Security News > 2024 > May > Google patches third exploited Chrome zero-day in a week

Google patches third exploited Chrome zero-day in a week
2024-05-15 22:36

Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week.

Chrome updates automatically when security patches are available.

CVE-2024-0519: A high-severity out-of-bounds memory access weakness within the Chrome V8 JavaScript engine, allowing remote attackers to exploit heap corruption via a specially crafted HTML page, leading to unauthorized access to sensitive information.

Google Chrome emergency update fixes 6th zero-day exploited in 2024.

Google fixes fifth Chrome zero-day exploited in attacks this year.

Apple backports fix for zero-day exploited in attacks to older iPhones.


News URL

https://www.bleepingcomputer.com/news/google/google-patches-third-exploited-chrome-zero-day-in-a-week/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2024-0519 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject couchbase CWE-787
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 102 253 4216 4506 727 9702