CVE-2023-4431

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Aug 23, 2023

Updated: Jan 31, 2024

CWE ID 321

Summary

CVE-2023-4431 is a medium severity vulnerability affecting Google Chrome versions prior to 116.0.5845.110. This issue stems from an out of bounds memory access in the Font handling component. A remote attacker can exploit this flaw via a specially crafted HTML page, resulting in an out of bounds memory read. This vulnerability could potentially lead to information disclosure, but exploitation requires a targeted attack. Users are encouraged to update their browsers to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s0tnyd
https://www.cve.org/CVERecord?id=CVE-2023-4431
https://nvd.nist.gov/vuln/detail/CVE-2023-4431

Back to Vulnerability Database

CVE-2023-4431

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations