CVE-2024-12381
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Dec 12, 2024
Updated: Dec 13, 2024
CWE ID 843
Summary
CVE-2024-12381 is a type confusion vulnerability affecting Google Chrome versions prior to 131.0.6778.139. An attacker can exploit this issue by crafting a malicious HTML page, potentially leading to heap corruption. This vulnerability allows a remote attacker to execute arbitrary code with high severity, as classified by the Chromium project. Despite the technical specifics being a type confusion issue in V8, the crux of the problem is the potential for code injection and execution, making it a significant security concern for Chrome users.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share