CVE-2023-0471

Опубликовано: 26 янв. 2023

Источник: msrc

EPSS Низкий

Описание

Chromium: CVE-2023-0471 Use after free in WebTransport

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

FAQ

What is the version information for this release?

Microsoft Edge Channel	Microsoft Edge Version	Based on Chromium Version	Date Released
Stable	109.0.1343.27	109.0.5414.119/.120	1/26/2023
Extended Stable	108.0.1293.81	108.0.5359.215	1/26/2023

Возможность эксплуатации

DOS

N/A

EPSS

Процентиль: 37%

0.00163

Низкий

Связанные уязвимости

CVE-2023-0471

CVSS3: 8.8

ubuntu

около 3 лет назад

Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-0471

CVSS3: 8.8

nvd

около 3 лет назад

Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-0471

CVSS3: 8.8

debian

около 3 лет назад

Use after free in WebTransport in Google Chrome prior to 109.0.5414.11 ...

GHSA-h993-r4m3-557w

CVSS3: 8.8

github

около 3 лет назад

Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

BDU:2023-00392

CVSS3: 9.8

fstec

около 3 лет назад

Уязвимость компонента WebTransport браузера Google Chrome, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 37%

0.00163

Низкий