- Description
- Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.6
- Impact score
- 6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Google Chromium V8 Type Confusion Vulnerability
- Exploit added on
- Aug 26, 2024
- Exploit action due
- Sep 16, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
Top 5 Trending CVEs: 1 - CVE-2024-50379 2 - CVE-2024-38200 3 - CVE-2024-12856 4 - CVE-2023-48788 5 - CVE-2024-7971 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
30 Dec 2024
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Version 124.0.6327.3 is significantly outdated. https://t.co/zy62zi4JHz CVE-2024-4058: A critical type confusion vulnerability in ANGLE (WebGL component) that could allow heap corruption exploitation through crafted HTML pages. CVE-2024-7971: A high-severity type confusion in…
@gnukeith
24 Dec 2024
1226 Impressions
3 Retweets
33 Likes
4 Bookmarks
2 Replies
1 Quote
North Korean hackers exploit Chrome zero-day to deploy rootkit North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit.... https://t.co/IcYuqpf5zq
@SecurityAid
13 Dec 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 #Google #Chrome, Type Confusion Vulnerability, #CVE-2024-7971 (Critical) - Critical https://t.co/aIw2VP7zR2
@dailycve
27 Nov 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-7971
@transilienceai
24 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Zero-Day Alert! 🚨North Korean threat actor Citrine Sleet is back, exploiting a zero-day vulnerability (CVE-2024-7971) in Chromium, targeting #Cryptocurrency institutions.💰 Book your #Demo now: https://t.co/lGRc2vih4Q https://t.co/yO6eYeNAIK
@Akitra_Inc
21 Oct 2024
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DAE0C7AB-1D61-4449-BC82-915B019F311F",
"versionEndExcluding": "128.0.6613.84"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B3C4915-21C5-4DB1-8791-EB3AEB04A654",
"versionEndExcluding": "128.0.2739.42"
}
],
"operator": "OR"
}
]
}
]