Design/Logic Flaw

Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-2464

Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. Chromium security severity: Medium...

Design/Logic Flaw

Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. Chromium security severity: Low...

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 15 security fixes: 1423304 Medium CVE-2023-2459: Inappropriate implementation in Prompts. Reported by Rong Jian of VRI on 2023-03-10 1419732 Medium CVE-2023-2460: Insufficient validation of untrusted input in Extensions. Reported by Martin Bajanik,...

CVE-2023-2468

CVE-2023-2468 matches multiple sources reporting an insecure implementation in Chrome’s PictureInPicture feature. The vulnerability arises from an inappropriate implementation in PictureInPicture, which allowed a remote attacker who had compromised the renderer process to obfuscate the security U...

CVE-2023-2468

Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. Chromium security severity: Low...

CVE-2023-2468

Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. Chromium security severity: Low...

CVE-2023-2468

Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. Chromium security severity: Low...

CVE-2023-2464

Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-2464

CVE-2023-2464 affects Google Chrome (Chromium-based) via an inappropriate implementation in PictureInPicture. A crafted HTML page and a malicious extension can lead to an origin spoof in the Chrome security UI. The vulnerability is tied to Chrome/Chromium builds prior to 113.0.5672.63 (the fixed ...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome PictureInPicture, which can be exploited by attackers to bypass security restrictions...

Google Chrome < 113.0.5672.63 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 113.0.5672.63. It is, therefore, affected by multiple vulnerabilities as referenced in the 202305stable-channel-update-for-desktop advisory. - Use after free in OS Inputs in Google Chrome on ChromeOS prior to...