The US CISA has added Google Chrome vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2024-7971 Google Chromium V8 contains a type of confusion vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
The agency set the due date as 16th September 2024 for all federal agencies for remediating the vulnerability
