CVE-2023-6704

Опубликовано: 14 дек. 2023

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 8.8

Описание

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. (Chromium security severity: High)

Релиз	Статус	Примечание
bionic	ignored	end of standard support
devel	not-affected	code not present
esm-infra/focal	DNE	focal was not-affected [code not present]
focal	not-affected	code not present
jammy	not-affected	code not present
lunar	not-affected	code not present
mantic	not-affected	code not present
trusty	ignored	end of standard support
upstream	released
xenial	ignored	end of standard support

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2023-6704

EPSS

Процентиль: 56%

0.00338

Низкий

8.8 High

CVSS3

Связанные уязвимости

CVE-2023-6704

CVSS3: 8.8

nvd

больше 1 года назад

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. (Chromium security severity: High)

CVE-2023-6704

msrc

больше 1 года назад

Chromium: CVE-2023-6704 Use after free in libavif

CVE-2023-6704

CVSS3: 8.8

debian

больше 1 года назад

Use after free in libavif in Google Chrome prior to 120.0.6099.109 all ...

SUSE-SU-2024:0423-1

suse-cvrf

больше 1 года назад

Security update for libavif

GHSA-587x-fmc5-99p9

CVSS3: 8.8

github

больше 1 года назад

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. (Chromium security severity: High)

EPSS

Процентиль: 56%

0.00338

Низкий

8.8 High

CVSS3

CVE-2023-6704

Описание

Пакет chromium-browser

Ссылки на источники

Связанные уязвимости