VDB
CNVD-2023-46119
CNVD-2023-46119
PUBLISHED
CVSS 8.800000190734863 HIGH
Google Chrome是美国谷歌(Google)公司的一款Web浏览器。 Google Chrome Mojo组件存在代码执行漏洞,该漏洞源于Mojo模块中存在越界内存访问问题。攻击者可利用此漏洞在系统上执行任意代码或导致应用程序崩溃。
Risk Scores
CVSS v3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | 114.0.5735.90 |
Timeline
- May 30, 2023 CVE Published
- May 31, 2023 CVE ID Reserved
- Jul 3, 2023 PoC Published
- May 3, 2026 Distribution Patch
References
- https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_30.html url
- https://crbug.com/1429720 url
- https://www.debian.org/security/2023/dsa-5418 url
- http://packetstormsecurity.com/files/173259/Chrome-Mojo-Message-Validation-Bypass.html url
- https://security.gentoo.org/glsa/202311-11 url
- https://security.gentoo.org/glsa/202401-34 url