CVE-2024-9370 — Chromium vulnerability

7 documents6 sources

Severity

8.8HIGH

No vector

EPSS

No EPSS data

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Chromium Paloalto Prisma Browser Google Chrome Chrome +1 more

Timeline

PublishedOct 1

Latest updateOct 9

Description

Stable Channel Update for Desktop CVE-2024-7025: Integer overflow in Layout. Reported by Tashita Software Security on 2024-09-18 [TBD][ 368208152 ] High CVE-2024-9369: Insufficient data validation in Mojo Reported by Xiantong Hou and Pisanbao of Wuheng Lab on 2024-09-19 [TBD][ 368311899 ] High CVE-2024-9370: Inappropriate implementation in V8 Severity: high

Affected Packages4 packages

▶debiandebian/chromium< chromium 129.0.6668.89-1~deb12u1 (bookworm)

▶msrcmsrc/microsoft_edge

▶googlegoogle/chrome_chrome

▶Palo Altopaloalto/prisma_browser

📋Vendor Advisories

Palo Alto

PAN-SA-2024-0011 Chromium: Monthly Vulnerability Updates↗2024-10-09

▶

Microsoft

Chromium: CVE-2024-9370 Inappropriate implementation in V8↗2024-10-08

▶

Chrome

Stable Channel Update for Desktop: CVE-2024-7025↗2024-10-01

▶

Debian

CVE-2024-9370: chromium↗2024

▶

🕵️Threat Intelligence

Bleepingcomputer

Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws↗2024-10-08

▶

Trendmicro

The October 2024 Security Update Review↗2024-10-08

▶

Trendmicro

The October 2024 Security Update Review↗2024-10-08

▶