CVE-2024-2885

Опубликовано: 26 мар. 2024

Источник: debian

EPSS Низкий

Описание

Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
chromium	fixed	123.0.6312.86-1		package
chromium	end-of-life		bullseye	package
chromium	end-of-life		buster	package

EPSS

Процентиль: 53%

0.00302

Низкий

Связанные уязвимости

CVE-2024-2885

CVSS3: 8.8

ubuntu

около 2 лет назад

Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-2885

CVSS3: 8.8

nvd

около 2 лет назад

Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-2885

msrc

около 2 лет назад

Chromium: CVE-2024-2885 Use after free in Dawn

GHSA-qccw-wmvp-8pv9

CVSS3: 7.5

github

около 2 лет назад

Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

BDU:2024-02395

CVSS3: 8.8

fstec

около 2 лет назад

Уязвимость компонента Dawn браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 53%

0.00302

Низкий