← back
CVE-2021-30563

CVE-2021-30563

CVSS 8.8 HIGHEPSS 8.9%● KEVCWE-843
In short

A type confusion vulnerability in Chrome's V8 engine allows attackers to create malicious web pages that corrupt memory, potentially taking over your browser.

Technical detail

Type confusion in V8 (CWE-843) permits remote code execution through crafted HTML pages by exploiting incorrect type checking, leading to heap memory corruption. Requires user interaction to visit a malicious site; impact includes arbitrary code execution with Chrome renderer process privileges.

Summary generated and translated by AI from the official description.
Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Google · Chrome

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.htmlhttps://crbug.com/1228407https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-30563