Insufficient data validation in V8 in Google Chrome before 87.0.4280.88 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
|Vulnerable Product||Search on Vulmon||Subscribe to Product|
Google’s Chrome browser has several security vulnerabilities that could pave the way to multiple types of attacks, including a V8 bug that could allow remote code execution (RCE) within a user’s browser.
The high-severity V8 issue is tracked as CVE-2021-21227, and was reported by Gengming Liu from Singular Security Lab. Google describes the bug as “insufficient data validation in V8” but is keeping other details close to its vest.
However, Liu told SecurityWeek that the bug i...
Google has rolled out an update last week for its Chrome web browser that fixes a range of security flaws including four that have been classified as highly severe. The vulnerabilities affect the Windows, macOS, and Linux versions of the popular browser.
As is common, details about the security loopholes are not openly shared by the tech titan until most users have had a chance to update their browsers to the newest version, mitigating the chance of the flaws being exploited by threat acto...
Google has updated its Chrome web browser, fixing four bugs with a severity rating of “high” and eight overall. Three are use-after-free flaws, which could allow an adversary to generate an error in the browser’s memory, opening the door to a browser hack and host computer compromise.
On Friday, the Cybersecurity and Infrastructure Security Agency (CISA) issued a security bulletin urging users and infosec administrators to apply the update. The agency warned that the vulnerabilities ...