Lucene search

K

ChromeCVELIST:CVE-2023-6112

HistoryNov 15, 2023 - 5:19 p.m.

CVE-2023-6112

2023-11-1517:19:43

Chrome

www.cve.org

8

google chrome

use after free

navigation

remote attacker

heap corruption

html page

cve-2023-6112

chromium

high severity

EPSS

0.002

Percentile

54.7%

Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Chrome",
    "versions": [
      {
        "version": "119.0.6045.159",
        "status": "affected",
        "lessThan": "119.0.6045.159",
        "versionType": "custom"
      }
    ]
  }
]

References

packetstormsecurity.com/files/176721/Chrome-content-NavigationURLLoaderImpl-FallbackToNonInterceptedRequest-Heap-Use-After-Free.html

chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_14.html

crbug.com/1499298

lists.fedoraproject.org/archives/list/[email protected]/message/JHUI5HW7QXT3U74MJMTLUMF5REDO5HD5/

lists.fedoraproject.org/archives/list/[email protected]/message/MN3JQGEC4EFQP3WTI33YBD3CLC3I7P4X/

lists.fedoraproject.org/archives/list/[email protected]/message/XWHRLW3GDNFBFSBHDD4QOPUPX7ORTUEC/

security.gentoo.org/glsa/202311-11

security.gentoo.org/glsa/202312-07

security.gentoo.org/glsa/202401-34

www.debian.org/security/2023/dsa-5556

EPSS

0.002

Percentile

54.7%

Related for CVELIST:CVE-2023-6112

prion1 osv4 mscve1 cve1 ubuntucve1 veracode1 alpinelinux1 debiancve1 nvd1 openvas11 nessus15 kaspersky2 fedora3 chrome1 freebsd1 debian1 redos1 mageia1 gentoo4