← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-38003 — Actively Exploited: Chromium V8 (Google)

Google Chromium V8 Engine has a bug in JSON.stringify, where the internal TheHole value can leak to script code, causing memory corruption. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

CVE IDCVE-2021-38003
VendorGoogle
ProductChromium V8
Vulnerability nameGoogle Chromium V8 Memory Corruption Vulnerability
Date added2021-11-03
Remediation due2021-11-17
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionGoogle Chromium V8 Engine has a bug in JSON.stringify, where the internal TheHole value can leak to script code, causing memory corruption. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →