CVE-2023-4762

CVSS v2.0

High

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 116.0.5845.179

Description The issue is related to a Type Confusion vulnerability in the V8 JavaScript engine of Google Chrome, allowing a remote attacker to execute arbitrary code via a crafted HTML page. This vulnerability has been exploited in the wild, with successful exploits resulting in remote code execution. The vulnerability is considered high severity by Chromium.

Recommendations For Google Chrome versions prior to 116.0.5845.179, update to version 116.0.5845.179 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable HTML pages until the update is applied. Avoid using crafted HTML pages that could trigger the vulnerability.

Exploit

Fix

Type Confusion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-843

Related Identifiers

ALSA-2025_16880

ALT-PU-2023-5701

ALT-PU-2023-5790

ALT-PU-2023-5979

ALT-PU-2023-6281

ALT-PU-2023-6350

ALT-PU-2023-6351

ALT-PU-2023-6567

ALT-PU-2024-14286

ALT-PU-2024-14830

BDU:2023-05240

CVE-2023-4762

DSA-5491-1

MGASA-2023-0283

OPENSUSE-SU-2023:0245-1

OPENSUSE-SU-2024:13204-1

OPENSUSE-SU-2024:13232-1

OPENSUSE-SU-2024:13462-1

Affected Products

Alt Linux

Astra Linux

Google Chrome

CVE-2023-4762

Weakness Enumeration

Related Identifiers

Affected Products

References · 80