What is CVE-2024-0517?

CVE-2024-0517 is a vulnerability in Google Chrome. Published 2024-01-16.

Is CVE-2024-0517 known to be exploited?

17 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Google Chrome

CVE-2024-0517

Out of bounds write in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

EPSS: 0.755 (98.9th percentile) — read the EPSS interpretation.

Affected products

Google Chrome — versions 120.0.6099.224

Public proof-of-concept exploits

0xor0ne/awesome-list
ARPSyndicate/cve-scores
Jalexander798/JA_
P3gEcTH8uJiYFVKb7lIn/awesome-list
Uniguri/CVE-1day
Uniguri/CVE-nday
bachkhoasoft/awesome-list-ks
gmh5225/vulnjs
kolaarionvull/awesome-list
mwlik/v8-resources

References

chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html
crbug.com/1515930
lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/…
lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/…

Frequently asked questions

What is CVE-2024-0517?: CVE-2024-0517 is a vulnerability in Google Chrome. Published 2024-01-16.
Is CVE-2024-0517 known to be exploited?: 17 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.