Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
605
VMScore

CVE-2021-21148

Published: 09/02/2021 Updated: 07/11/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Chrome

Vulnerability Summary

Heap buffer overflow in V8 in Google Chrome before 88.0.4324.150 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

fedoraproject fedora 32

fedoraproject fedora 33

debian debian linux 10.0

Vendor Advisories

Debian Security Advisories: DSA-4858-1 chromium -- security update
Several vulnerabilities have been discovered in the chromium web browser CVE-2021-21148 Mattias Buelens discovered a buffer overflow issue in the v8 javascript library CVE-2021-21149 Ryoya Tsukasaki discovered a stack overflow issue in the Data Transfer implementation CVE-2021-21150 Woojin Oh discovered a use-after-free issu ...
Arch Linux Issues:
A heap buffer overflow security issue was found in the V8 component of the Chromium browser before version 8804324150 ...
Google Chrome: Stable Channel Update for Desktop
The Stable channel has been updated to 8804324150 for Windows, Mac and Linux which will roll out over the coming days/weeksA full list of changes in this build is available in the log Interested in switching release channels?  Find out how here If you find a new issue, please let us know by filing a bug The community help forum is also ...
Check Point Security Alerts: Google Chrome Buffer Overflow (CVE-2021-21148)
Check Point Reference: CPAI-2021-2071 Date Published: 14 Dec 2023 Severity: High ...

Github Repositories

https://github.com/Grayhaxor/CVE-2021-21148

CVE-2021-21148 02/08/2021 01:00:00 -run exp

Recent Articles

Chrome zero-day bug that is actively being abused by bad folks affects Edge, Vivaldi, and other Chromium-tinged browsers
The Register • Gareth Corfield • 05 Feb 2021

Install your updates pronto Vivaldi composes sweet ad-blocking symphony for users of browser's Android version Rubbish software security patches responsible for a quarter of zero-days last year

If you use Google Chrome or a Chromium-based browser such as Microsoft Edge, update it immediately and/or check it for updates over the coming days: there is a zero-day bug being "actively exploited" in the older version of Chrome that will also affect other vendors' browsers. Details are intentionally scant until enough of the wider world has installed the update, but the flaw exists in how Chrome handles heap overflows in V8, Chromium's Javascript engine. Chrome users should update now to vers...

Read more...

References

CWE-787https://crbug.com/1170176https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_4.htmlhttps://www.debian.org/security/2021/dsa-4858https://security.gentoo.org/glsa/202104-08http://packetstormsecurity.com/files/162579/Chrome-Array-Transfer-Bypass.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUQSMNV7INLDDSD3RKI5S5EAULX2QC7P/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ACWYJ74Z3YN2XH4QMUEGNBC3VXX464L/https://nvd.nist.govhttps://www.debian.org/security/2021/dsa-4858
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook