CVE-2024-4671
CVSS Score
9.6
EPSS Score
0.0%
EPSS Percentile
0th
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
| Vendor | |
| Product | chrome |
| Ecosystems | |
| Industries | Technology |
| Published | May 9, 2024 |
| Last Updated | Oct 21, 2025 |
โ ๏ธ Actively Exploited โ Act Now
Get instant alerts for google chrome
This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2024-4671.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Google / Chrome
124.0.6367.201 < 124.0.6367.201
References
chromereleases.googleblog.com: https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html issues.chromium.org: https://issues.chromium.org/issues/339266700 lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/ lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/ lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/ lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/ lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/ cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4671