Search for vulnerabilities
Vulnerability details: VCID-81te-ne9y-pqcc
Vulnerability ID VCID-81te-ne9y-pqcc
Aliases CVE-2024-9959
Summary Use after free in DevTools in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)
Status Published
Exploitability 0.5
Weighted Severity 7.9
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
epss 0.00189 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00189 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00189 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00189 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00189 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00189 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00189 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00189 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00189 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00189 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00189 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00189 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.0024 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.0024 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.0024 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.0024 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.0024 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.0024 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00244 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00244 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00244 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00244 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00244 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00244 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00244 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
epss 0.00244 https://api.first.org/data/v1/epss?cve=CVE-2024-9959
cvssv3.1 8.8 https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html
ssvc Track https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html
cvssv3.1 8.8 https://issues.chromium.org/issues/368672129
ssvc Track https://issues.chromium.org/issues/368672129
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2024-9959
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2024-9959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9959
368672129 https://issues.chromium.org/issues/368672129
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
CVE-2024-9959 https://nvd.nist.gov/vuln/detail/CVE-2024-9959
stable-channel-update-for-desktop_15.html https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:57:36Z/ Found at https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://issues.chromium.org/issues/368672129
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:57:36Z/ Found at https://issues.chromium.org/issues/368672129
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-9959
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.41138
EPSS Score 0.00189
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T09:06:38.754493+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2024/9xxx/CVE-2024-9959.json 37.0.0