E20-13de1
CVSS:
6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
False Positive:
f
Variants:
2
Year:
2020
Description
A type confusion vulnerability exists in V8 JavaScript engine in Google Chrome prior to 80.0.3987.122. The vulnerability may be triggered by changing array elements types (e.g. from SmallInteger to Double) after optimization takes place.
By successfully exploiting this flaw, an attacker can execute arbitrary code in the context or the Chrome's 'renderer' process.