Lucene search

PRIOn knowledge basePRION:CVE-2023-2724

HistoryMay 16, 2023 - 7:15 p.m.

Type confusion

2023-05-1619:15:00

PRIOn knowledge base

www.prio-n.com

v8 engine

google chrome

type confusion

heap corruption

html page

remote attacker

vulnerability

nvd

high severity

8.4 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%

JSON

Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CPENameOperatorVersion
debian_linuxeq11.0
fedoraeq37
fedoraeq38
chromelt113.0.5672.126

Name	Operator	Version
debian_linux	eq	11.0
fedora	eq	37
fedora	eq	38
chrome	lt	113.0.5672.126

References

packetstormsecurity.com/files/173131/Chrome-Internal-JavaScript-Object-Access-Via-Origin-Trials.html

chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_16.html

crbug.com/1433211

lists.fedoraproject.org/archives/list/[email protected]/message/73XUIHJ6UT75VFPDPLJOXJON7MVIKVZI/

lists.fedoraproject.org/archives/list/[email protected]/message/FXFL4TDAH72PRCPD5UPZMJMKIMVOPLTI/

security.gentoo.org/glsa/202309-17

security.gentoo.org/glsa/202311-11

www.debian.org/security/2023/dsa-5404