CVE-2024-7971

Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page....

Basic Information

CVE State: PUBLISHED
Reserved Date: August 19, 2024
Published Date: August 21, 2024
Last Updated: August 31, 2024
Vendor: Google
Product: Chrome
Description: Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVSS Scores

CVSS v3.1

9.6 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2024-08-26 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2025-04-12 23:40:52 UTC) Source

References

https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/360700873

Known Exploited Vulnerability Information

Source	Added Date
CISA	2024-08-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

mistymntncop/CVE-2024-7971

Type: github • Created: 2025-04-12 23:40:52 UTC • Stars: 29