CVE-2023-5482

2023-11-0118:15:09

Alpine Linux Development Team

security.alpinelinux.org

chrome

usb

out of bounds memory

remote attacker

html page

security vulnerability

google chrome prior to version 119.0.6045.105

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

51.3%

JSON

Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

OSVersionArchitecturePackageVersionFilename
Alpineedge-communitynoarchqt5-qtwebengine< 5.15.15-r5UNKNOWN
Alpineedge-communitynoarchqt6-qtwebengine< 6.6.0-r2UNKNOWN
Alpine3.19-communitynoarchqt5-qtwebengine< 5.15.15-r5UNKNOWN
Alpine3.19-communitynoarchqt6-qtwebengine< 6.6.0-r2UNKNOWN
Alpine3.20-communitynoarchqt5-qtwebengine< 5.15.15-r5UNKNOWN
Alpine3.20-communitynoarchqt6-qtwebengine< 6.6.0-r2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-community	noarch	qt5-qtwebengine	< 5.15.15-r5	UNKNOWN
Alpine	edge-community	noarch	qt6-qtwebengine	< 6.6.0-r2	UNKNOWN
Alpine	3.19-community	noarch	qt5-qtwebengine	< 5.15.15-r5	UNKNOWN
Alpine	3.19-community	noarch	qt6-qtwebengine	< 6.6.0-r2	UNKNOWN
Alpine	3.20-community	noarch	qt5-qtwebengine	< 5.15.15-r5	UNKNOWN
Alpine	3.20-community	noarch	qt6-qtwebengine	< 6.6.0-r2	UNKNOWN