Lucene search
PRIOn knowledge basePRION:CVE-2023-5187HistorySep 28, 2023 - 4:15 p.m.
Design/Logic Flaw
2023-09-2816:15:00
PRIOn knowledge base
www.prio-n.com
8
google chrome
design flaw
use-after-free
extensions
heap corruption
crafted html page
security severity high
0.001 Low
EPSS
Percentile
31.8%
Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 11.0 | |
| debian_linux | eq | 12.0 | |
| fedora | eq | 37 | |
| fedora | eq | 38 | |
| fedora | eq | 39 | |
| chrome | lt | 117.0.5938.132 |
References
chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html
crbug.com/1475798
lists.fedoraproject.org/archives/list/[email protected]/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/
lists.fedoraproject.org/archives/list/[email protected]/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/
lists.fedoraproject.org/archives/list/[email protected]/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/
security.gentoo.org/glsa/202401-34
www.debian.org/security/2023/dsa-5508
Related
cve
cve
CVE-2023-5187
2023-09-28 16:15:10
cvelist
cvelist
CVE-2023-5187
2023-09-28 15:23:18
debiancve
debiancve
CVE-2023-5187
2023-09-28 16:15:10
mscve
mscve
Chromium: CVE-2023-5187 Use after free in Extensions
2023-09-29 16:25:43
nessus
nessus
osv
osv
CVE-2023-5187
2023-09-28 16:15:10
chromium - security update
2023-09-29 00:00:00
veracode
veracode
Use After Free
2023-10-08 08:09:40
ubuntucve
ubuntucve
CVE-2023-5187
2023-09-28 00:00:00
freebsd
freebsd
electron25 -- Use after free in extensions vulnerability
2023-10-11 00:00:00
chromium -- multiple vulnerabilities
2023-09-27 00:00:00
nvd
nvd
CVE-2023-5187
2023-09-28 16:15:10
debian
debian
[SECURITY] [DSA 5508-1] chromium security update
2023-09-29 17:54:25
kaspersky
kaspersky
KLA61313 Multiple vulnerabilities in Opera
2023-10-03 00:00:00
KLA60816 Multiple vulnerabilities in Google Chrome
2023-09-27 00:00:00
KLA61043 Multiple vulnerabilities in Microsoft Browser
2023-09-29 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2023-09-27 00:00:00
openvas
openvas
openSUSE: Security Advisory for opera (openSUSE-SU-2023:0297-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for opera (openSUSE-SU-2023:0298-1)
2024-03-04 00:00:00
hivepro
hivepro
Google and Firefox fixes Zero-Day Flaw Exploited in the Wild
2023-10-02 06:29:28
fedora
fedora
[SECURITY] Fedora 37 Update: chromium-117.0.5938.132-1.fc37
2023-10-02 00:40:35
[SECURITY] Fedora 38 Update: chromium-117.0.5938.132-2.fc38
2023-10-02 01:24:41
[SECURITY] Fedora 39 Update: chromium-117.0.5938.132-2.fc39
2023-10-02 00:16:32
mageia
mageia
Updated chromium-browser-stable package fixes bugs and vulnerabilities
2023-10-03 13:53:29
photon
photon
Critical Photon OS Security Update - PHSA-2023-5.0-0160
2023-12-01 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0459
2023-08-28 00:00:00
gentoo
gentoo
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
2024-01-31 00:00:00