Medium severity5.3NVD Advisory· Published Jan 12, 2024· Updated Jun 17, 2026
CVE-2024-21639
CVE-2024-21639
Description
CEF (Chromium Embedded Framework ) is a simple framework for embedding Chromium-based browsers in other applications. CefLayeredWindowUpdaterOSR::OnAllocatedSharedMemory does not check the size of the shared memory, which leads to out-of-bounds read outside the sandbox. This vulnerability was patched in commit 1f55d2e.
Affected products
3(expand)+ 1 more
- (no CPE)
- (no CPE)range: < commit 1f55d2e
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.