The Latest in IT Security

Google Patches Yet Another Serious V8 Vulnerability in Chrome

28
Apr
2021
Google Patches Yet Another Serious V8 Vulnerability in Chrome

image credit: pixabay

The flaw, tracked as CVE-2021-21227 and rated high severity, was reported to Google by researcher Gengming Liu from Chinese cybersecurity firm Singular Security Lab.

The researcher earned $15,000 for reporting the vulnerability, which Google described as “insufficient data validation in V8.”

Liu told SecurityWeek that the flaw can be exploited for remote code execution in the targeted user’s browser, but noted that, similar to other recently disclosed V8 vulnerabilities, it does not escape the Chrome sandbox — a sandbox escape bug is needed to exploit CVE-2021-21227 in real world attacks.

Read More

Comments are closed.

Categories

SUNDAY, MAY 09, 2021
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments