NVD disclosure day
CVE-2021-21224
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
A type confusion vulnerability in Google Chrome's V8 engine allows remote attackers to execute arbitrary code. This impacts organizations by potentially compromising systems and data when employees visit malicious web pages. This vulnerability carries significant business risk due to its potential for widespread impact
CVE-2021-21220
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in the V8 engine of Google Chrome allows attackers to exploit heap corruption via a crafted HTML page. This could impact organizations by enabling unauthorized code execution and data compromise. The realistic business risk involves potential system disruption and data loss.
CVE-2021-21206
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in the Google Chrome Blink rendering engine could allow attackers to corrupt heap data through a crafted HTML page. This could impact affected organizations by potentially compromising systems and data. The risk involves unauthorized access and operational disruption.