CVE-2024-10487: 375123371 Critical Out of bounds write in Dawn372269618 High CVE-2024-10231 Type Confusion in V8371011220 High CVE-2024-10229 Inappropriate implementation in Extensions40076120 Medium CVE-2024-9958 Inappropriate implementation in PictureInPicture328278718 Medium CVE-2024-9963 Insufficient data validation in Downloads
First published: Tue Oct 29 2024(Updated: )
<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2024%C2%A0">Google Chrome Releases</a> for more information.</p>
Credit: chrome-cve-admin@google.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Edge | <130.0.2849.68 | |
| Microsoft Edge (Chromium-based) | ||
| Google Chrome | <130.0.6723.92 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.zdnet.com/article/why-you-should-update-chrome-and-firefox-right-now/
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-10487 (Advisory)
- https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html
- https://issues.chromium.org/issues/375123371
- https://chromereleases.googleblog.com/2024/11/long-term-support-channel-update-for.html (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the severity of CVE-2024-10487?
CVE-2024-10487 has been classified with a high severity rating due to its potential impact on both Google Chrome and Microsoft Edge browsers.
How do I fix CVE-2024-10487?
To fix CVE-2024-10487, users should update to the latest version of Google Chrome or Microsoft Edge immediately.
Which versions of Microsoft Edge are affected by CVE-2024-10487?
Microsoft Edge versions up to but not including 130.0.2849.68 are affected by CVE-2024-10487.
Is Microsoft Edge (Chromium-based) affected by CVE-2024-10487?
Yes, Microsoft Edge (Chromium-based) is affected by CVE-2024-10487 and needs to be updated to mitigate the vulnerability.
What should I do if I am using an outdated version of Google Chrome concerning CVE-2024-10487?
If using an outdated version of Google Chrome, users should immediately update to the latest version to protect against CVE-2024-10487.
- agent/type
- agent/weakness
- collector/zdnet-article
- source/ZDNet
- alias/CVE-2024-10487
- alias/CVE-2024-10488
- alias/CVE-2024-10459
- alias/CVE-2024-10458
- collector/msrc
- source/Microsoft
- agent/software-canonical-lookup
- agent/description
- collector/msrc-cve
- collector/mitre-cve
- source/MITRE
- collector/chrome-releases
- agent/title
- agent/references
- agent/author
- agent/severity
- agent/first-publish-date
- agent/trending
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/software-canonical-lookup-request
- agent/tags
- agent/source
- vendor/microsoft
- canonical/microsoft edge (chromium-based)
- vendor/google
- canonical/google chrome
- canonical/microsoft edge