Lucene search
Copyright (C) 2023 Greenbone AGOPENVAS:13614125623111120235420HistoryJun 08, 2023 - 12:00 a.m.
Debian: Security Advisory (DSA-5420-1)
2023-06-0800:00:00
Copyright (C) 2023 Greenbone AG
plugins.openvas.org
2
The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.1.1.2023.5420");
script_cve_id("CVE-2023-3079");
script_tag(name:"creation_date", value:"2023-06-08 04:21:24 +0000 (Thu, 08 Jun 2023)");
script_version("2024-02-02T05:06:10+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:10 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-06-12 16:47:28 +0000 (Mon, 12 Jun 2023)");
script_name("Debian: Security Advisory (DSA-5420-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB(11|12)");
script_xref(name:"Advisory-ID", value:"DSA-5420-1");
script_xref(name:"URL", value:"https://www.debian.org/security/2023/DSA-5420-1");
script_xref(name:"URL", value:"https://security-tracker.debian.org/tracker/DSA-5420");
script_xref(name:"URL", value:"https://security-tracker.debian.org/tracker/chromium");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'chromium' package(s) announced via the DSA-5420-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
For the stable distribution (bullseye), this problem has been fixed in version 114.0.5735.106-1~deb11u1.
For the upcoming stable distribution (bookworm), these problems have been fixed in version 114.0.5735.106-1~deb12u1
We recommend that you upgrade your chromium packages.
For the detailed security status of chromium please refer to its security tracker page at: [link moved to references]");
script_tag(name:"affected", value:"'chromium' package(s) on Debian 11, Debian 12.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB11") {
if(!isnull(res = isdpkgvuln(pkg:"chromium", ver:"114.0.5735.106-1~deb11u1", rls:"DEB11"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"chromium-common", ver:"114.0.5735.106-1~deb11u1", rls:"DEB11"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"chromium-driver", ver:"114.0.5735.106-1~deb11u1", rls:"DEB11"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"chromium-l10n", ver:"114.0.5735.106-1~deb11u1", rls:"DEB11"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"chromium-sandbox", ver:"114.0.5735.106-1~deb11u1", rls:"DEB11"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"chromium-shell", ver:"114.0.5735.106-1~deb11u1", rls:"DEB11"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "DEB12") {
if(!isnull(res = isdpkgvuln(pkg:"chromium", ver:"114.0.5735.106-1~deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"chromium-common", ver:"114.0.5735.106-1~deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"chromium-driver", ver:"114.0.5735.106-1~deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"chromium-l10n", ver:"114.0.5735.106-1~deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"chromium-sandbox", ver:"114.0.5735.106-1~deb12u1", rls:"DEB12"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"chromium-shell", ver:"114.0.5735.106-1~deb12u1", rls:"DEB12"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
kaspersky
kaspersky
KLA49376 DoS vulnerability in Google Chrome
2023-06-05 00:00:00
KLA49380 DoS vulnerability in Microsoft Browser
2023-06-06 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2023-06-05 00:00:00
mscve
mscve
Chromium: CVE-2023-3079 Type Confusion in V8
2023-06-06 22:35:45
nessus
nessus
Debian DSA-5420-1 : chromium - security update
2023-06-08 00:00:00
Google Chrome < 114.0.5735.106 Vulnerability
2023-06-05 00:00:00
Microsoft Edge (Chromium) < 109.0.1518.115 (CVE-2023-3079)
2024-05-08 00:00:00
hivepro
hivepro
Google Addresses High-Stakes Chrome Zero-Day Vulnerability
2023-06-07 12:17:52
osv
osv
chromium - security update
2023-06-07 00:00:00
openvas
openvas
Google Chrome Security Update (stable-channel-update-for-desktop-2023-06) - Windows
2023-06-08 00:00:00
Microsoft Edge (Chromium-Based) Type Confusion Vulnerability (Jun 2023)
2023-06-14 00:00:00
openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0123-1)
2024-03-04 00:00:00
githubexploit
githubexploit
Exploit for Type Confusion in Google Chrome
2023-08-15 04:16:46
cnvd
cnvd
Google Chrome Type Mixing Vulnerability
2023-06-07 00:00:00
attackerkb
attackerkb
CVE-2023-3079
2023-06-05 00:00:00
alpinelinux
alpinelinux
CVE-2023-3079
2023-06-05 22:15:12
cvelist
cvelist
CVE-2023-3079
2023-06-05 21:40:06
cve
cve
CVE-2023-3079
2023-06-05 22:15:12
prion
prion
Type confusion
2023-06-05 22:15:00
malwarebytes
malwarebytes
Update Chrome now! Google patches actively exploited zero-day
2023-06-08 01:00:00
debiancve
debiancve
CVE-2023-3079
2023-06-05 22:15:12
veracode
veracode
Denial Of Service (DoS)
2023-06-07 06:47:21
freebsd
freebsd
chromium -- multiple vulnerabilities
2023-06-05 00:00:00
electron24 -- multiple vulnerabilities
2023-06-14 00:00:00
electron22 -- multiple vulnerabilities
2023-06-14 00:00:00
cisa_kev
cisa_kev
Google Chromium V8 Type Confusion Vulnerability
2023-06-07 00:00:00
ubuntucve
ubuntucve
CVE-2023-3079
2023-06-05 00:00:00
debian
debian
[SECURITY] [DSA 5420-1] chromium security update
2023-06-07 17:27:16
fedora
fedora
[SECURITY] Fedora 38 Update: chromium-114.0.5735.106-1.fc38
2023-06-11 02:03:59
[SECURITY] Fedora 37 Update: chromium-114.0.5735.106-1.fc37
2023-06-17 02:09:07
talosblog
talosblog
qualysblog
qualysblog
Part 1: An In-Depth Look at the Latest Vulnerability Threat Landscape
2023-07-11 14:01:53
thn
thn
securelist
securelist
IT threat evolution in Q2 2023. Non-mobile statistics
2023-08-30 10:00:41
avleonov
avleonov
rapid7blog
rapid7blog
Patch Tuesday - June 2023
2023-06-13 20:49:27
gentoo
gentoo
QtWebEngine: Multiple Vulnerabilities
2023-11-25 00:00:00
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
2024-01-31 00:00:00
9 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.7%
Related for OPENVAS:13614125623111120235420