CVE-2024-5159

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-5159

Severity

8.8

High

CVSS CVSS_V3

Description

Heap buffer overflow in ANGLE in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

References

https://images.chainguard.dev/security/CGA-4mm2-vgrg-hqvx
https://github.com/advisories/GHSA-qmp7-vwf7-6g2g
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/
https://issues.chromium.org/issues/335613092
https://security-tracker.debian.org/tracker/CVE-2024-5159

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Private Policy

CVE-2024-5159

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources