Search for vulnerabilities
Vulnerability details: VCID-p45k-cbh4-bqhz
Vulnerability ID VCID-p45k-cbh4-bqhz
Aliases CVE-2024-7022
Summary Uninitialized Use in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
Status Published
Exploitability 0.5
Weighted Severity 4.4
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-457 Use of Uninitialized Variable
CWE-908 Use of Uninitialized Resource
System Score Found at
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
epss 0.0016 https://api.first.org/data/v1/epss?cve=CVE-2024-7022
cvssv3.1 8.8 https://issues.chromium.org/issues/324690505
ssvc Track* https://issues.chromium.org/issues/324690505
cvssv3.1 4.3 https://nvd.nist.gov/vuln/detail/CVE-2024-7022
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2024-7022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7022
324690505 https://issues.chromium.org/issues/324690505
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
CVE-2024-7022 https://nvd.nist.gov/vuln/detail/CVE-2024-7022
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://issues.chromium.org/issues/324690505
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-25T17:52:17Z/ Found at https://issues.chromium.org/issues/324690505
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2024-7022
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.37609
EPSS Score 0.0016
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T09:02:53.147584+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2024/7xxx/CVE-2024-7022.json 37.0.0