Lucene search
PRIOn knowledge basePRION:CVE-2023-5186HistorySep 28, 2023 - 4:15 p.m.
Design/Logic Flaw
2023-09-2816:15:00
PRIOn knowledge base
www.prio-n.com
7
google chrome
design flaw
remote attacker
heap corruption
crafted interaction
ui interaction
0.002 Low
EPSS
Percentile
54.5%
Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: High)
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 11.0 | |
| debian_linux | eq | 12.0 | |
| fedora | eq | 37 | |
| fedora | eq | 38 | |
| fedora | eq | 39 | |
| chrome | lt | 117.0.5938.132 |
References
chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html
crbug.com/1478889
lists.fedoraproject.org/archives/list/[email protected]/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/
lists.fedoraproject.org/archives/list/[email protected]/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/
lists.fedoraproject.org/archives/list/[email protected]/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/
security.gentoo.org/glsa/202401-34
www.debian.org/security/2023/dsa-5508
Related
osv
osv
CVE-2023-5186
2023-09-28 16:15:10
chromium - security update
2023-09-29 00:00:00
cvelist
cvelist
CVE-2023-5186
2023-09-28 15:23:18
ubuntucve
ubuntucve
CVE-2023-5186
2023-09-28 00:00:00
debiancve
debiancve
CVE-2023-5186
2023-09-28 16:15:10
nvd
nvd
CVE-2023-5186
2023-09-28 16:15:10
mscve
mscve
Chromium: CVE-2023-5186 Use after free in Passwords
2023-09-29 16:25:22
cve
cve
CVE-2023-5186
2023-09-28 16:15:10
veracode
veracode
Use After Free
2023-10-08 08:09:39
chrome
chrome
Stable Channel Update for Desktop
2023-09-27 00:00:00
nessus
nessus
Google Chrome < 117.0.5938.132 Multiple Vulnerabilities
2023-09-27 00:00:00
Google Chrome < 117.0.5938.132 Multiple Vulnerabilities
2023-09-27 00:00:00
Debian DSA-5508-1 : chromium - security update
2023-09-30 00:00:00
hivepro
hivepro
Google and Firefox fixes Zero-Day Flaw Exploited in the Wild
2023-10-02 06:29:28
openvas
openvas
Debian: Security Advisory (DSA-5508-1)
2023-10-02 00:00:00
Google Chrome Security Update (stable-channel-update-for-desktop_27-2023-09) - Mac OS X
2023-10-04 00:00:00
openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0277-1)
2024-03-04 00:00:00
debian
debian
[SECURITY] [DSA 5508-1] chromium security update
2023-09-29 17:54:25
kaspersky
kaspersky
KLA61313 Multiple vulnerabilities in Opera
2023-10-03 00:00:00
KLA60816 Multiple vulnerabilities in Google Chrome
2023-09-27 00:00:00
KLA61043 Multiple vulnerabilities in Microsoft Browser
2023-09-29 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2023-09-27 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: chromium-117.0.5938.132-1.fc37
2023-10-02 00:40:35
[SECURITY] Fedora 38 Update: chromium-117.0.5938.132-2.fc38
2023-10-02 01:24:41
[SECURITY] Fedora 39 Update: chromium-117.0.5938.132-2.fc39
2023-10-02 00:16:32
mageia
mageia
Updated chromium-browser-stable package fixes bugs and vulnerabilities
2023-10-03 13:53:29
photon
photon
Critical Photon OS Security Update - PHSA-2023-5.0-0160
2023-12-01 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0459
2023-08-28 00:00:00
gentoo
gentoo
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
2024-01-31 00:00:00