PT-2024-7365 · Google+5 · Google Chrome+5

Pisanbao

Published

2024-10-01

Updated

2025-11-20

CVE-2024-9369

CVSS v3.1

9.6

Critical

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 129.0.6668.89 Microsoft Edge (affected versions not specified)

Description: The issue is related to insufficient data validation in Mojo, allowing a remote attacker who has compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. This can lead to a denial of service. The severity of this issue is considered high.

Recommendations: For Google Chrome versions prior to 129.0.6668.89, update to version 129.0.6668.89 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1284CWE-20

Related Identifiers

ALT-PU-2024-17740

ALT-PU-2025-4366

BDU:2024-08729

CVE-2024-9369

DSA-5781-1

MGASA-2024-0341

MGASA-2025-0020

OPENSUSE-SU-2024:0327-1

OPENSUSE-SU-2024:14383-1

Affected Products

Alt Linux

Astra Linux

Debian

Google Chrome

Edge

Red Os

PT-2024-7365 · Google+5 · Google Chrome+5

CVE-2024-9369

Weakness Enumeration

Related Identifiers

Affected Products

References · 55