Home

CVE-2024-2883

Description

Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.302

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2024-2883,CVE-2024-2885,CVE-2024-2886,CVE-2024-2887 are fixed in Google Chrome (x64) (123.0.6312.86, 123.0.6312.87)Windows
Vulnerabilities CVE-2024-2883,CVE-2024-2885,CVE-2024-2886,CVE-2024-2887 are fixed in Google Chrome (123.0.6312.86, 123.0.6312.87)Windows
Vulnerabilities CVE-2024-2883,CVE-2024-2885,CVE-2024-2886,CVE-2024-2887 are fixed in Microsoft Edge for chromium business (123.0.2420.65) (x64)Windows
Vulnerabilities CVE-2024-2883,CVE-2024-2885,CVE-2024-2886,CVE-2024-2887 are fixed in Microsoft Edge for chromium business (123.0.2420.65) (x86)Windows
chromium security update(DSA-5648-1) chromium_123.0.6312.86-1~deb12u1_i386.debLinux
chromium security update(DSA-5648-1) chromium_123.0.6312.86-1~deb12u1_amd64.debLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-337072Google Chrome (x64) (123.0.6312.86, 123.0.6312.87)
PATCH-337071Google Chrome (123.0.6312.86, 123.0.6312.87)
PATCH-38531Microsoft Edge for chromium business (123.0.2420.65) (x64)
PATCH-38530Microsoft Edge for chromium business (123.0.2420.65) (x86)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234