Lucene search

K
cvelistChromeCVELIST:CVE-2023-5187
HistorySep 28, 2023 - 3:23 p.m.

CVE-2023-5187

2023-09-2815:23:18
Chrome
www.cve.org
2
cve-2023-5187
extensions
google chrome
heap corruption
crafted html page
chromium
security vulnerability
high severity

EPSS

0.001

Percentile

31.6%

Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Chrome",
    "versions": [
      {
        "version": "117.0.5938.132",
        "status": "affected",
        "lessThan": "117.0.5938.132",
        "versionType": "custom"
      }
    ]
  }
]