Search for vulnerabilities
Vulnerability details: VCID-jr8k-4342-cke1
Vulnerability ID VCID-jr8k-4342-cke1
Aliases CVE-2023-4762
Summary Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
Status Published
Exploitability 2.0
Weighted Severity 7.9
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')
System Score Found at
epss 0.15279 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.15279 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.15279 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.15279 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.15279 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.15279 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.15279 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.15279 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.15279 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.15279 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.15279 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.15279 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.18254 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.18254 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.18254 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.18254 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.18254 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.18254 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.18254 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.18254 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
cvssv3.1 8.8 https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html
ssvc Attend https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html
cvssv3.1 8.8 https://crbug.com/1473247
ssvc Attend https://crbug.com/1473247
cvssv3.1 8.8 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/
ssvc Attend https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/
cvssv3.1 8.8 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/
ssvc Attend https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/
cvssv3.1 8.8 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/
ssvc Attend https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/
cvssv3.1 8.8 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4762
ssvc Attend https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4762
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2023-4762
cvssv3.1 8.8 https://security.gentoo.org/glsa/202311-11
ssvc Attend https://security.gentoo.org/glsa/202311-11
cvssv3.1 8.8 https://security.gentoo.org/glsa/202312-07
ssvc Attend https://security.gentoo.org/glsa/202312-07
cvssv3.1 8.8 https://security.gentoo.org/glsa/202401-34
ssvc Attend https://security.gentoo.org/glsa/202401-34
cvssv3.1 8.8 https://www.debian.org/security/2023/dsa-5491
ssvc Attend https://www.debian.org/security/2023/dsa-5491
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2023-4762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4764
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/
https://security.gentoo.org/glsa/202401-34
1473247 https://crbug.com/1473247
202311-11 https://security.gentoo.org/glsa/202311-11
202312-07 https://security.gentoo.org/glsa/202312-07
27NR3KG553CG6LGPMP6SHWEVHTYPL6RC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
CVE-2023-4762 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4762
CVE-2023-4762 https://nvd.nist.gov/vuln/detail/CVE-2023-4762
dsa-5491 https://www.debian.org/security/2023/dsa-5491
KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/
stable-channel-update-for-desktop.html https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html
Data source KEV
Date added Feb. 6, 2024
Description Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Due date Feb. 27, 2024
Note 
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html; https://nvd.nist.gov/vuln/detail/CVE-2023-4762
Ransomware campaign use Unknown
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-02-06T05:00:09Z/ Found at https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://crbug.com/1473247
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-02-06T05:00:09Z/ Found at https://crbug.com/1473247
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-02-06T05:00:09Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-02-06T05:00:09Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-02-06T05:00:09Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4762
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-02-06T05:00:09Z/ Found at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4762
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-4762
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/202311-11
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-02-06T05:00:09Z/ Found at https://security.gentoo.org/glsa/202311-11
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/202312-07
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-02-06T05:00:09Z/ Found at https://security.gentoo.org/glsa/202312-07
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/202401-34
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-02-06T05:00:09Z/ Found at https://security.gentoo.org/glsa/202401-34
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2023/dsa-5491
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-02-06T05:00:09Z/ Found at https://www.debian.org/security/2023/dsa-5491
Exploit Prediction Scoring System (EPSS)
Percentile 0.9432
EPSS Score 0.15279
Published At Aug. 12, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:55:04.216559+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.18/community.json 37.0.0