VDB
CVE-2023-3216
CVE-2023-3216
PUBLISHED
Es existieren mehrere Schwachstellen in Google Chrome und Microsoft Edge, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Dabei handelt es sich um Use after free Probleme in "Autofill payments", "WebXR" und "WebRTC", sowie eine Type Confusion in V8. Ein Angreifer kann dies ausnutzen, um nicht spezifizierte Auswirkungen zu erlangen und möglicherweise beliebigen Code auszuführen. Ein erfolgreiches Ausnutzen erfordert eine Benutzerinteraktion.
EPSS 0.78% · 74.0th percentile
Risk Scores
EPSS Score
0.78%
74.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Edge < 114.0.1823.51 | |
| Microsoft | Microsoft Edge | |
| Fedora | Fedora Linux | |
| Debian | Debian Linux | |
| Gentoo | Gentoo Linux |
Exploit Intelligence
- https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop_13.html (circl)
- https://crbug.com/1450114 (circl)
- https://www.debian.org/security/2023/dsa-5428 (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O362DC3ZCFRXVHOXMPIL73YOWABQEUYD/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEH75UOM7FAXDUPC37YHP7ONL2HSDIJR/ (circl)
- https://security.gentoo.org/glsa/202311-11 (circl)
- https://security.gentoo.org/glsa/202401-34 (circl)
Timeline
- Jun 13, 2023 CVE Published
- Jun 14, 2023 EPSS Score
- Jul 20, 2023 EPSS Score
- Sep 29, 2023 EPSS Score
- Nov 3, 2023 EPSS Score
- Dec 9, 2023 EPSS Score
- Feb 18, 2024 EPSS Score
- Mar 24, 2024 EPSS Score
- Apr 29, 2024 EPSS Score
- Jul 9, 2024 EPSS Score
- Aug 14, 2024 EPSS Score
- Sep 18, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1452.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1452 advisory
- https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop_13.html advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#june-13-2023 advisory
- https://lists.debian.org/debian-security-announce/2023/msg00119.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-1b99669138 advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#june-15-2023 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-5f35718d4c advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-3947e434d2 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1fa35650e4 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-8f0f0d103a advisory
- https://security.gentoo.org/glsa/202311-11 advisory
- https://security.gentoo.org/glsa/202401-34 advisory