Lucene search

Veracode Vulnerability DatabaseVERACODE:45735

HistoryMar 04, 2024 - 4:22 a.m.

Type Confusion

2024-03-0404:22:14

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

type confusion

google chrome

v8 engine

vulnerability

remote attacker

crafted html page

security issues

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%

JSON

Google Chrome is vulnerable to Type Confusion. The vulnerability is due to type confusion in the V8 engine of Google Chrome versions prior to 122.0.6261.94. A remote attacker could potentially exploit this by using a crafted HTML page to corrupt objects, leading to security issues.

CPENameOperatorVersion
chromium:sideq88.0.4324.182-1
chromium:sideq83.0.4103.116-3.1
chromium:sideq88.0.4324.182-1
chromium:sideq83.0.4103.116-3.1

Name	Operator	Version
chromium:sid	eq	88.0.4324.182-1
chromium:sid	eq	83.0.4103.116-3.1
chromium:sid	eq	88.0.4324.182-1
chromium:sid	eq	83.0.4103.116-3.1

References

chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_27.html

issues.chromium.org/issues/323694592

lists.fedoraproject.org/archives/list/[email protected]/message/FGWSP5MIK7CDWJQHN2SJJX2YGSSS7E4O/

lists.fedoraproject.org/archives/list/[email protected]/message/L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG/

lists.fedoraproject.org/archives/list/[email protected]/message/YTGM2WHYSZAUUPENB7YO6E5ONAKE6AKJ/

security-tracker.debian.org/tracker/CVE-2024-1939