---
licence_title: Creative Commons Attribution 4.0 International (CC-BY 4.0)
licence_link: https://creativecommons.org/licenses/by/4.0/
licence_restrictions: https://cert.europa.eu/legal-notice
licence_author: CERT-EU, The Cybersecurity Service for the European Union institutions, bodies, offices and agencies
title: 'Vulnerabilities in Chrome and Chromium based Browsers'
number: '2024-062'
version: '1.0'
original_date: 'June 21, 2024'
date: 'June 21, 2024'
---

_History:_

* 21/06/2024 --- v1.0 -- Initial publication_

# Summary

Google has released a critical security update for its Chrome Browser, addressing six high-severity vulnerabilities that could lead to serious security issues. Chromium-based browsers are also impacted. 

# Technical Details

The vulnerabilities patched in this update include:

- **CVE-2024-6100**: Type confusion in V8
- **CVE-2024-6101**: Inappropriate implementation in WebAssembly
- **CVE-2024-6102**: Out-of-bounds memory access in Dawn
- **CVE-2024-6103**: Use-after-free in Dawn

# Affected Products

- Google Chrome versions prior to 126.0.6478.114/115 for Windows and Mac
- Google Chrome versions prior to 126.0.6478.114 for Linux
- Chromium-based browsers

# Recommendations

Users are strongly advised to update their Chromium-based browsers to the latest version available. 

# References

[1]<https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html>

[2]<https://cybersecuritynews.com/google-chrome-security-patch-2/>