PT-2024-9999 · Google+4 · Google Chrome+5

Chluo

Published

2024-12-03

Updated

2026-05-01

CVE-2024-12053

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 131.0.6778.108

Description A type confusion issue exists in the V8 JavaScript engine, specifically involving WebAssembly where relative types leak from the type canonicalizer. This flaw allows a remote attacker to potentially exploit object corruption or execute arbitrary code via a crafted HTML page.

Recommendations Update to version 131.0.6778.108 or later.

Fix

DoS

RCE

Type Confusion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-843

Related Identifiers

ALT-PU-2024-17740

ALT-PU-2025-4366

BDU:2025-00126

CVE-2024-12053

DSA-5824-1

OPENSUSE-SU-2024:0405-1

OPENSUSE-SU-2024:0406-1

OPENSUSE-SU-2024:14552-1

Affected Products

Alt Linux

Astra Linux

Debian

Google Chrome

Red Os

V8 Javascript Engine

PT-2024-9999 · Google+4 · Google Chrome+5

CVE-2024-12053

Weakness Enumeration

Related Identifiers

Affected Products

References · 45