VDB
CVE-2023-0471
CVE-2023-0471
PUBLISHED
Es existieren mehrere Schwachstellen in Google Chrome und Microsoft Edge. Dabei handelt es sich unter anderem um mehrere Use after Free und ein Type Confusion Problem. Ein entfernter anonymer Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
EPSS 0.29% · 52.8th percentile
Risk Scores
EPSS Score
0.29%
52.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Edge Extended Stable Channel < 108.0.1462.95 | |
| Microsoft | Microsoft Edge | |
| Google Chrome 109.0.5414.119 | ||
| Debian | Debian Linux | |
| Ubuntu | Ubuntu Linux | |
| Microsoft | Microsoft Edge < 109.0.1518.70 | |
| Google Chrome < LTC-108.0.5359.219 |
Timeline
- Jan 24, 2023 CVE Published
- Jan 25, 2023 EPSS Score
- Mar 6, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 26, 2023 EPSS Score
- Jul 6, 2023 EPSS Score
- Aug 15, 2023 EPSS Score
- Sep 24, 2023 EPSS Score
- Nov 4, 2023 EPSS Score
- Dec 14, 2023 EPSS Score
- Mar 4, 2024 EPSS Score
- Apr 13, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0195.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0195 advisory
- https://ubuntu.com/security/notices/USN-5881-1 advisory
- https://chromereleases.googleblog.com/2023/01/long-term-support-channel-update-for_31.html advisory
- https://lists.debian.org/debian-security-announce/2023/msg00017.html advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security advisory
- http://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html advisory