Search for vulnerabilities
Vulnerability details: VCID-p9kk-uagc-aaab
Vulnerability ID VCID-p9kk-uagc-aaab
Aliases CVE-2023-2935
Summary Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Status Published
Exploitability 0.5
Weighted Severity 7.9
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')
System Score Found at
epss 0.00922 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01083 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01083 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01083 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01083 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01083 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01083 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01083 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01083 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01083 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01083 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01091 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01091 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01434 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01434 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.01482 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.03193 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.06733 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.06733 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.06733 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.06733 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.06733 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.06733 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.06733 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.06733 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.06733 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.06733 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.06733 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
epss 0.07239 https://api.first.org/data/v1/epss?cve=CVE-2023-2935
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2023-2935
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2023-2935
Reference id Reference type URL
http://packetstormsecurity.com/files/173196/Chrome-v8-internal-Object-SetPropertyWithAccessor-Type-Confusion.html
https://api.first.org/data/v1/epss?cve=CVE-2023-2935
https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_30.html
https://crbug.com/1440695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2929
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2931
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2932
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2933
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2934
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2935
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2936
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2939
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2940
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2941
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3598
https://www.debian.org/security/2023/dsa-5418
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
CVE-2023-2935 https://nvd.nist.gov/vuln/detail/CVE-2023-2935
GLSA-202311-11 https://security.gentoo.org/glsa/202311-11
GLSA-202401-34 https://security.gentoo.org/glsa/202401-34
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-2935
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-2935
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.83362
EPSS Score 0.00922
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.