Google Chromium V8 Type Confusion Vulnerability

Added Feb. 6, 2024 • Due Feb. 27, 2024 • CVE-2023-4762

Overdue Google / Chromium V8 CWE-843

Description

Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Required Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

References

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html
https://nvd.nist.gov/vuln/detail/CVE-2023-4762

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 5 months, 4 weeks ago