Search for vulnerabilities
Vulnerability details: VCID-xkp9-nbs9-aaap
Vulnerability ID VCID-xkp9-nbs9-aaap
Aliases CVE-2024-4558
Summary Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Status Published
Exploitability 0.5
Weighted Severity 8.6
Risk 4.3
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
cvssv3 7.0 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4558.json
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00291 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00339 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00339 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00339 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00339 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00339 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00339 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00339 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00339 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.00339 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.01603 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
epss 0.03477 https://api.first.org/data/v1/epss?cve=CVE-2024-4558
cvssv3 9.6 https://nvd.nist.gov/vuln/detail/CVE-2024-4558
cvssv3.1 9.6 https://nvd.nist.gov/vuln/detail/CVE-2024-4558
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4558.json
https://api.first.org/data/v1/epss?cve=CVE-2024-4558
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4558
http://seclists.org/fulldisclosure/2024/Jul/15
http://seclists.org/fulldisclosure/2024/Jul/16
http://seclists.org/fulldisclosure/2024/Jul/18
https://issues.chromium.org/issues/337766133
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/
2279689 https://bugzilla.redhat.com/show_bug.cgi?id=2279689
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
CVE-2024-4558 https://nvd.nist.gov/vuln/detail/CVE-2024-4558
GLSA-202412-05 https://security.gentoo.org/glsa/202412-05
GLSA-202501-09 https://security.gentoo.org/glsa/202501-09
RHSA-2024:8180 https://access.redhat.com/errata/RHSA-2024:8180
RHSA-2024:8492 https://access.redhat.com/errata/RHSA-2024:8492
RHSA-2024:8496 https://access.redhat.com/errata/RHSA-2024:8496
RHSA-2024:9144 https://access.redhat.com/errata/RHSA-2024:9144
RHSA-2024:9636 https://access.redhat.com/errata/RHSA-2024:9636
RHSA-2024:9646 https://access.redhat.com/errata/RHSA-2024:9646
RHSA-2024:9653 https://access.redhat.com/errata/RHSA-2024:9653
RHSA-2024:9679 https://access.redhat.com/errata/RHSA-2024:9679
RHSA-2024:9680 https://access.redhat.com/errata/RHSA-2024:9680
USN-6996-1 https://usn.ubuntu.com/6996-1/
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4558.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-4558
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-4558
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.14083
EPSS Score 0.00044
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-05-07T22:07:53.425297+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 34.0.0rc4