Lucene search

[email protected]CVE-2023-1529

HistoryMar 21, 2023 - 9:15 p.m.

CVE-2023-1529

2023-03-2121:15:12

CWE-787

[email protected]

web.nvd.nist.gov

166

cve-2023-1529

google chrome

webhid

nvd

security

heap corruption

remote attacker

exploit

memory access

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.2

Confidence

High

EPSS

0.007

Percentile

80.0%

JSON

Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)

Affected configurations

NVD

Node

googlechromeRange<111.0.5563.110

Node

fedoraprojectfedoraMatch36

fedoraprojectfedoraMatch37

fedoraprojectfedoraMatch38

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Chrome",
    "versions": [
      {
        "version": "111.0.5563.110",
        "status": "affected",
        "lessThan": "111.0.5563.110",
        "versionType": "custom"
      }
    ]
  }
]