https://arzedlab.github.io/tags/cve-2020-6418/Recent content in CVE-2020-6418 on Arzedlab 🪵Hugoen-us© RavshanFri, 02 Feb 2024 13:13:13 +0500https://arzedlab.github.io/posts/cve-2020-6418-incorrect-optimization-52d04cb78c1e47608e7874b83db5dcce/Fri, 02 Feb 2024 13:13:13 +0500https://arzedlab.github.io/posts/cve-2020-6418-incorrect-optimization-52d04cb78c1e47608e7874b83db5dcce/<h1 id="cve-2020-6418--incorrect-optimization">CVE-2020-6418 | Incorrect Optimization</h1> <h2 id="research-done-by-ravshan-rikhsiev-2023"><strong>Research Done By Ravshan Rikhsiev (2023)</strong></h2> <table> <thead> <tr> <th><strong>Type Of Vulnerability</strong></th> <th>Type Confusion</th> </tr> </thead> <tbody> <tr> <td><strong>Security Severity</strong></td> <td><strong>High</strong></td> </tr> <tr> <td><strong>Effected Components</strong></td> <td><strong>Javascript, Turbofan, Optimizer</strong></td> </tr> <tr> <td><strong>Issue Source</strong></td> <td><a href="https://issues.chromium.org/issues/40051542">https://issues.chromium.org/issues/40051542</a></td> </tr> <tr> <td><strong>Writeup Source(s)</strong></td> <td>Later</td> </tr> <tr> <td><strong>Tested Version</strong></td> <td>V8 8.2.0</td> </tr> <tr> <td><strong>Vulnerable commit</strong></td> <td>bdaa7d66a37adcc1f1d81c9b0f834327a74ffe07</td> </tr> </tbody> </table> <p><strong>CVE-2020-6418</strong> is a security vulnerability that was identified in the V8 JavaScript engine, which is used in various web browsers including Google Chrome. This vulnerability was <em>reported by Clement Lecigne of Google&rsquo;s Threat Analysis Group on 2020-02-18</em> [1] and assigned CVE-2020-6418. It was classified as a type confusion bug in the V8 engine.</p>