← Back

CVE-2023-3079

nvd nist
Published: Jun 5, 2023Modified: Oct 24, 2025CISA KEV

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Affected (8)

Products: Fedoraproject: Fedora · Debian: Debian Linux · Apple: Macos · +2 more
Show all products
Fedoraproject: Fedora · Debian: Debian Linux · Apple: Macos · Linux: Linux Kernel · Couchbase: Couchbase Server
Fedoraproject
1 product
Fedora
Debian
1 product
Debian Linux
Apple
1 product
Macos
Linux
1 product
Linux Kernel
Couchbase
1 product
Couchbase Server
Configuration A
1 platform
Running on/withPlatform Versions
Microsoft
Windows
All versions
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 37
Fedora
Version 38
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 11.0
Debian Linux
Version 12.0
Configuration D
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Macos
All versions
Linux Kernel
All versions
Running on/withPlatform Versions
Google
Chrome
Before 114.0.5735.110
Configuration E
2 vulnerable
Vulnerable SoftwareAffected Versions
Couchbase
Couchbase Server
Before 7.1.5
Couchbase Server
Version 7.2.0

Related CWEs

CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

References (21)

Source: chrome-cve-admin@google.com
Third Party AdvisoryVDB Entry
Source: chrome-cve-admin@google.com
Third Party AdvisoryVDB Entry
Source: chrome-cve-admin@google.com
Vendor Advisory
Source: chrome-cve-admin@google.com
ExploitIssue Tracking
Source: chrome-cve-admin@google.com
Mailing ListThird Party Advisory
Source: chrome-cve-admin@google.com
Mailing ListThird Party Advisory
Source: chrome-cve-admin@google.com
Third Party Advisory
Source: chrome-cve-admin@google.com
Third Party Advisory
Source: chrome-cve-admin@google.com
Third Party Advisory
Source: chrome-cve-admin@google.com
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

Timeline

No history available yet.