RafaelGSS
commented
3 weeks ago cc: @nodejs/v8 I believe it might have the same assessment as #191, right?
Open qinpeilin opened 1 month ago
RafaelGSS
commented
3 weeks ago cc: @nodejs/v8 I believe it might have the same assessment as #191, right?
Hi colleague,
In recent BDBA scan, there is one CVE:
https://nvd.nist.gov/vuln/detail/CVE-2024-7535
detected in node.js. According to the description of above, it was detected in V8 in Google Chrome. Here we would like to further confirm whether it is true positive in node.js or not.
Additional information
Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Best regards, Peilin