Vulnerability detail

Enriched intelligence for a single CVE

8.8

CVSS
High

CVE-2021-4102

PUBLISHED

Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Exploited in the wild Remote Low complexity

Vendor: Google
Product: Chrome
Published: Feb 11, 2022
EPSS: —

Description

Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

cisa

CVSS scores

CVSS v3.1 8.8 High

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2.0 6.8

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitation status

Exploited in the wild

Recorded 2021-12-15 00:00:00 UTC · Source

SSVC decision points

Exploitation: active
Automatable: No
Technical impact: total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CISA	Dec 15, 2021
CISA	Dec 15, 2021

Timeline

CVE ID Reserved

December 10, 2021
Added to KEVIntel

December 15, 2021
Added to KEVIntel

December 15, 2021
CVE Published to Public

February 11, 2022