Lucene search

K

GoogleOSV:CVE-2023-4762

HistorySep 05, 2023 - 10:15 p.m.

CVE-2023-4762

2023-09-0522:15:09

Google

osv.dev

10

type confusion

v8

google chrome

cve-2023-4762

remote attacker

arbitrary code

crafted html page

chromium

high severity

software

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.7

Confidence

Low

EPSS

0.826

Percentile

98.5%

Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

References

chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html

crbug.com/1473247

lists.fedoraproject.org/archives/list/[email protected]/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/

lists.fedoraproject.org/archives/list/[email protected]/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/

lists.fedoraproject.org/archives/list/[email protected]/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/

msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4762

security.gentoo.org/glsa/202311-11

security.gentoo.org/glsa/202312-07

security.gentoo.org/glsa/202401-34

www.debian.org/security/2023/dsa-5491

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.7

Confidence

Low

EPSS

0.826

Percentile

98.5%

Related for OSV:CVE-2023-4762