Lucene search

[email protected]NVD:CVE-2023-1531

HistoryMar 21, 2023 - 9:15 p.m.

CVE-2023-1531

2023-03-2121:15:12

CWE-416

[email protected]

web.nvd.nist.gov

cve-2023-1531

angle

google chrome

heap corruption

remote attacker

html page

chromium

security severity

high

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.004 Low

EPSS

Percentile

73.7%

JSON

Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Affected configurations

NVD

Node

googlechromeRange<111.0.5563.110

Node

fedoraprojectfedoraMatch36

fedoraprojectfedoraMatch37

fedoraprojectfedoraMatch38

Node

chromiumchromiumMatch112.0.5592.0x64

References

chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop_21.html

crbug.com/1415330

lists.fedoraproject.org/archives/list/[email protected]/message/FG3CRADL7IL5IHK4NCHG4LAYLKHFXETX/

lists.fedoraproject.org/archives/list/[email protected]/message/HO3QZY4UQFP4XNF43ILMVVOABMB7KAQ5/

lists.fedoraproject.org/archives/list/[email protected]/message/NGWWGQULJ7QRNP4GY57HE7OO7VMRWMPN/

security.gentoo.org/glsa/202309-17

www.talosintelligence.com/vulnerability_reports/TALOS-2023-1724

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.004 Low

EPSS

Percentile

73.7%

JSON

Related for NVD:CVE-2023-1531

ubuntucve1 mscve1 talosblog1 talos1 prion1 veracode1 osv3 debiancve1 cnvd1 alpinelinux1 cvelist1 cve1 nessus15 debian1 freebsd1 openvas13 kaspersky3 fedora6 chrome1 ubuntu1 gentoo1