Remote Code Execution Vulnerability in Google Chrome Prior to 126.0.6478.114
CVE-2024-6100

8.8HIGH

Key Information:

Vendor

Google
Status
Chrome
Vendor
CVE Published:
20 June 2024

Badges

đź“° News Worthy

What is CVE-2024-6100?

A vulnerability in the V8 JavaScript engine within Google Chrome has been identified, which can be exploited through crafted HTML content. This type confusion flaw enables a remote attacker to execute arbitrary code, potentially compromising the affected system. Security updates have been released addressing this issue, emphasizing the importance of keeping browser software up to date to mitigate risks associated with such vulnerabilities. Users and organizations are advised to review their current Chrome versions and apply necessary updates to protect against potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Chrome 126.0.6478.114

News Articles

favicon imageWinCert

Google Chrome 126.0.6478.127 Dual x86x64 Silent

(Adobe Stock) Google has issued a Chrome 126 security update, addressing six vulnerabilities, including a flaw, tracked as CVE-2024-6100 which was demonstrated during the SSD Secure Disclosure’s TyphoonPWN 2024. TyphoonPWN is a live hacking competition held annually at TyphoonCon, an Offensive Se...

References

https://chromereleases.googleblog.com/2024/06/stable-chan...
https://issues.chromium.org/issues/344608204
https://lists.fedoraproject.org/archives/list/package-ann...

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • đź“°

    First article discovered by WinCert

  • Vulnerability published

JSON
.