CVE-2023-3422
CVE-2023-3422
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
26 jun 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Productos afectados
Google · ChromeReferencias
https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop_26.htmlhttps://crbug.com/1450397https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KREKCQTJDVI2AEBG5ECZPSOQXIC2L5XL/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBAHED5YFJPRGSEKNZIYHZBGSVHGEHOH/https://security.gentoo.org/glsa/202401-34https://www.debian.org/security/2023/dsa-5440