CVE-2024-10488: Chromium: CVE-2024-10488 Use after free in WebRTC

CVE-2024-10487: Chromium: CVE-2024-10487: Out of bounds write in Dawn

CVE-2024-10231: Chromium: CVE -2024-10231 Type Confusion in V8

CVE-2024-10230: Chromium: CVE -2024-10230 Type Confusion in V8

CVE-2024-10229: Chromium: CVE -2024-10229 Inappropriate implementation in Extensions

**According to the CVSS metric, Confidentiality is high (C:H) but integrity is none (I:N) and availability is none (A:N). What does that mean for this vulnerability?**

An attacker who successfully exploited this vulnerability could gain access to sensitive information such as Azure IoT Operations secrets and potentially other credentials or access tokens stored within the Kubernetes cluster.

Headline

CVE-2024-28917: Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability

Microsoft Security Response Center: Latest News