CVE-2024-4947

9.6CRITICAL

Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Published: 5/15/2024Updated: 10/24/2025
View on NVDView on MITRE

CISA Known Exploited Vulnerability

Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page.

Required Action:

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Due Date:

2024-06-10

Description

Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

AI AnalysisPowered by AI

Affected Products

googlechrome
fedoraprojectfedora
38
fedoraprojectfedora
39
fedoraprojectfedora
40

References