What is CVE-2021-21224?

CVE-2021-21224 is a type confusion vulnerability in Google Chromium V8 Engine that allows remote code execution.

Which software is affected by CVE-2021-21224?

Software affected by CVE-2021-21224 includes web browsers that utilize Chromium, such as Google Chrome and Microsoft Edge, as well as Debian Linux and Fedoraproject Fedora.

How severe is CVE-2021-21224?

CVE-2021-21224 has a severity rating of 8.8, which is considered high.

How can CVE-2021-21224 be fixed?

To fix CVE-2021-21224, it is recommended to update to the latest versions of affected software, such as Google Chrome version 90.0.4430.212, Debian Chromium version 90.0.4430.212-1~deb10u1, and Fedoraproject Chromium version 118.0.5993.70-1.

Where can I find more information about CVE-2021-21224?

For more information about CVE-2021-21224, you can refer to the following references: [1] [2] [3]

Vulnerability/
CVE-2021-21224

Exploited

high

8.8

CWE

843

5/4/2021

26/4/2021

21/11/2024

CVE-2021-21224: Google Chromium V8 Type Confusion Vulnerability

First published: Mon Apr 05 2021(Updated: )

Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Credit: chrome-cve-admin@google.com chrome-cve-admin@google.com Jose Martinez (tr0y4) VerSprite Inc chrome-cve-admin@google.com

Affected Software	Affected Version	How to fix
debian/chromium		90.0.4430.212-1~deb10u1 116.0.5845.180-1~deb11u1 118.0.5993.70-1~deb11u1 116.0.5845.180-1~deb12u1 118.0.5993.70-1~deb12u1 118.0.5993.70-1
Google Chrome	<90.0.4430.85
Debian Debian Linux	=10.0
Fedoraproject Fedora	=32
Fedoraproject Fedora	=33
Fedoraproject Fedora	=34
Google Chrome	<90.0.4430.85	90.0.4430.85
	<90.0.4430.85
	=10.0
	=32
	=33
	=34
Google Chromium V8

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

1247606144415232205

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is CVE-2021-21224?
CVE-2021-21224 is a type confusion vulnerability in Google Chromium V8 Engine that allows remote code execution.
Which software is affected by CVE-2021-21224?
Software affected by CVE-2021-21224 includes web browsers that utilize Chromium, such as Google Chrome and Microsoft Edge, as well as Debian Linux and Fedoraproject Fedora.
How severe is CVE-2021-21224?
CVE-2021-21224 has a severity rating of 8.8, which is considered high.
How can CVE-2021-21224 be fixed?
To fix CVE-2021-21224, it is recommended to update to the latest versions of affected software, such as Google Chrome version 90.0.4430.212, Debian Chromium version 90.0.4430.212-1~deb10u1, and Fedoraproject Chromium version 118.0.5993.70-1.
Where can I find more information about CVE-2021-21224?
For more information about CVE-2021-21224, you can refer to the following references: [1] [2] [3]

collector/security-tracker-debian
agent/type
collector/nvd-index
agent/software-canonical-lookup-request
agent/weakness
agent/title
agent/description
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/severity
agent/first-publish-date
exploited/true
collector/chrome-releases
collector/mitre-cve
source/MITRE
collector/cisa-known-exploited
source/CISA
agent/references
agent/softwarecombine
agent/tags
agent/event
agent/author
collector/nvd-cve
agent/last-modified-date
agent/trending
package-manager/debian
vendor/google
canonical/google chrome
vendor/debian
canonical/debian debian linux
version/debian debian linux/10.0
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/32
version/fedoraproject fedora/33
version/fedoraproject fedora/34
canonical/google chromium v8