Lucene search

[email protected]NVD:CVE-2023-4763

HistorySep 05, 2023 - 10:15 p.m.

CVE-2023-4763

2023-09-0522:15:09

CWE-416

[email protected]

web.nvd.nist.gov

google chrome

networks

heap corruption

remote attacker

html page

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

65.0%

JSON

Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Affected configurations

NVD

Node

googlechromeRange<116.0.5845.179

Node

debiandebian_linuxMatch11.0

debiandebian_linuxMatch12.0

References

chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html

crbug.com/1469928

lists.fedoraproject.org/archives/list/[email protected]/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/

lists.fedoraproject.org/archives/list/[email protected]/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/

lists.fedoraproject.org/archives/list/[email protected]/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/

security.gentoo.org/glsa/202311-11

security.gentoo.org/glsa/202312-07

security.gentoo.org/glsa/202401-34

www.debian.org/security/2023/dsa-5491

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

65.0%

JSON

Related for NVD:CVE-2023-4763

osv2 mscve1 cvelist1 debiancve1 ubuntucve1 cve1 prion1 veracode1 nessus13 chrome1 debian1 openvas9 freebsd2 kaspersky2 fedora3 mageia1 photon2 gentoo3 rapid7blog1