CVE-2023-3214

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jun 13, 2023

Updated: Jan 31, 2024

CWE ID 416

Summary

CVE-2023-3214 is a critical vulnerability affecting Google Chrome versions prior to 114.0.5735.133. This issue involves a use-after-free condition in the Autofill payments feature, which can be exploited by remote attackers. By constructing a maliciously crafted HTML page, they could potentially corrupt the heap and gain unauthorized access to user data or execute arbitrary code. Chrome's security team has classified this vulnerability as critical due to its potential severity.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/roHe5j
https://www.cve.org/CVERecord?id=CVE-2023-3214
https://nvd.nist.gov/vuln/detail/CVE-2023-3214

Back to Vulnerability Database

CVE-2023-3214

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations