{"url":"http://public2.vulnerablecode.io/api/packages/623554?format=json","purl":"pkg:nuget/CefSharp.Common.NETCore@103.0.80","type":"nuget","namespace":"","name":"CefSharp.Common.NETCore","version":"103.0.80","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"117.2.20","latest_non_vulnerable_version":"117.2.20","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19286?format=json","vulnerability_id":"VCID-1j1f-verc-bqb3","summary":"Improper Neutralization in CefSharp.Common.NETCore.","references":[{"reference_url":"https://github.com/cefsharp/CefSharp","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/cefsharp/CefSharp"},{"reference_url":"https://github.com/cefsharp/CefSharp/commit/45e66f7c0f9094f2fd81ab57b37a9ed9576b51b8","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/cefsharp/CefSharp/commit/45e66f7c0f9094f2fd81ab57b37a9ed9576b51b8"},{"reference_url":"https://github.com/advisories/GHSA-4c29-gfrp-g6x9","reference_id":"GHSA-4c29-gfrp-g6x9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4c29-gfrp-g6x9"},{"reference_url":"https://github.com/cefsharp/CefSharp/security/advisories/GHSA-4c29-gfrp-g6x9","reference_id":"GHSA-4c29-gfrp-g6x9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/cefsharp/CefSharp/security/advisories/GHSA-4c29-gfrp-g6x9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60327?format=json","purl":"pkg:nuget/CefSharp.Common.NETCore@117.2.20","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.Common.NETCore@117.2.20"}],"aliases":["GHSA-4c29-gfrp-g6x9","GMS-2023-3094","GMS-2023-3096"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1j1f-verc-bqb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19147?format=json","vulnerability_id":"VCID-mkgf-y94b-uuae","summary":"CefSharp affected by heap buffer overflow in WebP\n**Google is aware that an exploit for [CVE-2023-4863](https://www.cve.org/CVERecord?id=CVE-2023-4863) exists in the wild.**\n\n### Description\n\nHeap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. (Chromium security severity: Critical)\n\n### References\n\n- https://www.cve.org/CVERecord?id=CVE-2023-4863\n- https://nvd.nist.gov/vuln/detail/CVE-2023-4863\n- https://www.techtarget.com/searchsecurity/news/366551978/Browser-companies-patch-critical-zero-day-vulnerability","references":[{"reference_url":"https://github.com/cefsharp/CefSharp","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/cefsharp/CefSharp"},{"reference_url":"https://github.com/cefsharp/CefSharp/commit/f2890ba66170afb0bf742839febe4d20449f758c","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/cefsharp/CefSharp/commit/f2890ba66170afb0bf742839febe4d20449f758c"},{"reference_url":"https://github.com/cefsharp/CefSharp/releases/tag/v116.0.230","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/cefsharp/CefSharp/releases/tag/v116.0.230"},{"reference_url":"https://github.com/advisories/GHSA-j646-gj5p-p45g","reference_id":"GHSA-j646-gj5p-p45g","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j646-gj5p-p45g"},{"reference_url":"https://github.com/cefsharp/CefSharp/security/advisories/GHSA-j646-gj5p-p45g","reference_id":"GHSA-j646-gj5p-p45g","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/cefsharp/CefSharp/security/advisories/GHSA-j646-gj5p-p45g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60157?format=json","purl":"pkg:nuget/CefSharp.Common.NETCore@116.0.230","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1j1f-verc-bqb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.Common.NETCore@116.0.230"}],"aliases":["GHSA-j646-gj5p-p45g","GMS-2023-2464","GMS-2023-2465"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mkgf-y94b-uuae"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.Common.NETCore@103.0.80"}