CVE-2023-3739

Опубликовано: 01 авг. 2023

Источник: nvd

CVSS3: 6.3

EPSS Низкий

Описание

Insufficient validation of untrusted input in Chromad in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed a remote attacker to execute arbitrary code via a crafted shell script. (Chromium security severity: Low)

Ссылки

https://chromereleases.googleblog.com/2023/07/stable-channel-update-for-chromeos.html
Release Notes
Vendor Advisory
https://crbug.com/1398986
Exploit
Issue Tracking
Vendor Advisory
https://chromereleases.googleblog.com/2023/07/stable-channel-update-for-chromeos.html
Release Notes
Vendor Advisory
https://crbug.com/1398986
Exploit
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Версия до 115.0.5790.131 (исключая)

cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00526

Низкий

6.3 Medium

CVSS3

Дефекты

CWE-77

Связанные уязвимости

CVE-2023-3739

CVSS3: 6.3

ubuntu

больше 2 лет назад

CVE-2023-3739

CVSS3: 6.3

debian

больше 2 лет назад

Insufficient validation of untrusted input in Chromad in Google Chrome ...

GHSA-gm85-g783-h7qr

CVSS3: 6.3

github

больше 2 лет назад

Insufficient validation of untrusted input in Chromad in Google Chrome on ChromeOS prior to 115.0.5790.98 allowed a remote attacker to execute arbitrary code via a crafted shell script. (Chromium security severity: Low)

EPSS

Процентиль: 66%

0.00526

Низкий

6.3 Medium

CVSS3

Дефекты

CWE-77