Search for vulnerabilities
Vulnerability details: VCID-u5e3-ea83-rqa8
Vulnerability ID VCID-u5e3-ea83-rqa8
Aliases CVE-2024-5157
Summary Use after free in Scheduling in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Status Published
Exploitability 0.5
Weighted Severity 7.9
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
epss 0.00724 https://api.first.org/data/v1/epss?cve=CVE-2024-5157
cvssv3.1 8.8 https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html
ssvc Track https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html
cvssv3.1 8.8 https://issues.chromium.org/issues/336012573
ssvc Track https://issues.chromium.org/issues/336012573
cvssv3.1 8.8 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/
cvssv3.1 8.8 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2024-5157
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2024-5157
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5157
336012573 https://issues.chromium.org/issues/336012573
5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
CVE-2024-5157 https://nvd.nist.gov/vuln/detail/CVE-2024-5157
FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/
stable-channel-update-for-desktop_21.html https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T14:18:12Z/ Found at https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://issues.chromium.org/issues/336012573
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T14:18:12Z/ Found at https://issues.chromium.org/issues/336012573
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T14:18:12Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T14:18:12Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-5157
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.7165
EPSS Score 0.00724
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:40:47.336678+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.21/community.json 37.0.0