CVE-2024-7971
published 2024-08-21CVE-2024-7971: Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security…
critical9.6CVSS 3.1
AVNACLPRNUIRSCCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2024-09-16
Exploited in the wild
Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 128.0.6613.84-1~deb12u1 | 128.0.6613.84-1~deb12u1 |
| chromium | chromium | >= 0 < 128.0.6613.84-1 | 128.0.6613.84-1 |
| chromium | chromium | >= 0 < 128.0.6613.84-1 | 128.0.6613.84-1 |
| debian | chromium | < chromium 128.0.6613.84-1~deb12u1 (bookworm) | chromium 128.0.6613.84-1~deb12u1 (bookworm) |
| chrome | < 128.0.6613.84 | 128.0.6613.84 | |
| chrome | >= 128.0.6613.84 < 128.0.6613.84 | 128.0.6613.84 | |
| chrome_chrome | — | — | |
| microsoft | edge | < 128.0.2739.42 | 128.0.2739.42 |
| msrc | microsoft_edge | — | — |
| paloalto | prisma_browser | — | — |
CVSS provenance
nvdv3.19.6CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
osv9.6CRITICAL
vulncheck9.6CRITICAL
cisa9.6CRITICAL