CVE-2024-3837

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Apr 17, 2024
Updated: Jul 3, 2024
CWE ID 416

Summary

CVE-2024-3837 is a use-after-free vulnerability affecting Google Chrome versions prior to 124.0.6367.60. This issue lies within the QUIC implementation, allowing a remote attacker to potentially exploit heap corruption if they have compromised the renderer process. The attacker could achieve this by crafting a malicious HTML page. The Chromium security team has classified this vulnerability as having medium severity.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share