Search for vulnerabilities
Vulnerability details: VCID-6wjv-abpu-aaan
Vulnerability ID VCID-6wjv-abpu-aaan
Aliases CVE-2024-4761
Summary Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
Status Published
Exploitability 2.0
Weighted Severity 7.9
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-787 Out-of-bounds Write
System Score Found at
cvssv3 8.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4761.json
epss 0.00223 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00223 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00223 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00223 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00223 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00223 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00223 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00223 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00223 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00223 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00223 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00223 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00303 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00303 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00303 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00785 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00968 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00968 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00968 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00968 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00968 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00968 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00968 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00968 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00968 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.00995 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.02243 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.03951 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.03951 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.03951 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.10467 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.10467 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.10467 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.38936 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.38936 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.38936 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.38936 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.38936 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.38936 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.38936 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.38936 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.38936 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.38936 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.38936 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.38936 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
epss 0.69102 https://api.first.org/data/v1/epss?cve=CVE-2024-4761
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2024-4761
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2024-4761
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4761.json
https://api.first.org/data/v1/epss?cve=CVE-2024-4761
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_13.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4761
https://issues.chromium.org/issues/339458194
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/
2280589 https://bugzilla.redhat.com/show_bug.cgi?id=2280589
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
CVE-2024-4761 https://nvd.nist.gov/vuln/detail/CVE-2024-4761
GLSA-202501-09 https://security.gentoo.org/glsa/202501-09
Data source KEV
Date added May 16, 2024
Description Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Due date June 6, 2024
Note 
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_13.html; https://nvd.nist.gov/vuln/detail/CVE-2024-4761
Ransomware campaign use Unknown
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4761.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-4761
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-4761
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.61020
EPSS Score 0.00223
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-05-17T12:42:35.304700+00:00 NVD Importer Import https://nvd.nist.gov/vuln/detail/CVE-2024-4761 34.0.0rc4