CVE-2023-5187

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 28, 2023

Updated: Jan 31, 2024

CWE ID 416

Summary

CVE-2023-5187 is a high severity vulnerability in Google Chrome versions prior to 117.0.5938.132. Malicious extensions could exploit a use-after-free issue in the Extensions component, leading to heap corruption. An attacker could potentially induce this vulnerability by convincing a user to install and visit a specially crafted HTML page. The consequences of a successful exploit could result in arbitrary code execution or denial-of-service conditions. Users are advised to update their Chrome browsers to the latest version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/suVuu6
https://www.cve.org/CVERecord?id=CVE-2023-5187
https://nvd.nist.gov/vuln/detail/CVE-2023-5187

Back to Vulnerability Database

CVE-2023-5187

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations