CVE-2023-6348

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 29, 2023
Updated: Jan 31, 2024
CWE ID 843

Summary

CVE-2023-6348 is a type confusion vulnerability affecting Google Chrome versions prior to 119.0.6045.199. An attacker who manages to compromise the renderer process can exploit heap corruption by crafting a malicious HTML page. This issue, rated as high severity by Chromium security team, allows for potential code injection and execution, posing a significant threat to user security.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share