VDB
CVE-2023-5346
CVE-2023-5346
PUBLISHED
Es besteht eine Schwachstelle in Google Chrome und Microsoft Edge. Dieser Fehler besteht in der V8-Komponente aufgrund eines Typverwechslungsproblems. Ein Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuführen, indem er eine speziell gestaltete Webseite erstellt und das Opfer zum Besuch dieser Seite verleitet. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 1.11% · 78.6th percentile
Risk Scores
EPSS Score
1.11%
78.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fedora | Fedora Linux | |
| Gentoo | Gentoo Linux | |
| Debian | Debian Linux |
Exploit Intelligence
- CIRCL seen: CVE-2023-5346 (circl-sighting)
- CIRCL seen: CVE-2023-5346 (circl-sighting)
- CIRCL seen: CVE-2023-5346 (circl-sighting)
- https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop.html (circl)
- https://crbug.com/1485829 (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BMFDRMWMT6ZBLGLLWSWHHRAUBOSUXQDR/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4GHJ3FK5NPHDRUR4OJOI4UU6FKSOOGG/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RA6HMWNOYQ56R35MHW77GVW7373Z4RSN/ (circl)
- https://security.gentoo.org/glsa/202401-34 (circl)
Timeline
- Jan 21, 1970 Security Advisory
- Oct 3, 2023 CVE Published
- Oct 5, 2023 PoC Published
- Oct 6, 2023 EPSS Score
- Oct 11, 2023 PoC Published
- Nov 7, 2023 EPSS Score
- Jan 9, 2024 EPSS Score
- Jan 31, 2024 CVE Updated
- Feb 9, 2024 EPSS Score
- Apr 13, 2024 EPSS Score
- May 14, 2024 EPSS Score
- Jun 15, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2541.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2541 advisory
- http://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop.html advisory
- https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#october-4-2023 advisory
- https://lists.debian.org/debian-security-announce/2023/msg00208.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-3a968a9e97 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-17da85be66 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-7c35b7aa43 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-274239e279 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-f2e087c62d advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-0d68b0d3aa advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-c730ef027d advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-8c9fd2a001 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-53a7bc5700 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-2e7253946a advisory
- https://security.gentoo.org/glsa/202401-34 advisory