CVE-2023-4358

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 15, 2023
Updated: Jan 31, 2024
CWE ID 416

Summary

CVE-2023-4358 is a medium severity vulnerability affecting Google Chrome versions prior to 116.0.5845.96. It involves a use-after-free issue in the DNS component of the browser. A remote attacker could potentially exploit this flaw by creating a crafted HTML page and inducing heap corruption. This could result in arbitrary code execution, leading to security risks for users browsing the web. The Chromium security team has identified and addressed this vulnerability with the release of Chrome 116.0.5845.96.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share