Google · Google Chrome · CVE-2023-0138
**Name of the Vulnerable Software and Affected Versions**
Google Chrome versions prior to 109.0.5414.74
**Description**
The issue is related to a heap buffer overflow in the libphonenumber library of Google Chrome, which can be exploited by a remote attacker using a specially crafted HTML page. This could potentially allow the attacker to access confidential data, compromise data integrity, and cause a denial of service.
**Recommendations**
For versions prior to 109.0.5414.74, update to version 109.0.5414.74 or later to resolve the issue.
As a temporary workaround, consider restricting access to potentially malicious HTML pages until the update is applied.