PT-2023-3017 · Google +3 · Google Chrome +3
Clément Lecigne
·
Published
2023-06-05
·
Updated
2025-05-14
·
CVE-2023-3079
10
High
| Base vector | Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Google Chrome versions prior to 114.0.5735.110
Description:
The issue is related to a type confusion in V8, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could lead to arbitrary code execution. The Chromium security severity of this issue is High.
Recommendations:
For Google Chrome versions prior to 114.0.5735.110, update to version 114.0.5735.110 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable API endpoints or disabling the use of crafted HTML pages until the update is applied.
Exploit
Fix
Type Confusion
Weakness Enumeration
Related Identifiers
Affected Products
References · 403
- 🔥 https://github.com/mistymntncop/CVE-2023-4863⭐ 313 🔗 48 · Exploit
- 🔥 https://github.com/xcanwin/CVE-2023-4357-Chrome-XXE⭐ 214 🔗 34 · Exploit
- 🔥 https://github.com/mistymntncop/CVE-2023-3079⭐ 123 🔗 31 · Exploit
- 🔥 https://github.com/OgulcanUnveren/CVE-2023-4357-APT-Style-exploitation⭐ 43 🔗 21 · Exploit
- 🔥 https://github.com/LiveOverflow/webp-CVE-2023-4863⭐ 48 🔗 7 · Exploit
- 🔥 https://github.com/zckevin/CVE-2023-4762⭐ 26 🔗 6 · Exploit
- 🔥 https://github.com/buptsb/CVE-2023-4762⭐ 26 🔗 6 · Exploit
- 🔥 https://github.com/tianstcht/CVE-2023-4427⭐ 26 🔗 4 · Exploit
- 🔥 https://github.com/wrv/cve-2023-5217-poc⭐ 15 🔗 5 · Exploit
- 🔥 https://github.com/UT-Security/cve-2023-5217-poc⭐ 15 🔗 5 · Exploit
- 🔥 https://github.com/bbaranoff/CVE-2023-4863⭐ 6 🔗 1 · Exploit
- 🔥 https://github.com/sunu11/chrome-CVE-2023-4357⭐ 3 🔗 1 · Exploit
- 🔥 https://github.com/lon5948/CVE-2023-4357-Exploitation⭐ 3 · Exploit
- 🔥 https://crbug.com/1450481 · Exploit
- https://bdu.fstec.ru/vul/2023-02623 · Security Note