CVSS 3.1 Score 8.8 of 10 (high)


Published Oct 11, 2023
Updated: Jan 31, 2024
CWE ID 787


CVE-2023-5474 is a heap buffer overflow vulnerability that affects Google Chrome versions prior to 118.0.5993.70. The vulnerability allows a remote attacker to exploit heap corruption by convincing a user to interact with a crafted PDF file. The severity of this vulnerability is rated as medium, and it has a high impact on both confidentiality and integrity of affected systems. The vulnerability requires user interaction and can be exploited over the network. The base score for this vulnerability is 8.8 out of 10, indicating a high level of severity. There is no privilege requirement for the exploit, and the attack complexity is considered low. Remediation for this vulnerability involves updating Google Chrome to version 118.0.5993.70 or later, which addresses the issue and mitigates the risk it poses to organizations' security.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-5474 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options