Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2021-30551

Published: 15/06/2021 Updated: 07/11/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 606
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Google

Vulnerability Summary

Type confusion in V8 in Google Chrome before 91.0.4472.101 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

fedoraproject fedora 33

fedoraproject fedora 34

Vendor Advisories

Arch Linux Issues:
A type confusion security issue has been found in the V8 component of the Chromium browser before version 9104472101 Google is aware that an exploit for CVE-2021-30551 exists in the wild ...
Google Chrome: Stable Channel Update for Desktop
The Stable channel has been updated to 9104472101 for Windows, Mac and Linux which will roll out over the coming days/weeksA full list of changes in this build is available in the log Interested in switching release channels?  Find out how here If you find a new issue, please let us know by filing a bug The community help forum is also ...

Github Repositories

https://github.com/barney0/WU-STHACK-2022

IIntroduction During the STHACK 2022 (CTF event @Bordeaux France), Laluka has created few web challenges including the Headless Updateless Brainless challenge that had a "pwn" exploitation step To be honest, this challenge was not resolved by our team during the CTF Got stuck at the last final exploitation step After chatting with Laluka, he agreed to give us an ac

https://github.com/xmzyshypnc/CVE-2021-30551

my exp for chrome V8 CVE-2021-30551

CVE-2021-30551 My exp for chrome V8 CVE-2021-30551 You can found your chrome version by chrome://version or go to whatsmyuseragentorg/ You can set up a webserver locally using python like: python3 -m httpserver 8080 And the test it by accessing 127001:8080

Recent Articles

Microsoft, Google, Citizen Lab blow lid off zero-day bug-exploiting spyware sold to governments
The Register • Iain Thomson in San Francisco • 16 Jul 2021

100+ dissidents, politicians, journos targeted by Israeli espionage toolkit

Analysis Software patches from Microsoft this week closed two vulnerabilities exploited by spyware said to have been sold to governments by Israeli developer Candiru. On Thursday, Citizen Lab released a report fingering Candiru as the maker of the espionage toolkit, an outfit Microsoft code-named Sourgum. It is understood the spyware, code-named DevilsTongue by Microsoft, exploited at least a pair of zero-day holes in Windows to infect particular targets' machines. Redmond said at least 100 peop...

Read more...

References

CWE-843https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.htmlhttps://crbug.com/1216437https://security.gentoo.org/glsa/202107-06https://security.gentoo.org/glsa/202208-25https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43/https://nvd.nist.govhttps://github.com/barney0/WU-STHACK-2022https://github.com/xmzyshypnc/CVE-2021-30551https://www.theregister.co.uk/2021/07/16/microsoft_candiru_malware/https://security.archlinux.org/CVE-2021-30551https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook