The vulnerability of Google Chrome’s Compositing component allows attackers to replace the user interface.

🗓️ 30 Sep 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

A Chrome compositing vulnerability allows an attacker to replace the user interface with a crafted web page.

Reporter	Title	Published	Views	Family All 54
AstraLinux	Astra Linux - уязвимость в chromium	20 May 202605:53	–	astralinux
BDU FSTEC	The vulnerability in the web interface of the Cisco IOS XE operating system allows a hacker to execute arbitrary commands.	4 Oct 202300:00	–	bdu_fstec
Circl	CVE-2023-20231	27 Sep 202322:36	–	circl
Circl	CVE-2023-7281	24 Sep 202400:41	–	circl
Cisco	Cisco IOS XE Software Web UI Command Injection Vulnerability	27 Sep 202316:00	–	cisco
Tenable Nessus	Cisco IOS XE Software Web UI Command Injection (cisco-sa-webui-cmdij-FzZAeXAy)	18 Oct 202300:00	–	nessus
Tenable Nessus	Fedora 40 : chromium (2024-aaff7345b8)	27 Sep 202400:00	–	nessus
Tenable Nessus	Fedora 39 : chromium (2024-e60359f212)	27 Sep 202400:00	–	nessus
CNNVD	Cisco IOS XE Software Input Validation Error Vulnerability	27 Sep 202300:00	–	cnnvd
CNNVD	Google Chrome 安全漏洞	23 Sep 202400:00	–	cnnvd

Vulners

Node

google google_chromeRange<119.0.6045.105

Source	Link
issues	www.issues.chromium.org/issues/40055233
security-tracker	www.security-tracker.debian.org/tracker/CVE-2023-7281
vuldb	www.vuldb.com/
feedly	www.feedly.com/cve/CVE-2023-20231
web	www.web.nvd.nist.gov/view/vuln/detail

30 Sep 2024 00:00Current

6.6Medium risk

Vulners AI Score6.6

CVSS 34.3

CVSS 25

EPSS0.00636

compositing vulnerability user interface replacement crafted web page google chrome