Lucene search
GoogleOSV:CVE-2023-7012HistoryJul 16, 2024 - 11:15 p.m.
CVE-2023-7012
2024-07-1623:15:11
Google
osv.dev
google chrome
permission prompts
data validation
malicious app
sandbox escape
malicious file
chromium
security severity
medium
cve-2023-7012
software
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.2
Confidence
Low
Insufficient data validation in Permission Prompts in Google Chrome prior to 117.0.5938.62 allowed an attacker who convinced a user to install a malicious app to potentially perform a sandbox escape via a malicious file. (Chromium security severity: Medium)
Related
debiancve
debiancve
CVE-2023-7012
2024-07-16 23:15:11
nvd
nvd
CVE-2023-7012
2024-07-16 23:15:11
cve
cve
CVE-2023-7012
2024-07-16 23:15:11
vulnrichment
vulnrichment
CVE-2023-7012
2024-07-16 22:30:27
cvelist
cvelist
CVE-2023-7012
2024-07-16 22:30:27
redos
redos
ROS-20240816-07
2024-08-16 00:00:00
kaspersky
kaspersky
KLA60560 Multiple vulnerabilities in Google Chrome
2023-09-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5499-1)
2023-09-19 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2023-09-12 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.2
Confidence
Low
Related for OSV:CVE-2023-7012