Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0405-1 advisory.

    Chromium 131.0.6778.108 (stable released 2024-12-04) (boo#1234118)

    - CVE-2024-12053: Type Confusion in V8

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0406-1 advisory.

    Chromium 131.0.6778.108 (stable released 2024-12-04) (boo#1234118)

    - CVE-2024-12053: Type Confusion in V8

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3d5b7860-48ad-48c2-aa36-601b8ab9cc43 advisory.

    Chrome Releases reports:
    This update includes 4 security fixes:

Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-35cc1d9ec0 advisory.

    Update to 131.0.6778.108

    * High CVE-2024-12053: Type Confusion in V8


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-791faa660a advisory.

    Update to 131.0.6778.108

    * High CVE-2024-12053: Type Confusion in V8


Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5824 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-5824-1                   security@debian.org     https://www.debian.org/security/                           Andres Salomon     December 06, 2024                     https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : chromium     CVE ID         : CVE-2024-12053

    Security issues were discovered in Chromium which could result     in the execution of arbitrary code, denial of service, or information     disclosure.

    For the stable distribution (bookworm), this problem has been fixed in     version 131.0.6778.108-1~deb12u1.

    We recommend that you upgrade your chromium packages.

    For the detailed security status of chromium please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/chromium

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote macOS host is prior to 131.0.6778.108. It is, therefore, affected by a vulnerability as referenced in the 2024_12_stable-channel-update-for-desktop advisory.

  - Type Confusion in V8. (CVE-2024-12053)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote Windows host is prior to 131.0.6778.108. It is, therefore, affected by a vulnerability as referenced in the 2024_12_stable-channel-update-for-desktop advisory.

  - Type Confusion in V8. (CVE-2024-12053)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
212745	openSUSE 15 Security Update : chromium (openSUSE-SU-2024:0405-1)	Nessus	SuSE Local Security Checks	high
212744	openSUSE 15 Security Update : chromium (openSUSE-SU-2024:0406-1)	Nessus	SuSE Local Security Checks	high
212658	FreeBSD : chromium -- multiple security fixes (3d5b7860-48ad-48c2-aa36-601b8ab9cc43)	Nessus	FreeBSD Local Security Checks	high
212157	Fedora 40 : chromium (2024-35cc1d9ec0)	Nessus	Fedora Local Security Checks	critical
212153	Fedora 41 : chromium (2024-791faa660a)	Nessus	Fedora Local Security Checks	critical
212132	Debian dsa-5824 : chromium - security update	Nessus	Debian Local Security Checks	high
212027	Google Chrome < 131.0.6778.108 Vulnerability	Nessus	MacOS X Local Security Checks	high
212026	Google Chrome < 131.0.6778.108 Vulnerability	Nessus	Windows	high

Detections

Analytics

CVE-2024-12053

high

Tenable Plugins

high

high

high

critical

critical

high

high

high