Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-1821
HistoryApr 04, 2023 - 12:00 a.m.

CVE-2023-1821

2023-04-0400:00:00
ubuntu.com
ubuntu.com
16
google chrome
webshare
vulnerability
cve-2023-1821
remote attackers
omnibox
crafted html page
chromium
severity: low

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS

0.002

Percentile

64.7%

Inappropriate implementation in WebShare in Google Chrome prior to
112.0.5615.49 allowed a remote attacker to potentially hide the contents of
the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity:
Low)

Notes

Author Note
alexmurray The Debian chromium source package is called chromium-browser in Ubuntu
mdeslaur starting with Ubuntu 19.10, the chromium-browser package is just a script that installs the Chromium snap
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchchromium-browser< 112.0.5615.49-0ubuntu0.18.04.1UNKNOWN

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS

0.002

Percentile

64.7%