confusion in V8 in Google Chrome prior to 126↗2024-06-11

▶

📋Vendor Advisories

Microsoft

Chromium: CVE-2024-5830 Type Confusion in V8↗2024-06-11

▶

Chrome

Stable Channel Update for Desktop: CVE-2024-5830↗2024-06-11

▶

Debian

CVE-2024-5830: chromium - Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote at...↗2024

▶