VDB
CVE-2023-7024
CVE-2023-7024
PUBLISHED
KEV
Es existiert eine Schwachstelle in Google Chrome. Grund ist ein Heap-basierter Pufferüberlauf in der WebRTC Komponente. Ein Angreifer kann dies für einen Denial of Service Angriff oder zur Ausführung beliebigen Codes ausnutzen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.
EPSS 3.07% · 87.0th percentile
Risk Scores
EPSS Score
3.07%
87.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Edge < 120.0.2210.91 | |
| Open Source | Open Source Kibana < 8.12.1 | |
| Fedora | Fedora Linux | |
| Open Source | Open Source Kibana < 7.17.18 | |
| Debian | Debian Linux | |
| Gentoo | Gentoo Linux |
Timeline
- Jan 21, 1970 Distribution Patch
- Jan 21, 1970 Security Advisory
- Dec 20, 2023 PoC Published
- Dec 20, 2023 CVE Published
- Dec 22, 2023 EPSS Score
- Jan 2, 2024 CISA KEV Added
- Feb 18, 2024 CVE Updated
- Oct 4, 2024 Coalition ESS Score
- Dec 17, 2024 EPSS Score
- Dec 20, 2024 Coalition ESS Score
- Dec 26, 2024 Coalition ESS Score
- Dec 27, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3188.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3188 advisory
- https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_20.html advisory
- https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b300e89045 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-1de2fe25c4 advisory
- https://www.debian.org/security/2023/dsa-5585 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-46203ab7be advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-f6ff23a804 advisory
- https://security.gentoo.org/glsa/202401-34 advisory
- https://discuss.elastic.co/t/kibana-8-12-1-7-17-18-security-update/352805 advisory
- https://security.gentoo.org/glsa/202402-14 advisory