Lucene search

K

Veracode Vulnerability DatabaseVERACODE:40340

HistoryApr 29, 2023 - 10:09 a.m.

Denial Of Services (DoS)

2023-04-2910:09:00

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

11

google chrome

dos

vulnerability

service worker api

heap corruption

0.002 Low

EPSS

Percentile

64.4%

Google Chrome is vulnerable to Denial Of Services (DoS). The vulnerability exists due to the out of bounds memory access in Service Worker API, which allows an attacker to potentially exploit heap corruption via a crafted HTML page.

CPENameOperatorVersion
chromium:sideq83.0.4103.116-3.1
chromium:sideq88.0.4324.182-1
chromium:bullseyeeq83.0.4103.116-3.1
chromium:sideq83.0.4103.116-3.1
chromium:sideq88.0.4324.182-1
chromium:bullseyeeq83.0.4103.116-3.1

References

chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html

crbug.com/1429201

lists.fedoraproject.org/archives/list/[email protected]/message/4AOSGAOPXLBK4A5ZRTVZ4M6QKVLSWMWG/

lists.fedoraproject.org/archives/list/[email protected]/message/ES2CDRHR2Y4WY6DNDIAPYZFXJU3ZBFAV/

lists.fedoraproject.org/archives/list/[email protected]/message/FEJZMAUB4XP44HSHEBDWEKFGA7DUHY42/

lists.fedoraproject.org/archives/list/[email protected]/message/IHHD6KNH4WLUE6JG6HRQZWNAJMHJ32X7/

lists.fedoraproject.org/archives/list/[email protected]/message/RJQI63HWZFL6M26Q6UOHKDY6LD2PFC5Z/

lists.fedoraproject.org/archives/list/[email protected]/message/SLO7BL2MHZYPY6O3OAEAQL3SKYMGGO6M/

security-tracker.debian.org/tracker/CVE-2023-2134

security.gentoo.org/glsa/202309-17

www.debian.org/security/2023/dsa-5393

0.002 Low

EPSS

Percentile

64.4%

Related for VERACODE:40340

cnvd1 mscve1 osv2 cvelist1 debiancve1 nvd1 cve1 prion1 ubuntucve1 nessus14 kaspersky3 openvas12 freebsd1 chrome1 debian1 fedora6 gentoo1