China National Vulnerability DatabaseCNVD-2023-71680

HistorySep 15, 2023 - 12:00 a.m.

Google Chrome Buffer Overflow Vulnerability (CNVD-2023-71680)

2023-09-1500:00:00

China National Vulnerability Database

www.cnvd.org.cn

google chrome

buffer overflow

vulnerability

untrusted input

arbitrary code

application crash

cnvd-2023-71680

0.609 Medium

EPSS

Percentile

97.8%

JSON

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a buffer overflow vulnerability that originates from a boundary error when the application handles untrusted input, which can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash.

CPENameOperatorVersion
google chrome <116.eq0.5845.187

CPE	Name	Operator	Version
	google chrome <116.	eq	0.5845.187

nessus

Mozilla Thunderbird < 115.2.2

2023-09-13 00:00:00

CentOS 9 : libwebp-1.2.0-8.el9

2024-02-29 00:00:00

Microsoft Edge (Chromium) < 109.0.1518.140 Heap Buffer Overflow Vulnerability

2024-05-08 00:00:00

osv

Important: libwebp security update

2023-09-26 13:26:19

Important: thunderbird security update

2023-09-18 00:00:00

thunderbird - security update

2023-09-17 00:00:00

debian

[SECURITY] [DLA 3569-1] thunderbird security update

2023-09-17 09:42:33

[SECURITY] [DSA 5497-1] libwebp security update

2023-09-13 21:07:56

[SECURITY] [DLA 3570-1] libwebp security update

2023-09-18 12:07:01

openvas

Huawei EulerOS: Security Advisory for libwebp (EulerOS-SA-2024-1429)

2024-03-21 00:00:00

openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0246-1)

2024-03-04 00:00:00

Fedora: Security Advisory for libwebp (FEDORA-2023-3388038193)

2023-09-17 00:00:00

alpinelinux

CVE-2023-4863

2023-09-12 15:15:24

hivepro

Google Addresses Fourth Zero-Day Flaw Exploited by Attackers Wildly

2023-09-12 13:05:09

github

libwebp: OOB write in BuildHuffmanTable

2023-09-12 15:30:20

Vulnerable version of libwebp and can be exploited with a malicious source image

2023-10-06 20:46:33

Imageflow affected by libwebp zero-day and should not be used with malicious source images.

2023-09-27 21:16:16

debiancve

CVE-2023-4863

2023-09-12 15:15:24

almalinux

Important: thunderbird security update

2023-09-19 00:00:00

Important: firefox security update

2023-09-18 00:00:00

Important: libwebp security update

2023-09-20 00:00:00

cloudfoundry

USN-6369-1: libwebp vulnerability | Cloud Foundry

2023-10-12 00:00:00

| Cloud Foundry

2023-10-05 00:00:00

ibm

Security Bulletin: IBM App Connect Enterprise is vulnerable to a heap-based buffer overflow due to electron

2023-10-20 09:35:15

Security Bulletin: IBM Cognos Analytics Cartridge for IBM Cloud Pak for Data 4.8.0 has addressed a security vulnerability (CVE-2023-4863)

2023-11-29 22:25:21

amazon

Important: qt5-qtimageformats

2023-11-09 19:19:00

Important: thunderbird

2023-10-12 15:08:00

Important: libwebp12

2023-10-12 15:08:00

wolfi

CVE-2023-4863 vulnerabilities

2024-06-29 09:08:33

prion

Heap overflow

2023-09-12 15:15:00

paloalto

Impact of libwebp Vulnerability CVE-2023-4863

2023-10-02 23:40:00

kaspersky

KLA61312 DoS vulnerability in Opera

2023-09-13 00:00:00

KLA60569 DoS vulnerablity in Microsoft Browser

2023-09-12 00:00:00

KLA60003 DoS vulnerability in Google Chrome

2023-09-11 00:00:00

mageia

Updated libwebp packages fix a security vulnerability

2023-10-03 13:53:29

cgr

CVE-2023-4863 vulnerabilities

2024-05-19 03:07:16

oraclelinux

thunderbird security update

2023-09-19 00:00:00

firefox security update

2023-09-19 00:00:00

libwebp security update

2023-09-20 00:00:00

githubexploit

Exploit for Out-of-bounds Write in Google Chrome

2023-09-21 05:22:51

Exploit for Out-of-bounds Write in Google Chrome

2023-11-11 06:51:03

Exploit for Out-of-bounds Write in Google Chrome

2023-09-25 10:33:09

Certain HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Buffer Overflow

2024-02-20 00:00:00

cvelist

CVE-2023-4863

2023-09-12 14:24:59

nvd

CVE-2023-4863

2023-09-12 15:15:24

cve

CVE-2023-4863

2023-09-12 15:15:24

slackware

[slackware-security] mozilla-thunderbird

2023-09-14 02:32:34

[slackware-security] seamonkey

2023-09-21 19:43:16

[slackware-security] libwebp

2023-09-14 21:21:47

fedora

[SECURITY] Fedora 39 Update: libwebp-1.3.1-3.fc39

2023-09-15 19:54:26

[SECURITY] Fedora 37 Update: libwebp-1.3.1-3.fc37

2023-09-16 01:41:44

[SECURITY] Fedora 39 Update: firefox-117.0.1-2.fc39

2023-09-17 00:15:26

attackerkb

CVE-2023-4863

2023-09-12 00:00:00

freebsd

graphics/webp heap buffer overflow

2023-09-12 00:00:00

libwebp heap buffer overflow

2023-09-12 00:00:00

chrome

Stable Channel Update for Desktop

2023-09-11 00:00:00

thn

Mozilla Rushes to Patch WebP Critical Zero-Day Exploit in Firefox and Thunderbird

2023-09-13 01:50:00

ubuntu

Firefox vulnerability

2023-09-14 00:00:00

libwebp vulnerability

2023-09-28 00:00:00

veracode

Heap Buffer Overflow

2023-09-15 13:45:13

Heap Buffer Overflow

2023-09-19 21:25:54

rocky

firefox security update

2023-09-19 12:09:00

ubuntucve

CVE-2023-4863

2023-09-12 00:00:00

mscve

Chromium: CVE-2023-4863 Heap buffer overflow in WebP

2023-09-12 07:00:47

redhatcve

CVE-2023-4863

2023-09-14 14:24:56

gitlab

CefSharp affected by heap buffer overflow in WebP

2023-09-21 00:00:00

redhat

(RHSA-2023:5222) Important: libwebp security update

2023-09-19 07:11:07

ics

Siemens Mendix Studio Pro

2023-11-16 12:00:00

Google Chrome Buffer Overflow Vulnerability (CNVD-2023-71680)

Related