Search for packages
| purl | pkg:nuget/CefSharp.Common.NETCore@87.1.131-pre |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1j1f-verc-bqb3
Aliases: GHSA-4c29-gfrp-g6x9 GMS-2023-3094 GMS-2023-3096 |
Improper Neutralization in CefSharp.Common.NETCore. |
Affected by 0 other vulnerabilities. |
|
VCID-57ne-vzp6-b7f4
Aliases: CVE-2022-0609 GHSA-vv6j-ww6x-54gx GMS-2022-140 GMS-2022-141 GMS-2022-142 GMS-2022-143 GMS-2022-144 GMS-2022-145 GMS-2022-146 GMS-2022-147 GMS-2022-148 |
Use after free in Animation. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available. There is currently little other public information on the issue other than it has been flagged as `High` severity. |
Affected by 2 other vulnerabilities. |
|
VCID-mkgf-y94b-uuae
Aliases: GHSA-j646-gj5p-p45g GMS-2023-2464 GMS-2023-2465 |
CefSharp affected by heap buffer overflow in WebP **Google is aware that an exploit for [CVE-2023-4863](https://www.cve.org/CVERecord?id=CVE-2023-4863) exists in the wild.** ### Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. (Chromium security severity: Critical) ### References - https://www.cve.org/CVERecord?id=CVE-2023-4863 - https://nvd.nist.gov/vuln/detail/CVE-2023-4863 - https://www.techtarget.com/searchsecurity/news/366551978/Browser-companies-patch-critical-zero-day-vulnerability |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||