Vulnerability Details : CVE-2021-4102
Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Vulnerability category: Memory Corruption
CVE-2021-4102 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:Google Chromium V8 Use-After-Free Vulnerability
CISA required action:Apply updates per vendor instructions.
CISA description:Google Chromium V8 Engine contains a use-after-free vulnerability which can allow a remote attacker to execute arbitrary code on the target system.
Added on 2021-12-15 Action due date 2021-12-29
Exploit prediction scoring system (EPSS) score for CVE-2021-4102
Probability of exploitation activity in the next 30 days: 5.62%
CVSS scores for CVE-2021-4102
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|
CWE ids for CVE-2021-4102
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Assigned by: [email protected] (Primary)
References for CVE-2021-4102
Third Party Advisory
Release Notes;Vendor Advisory