Use of Uninitialized Variable
CVE-2024-6990
Summary
Uninitialized Use in Dawn in Google Chrome on Android versions prior to 127.0.6533.88 allowed a remote attacker to potentially perform out-of-bounds memory access via a crafted HTML page.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- HIGH
CWE-457 - Use of Uninitialized Variable
The code uses a variable that has not been initialized, leading to unpredictable or unintended results.
References
Advisory Timeline
- Published