Search for vulnerabilities
Vulnerability details: VCID-xspa-u4t7-aaab
Vulnerability ID VCID-xspa-u4t7-aaab
Aliases CVE-2023-4764
Summary Incorrect security UI in BFCache in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.001 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00523 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00523 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00523 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00523 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00523 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00523 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00523 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00523 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00523 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00523 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00523 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00523 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00523 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00524 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00524 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00524 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00524 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00524 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00524 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00524 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00524 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00524 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00535 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00563 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00563 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00563 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00563 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
epss 0.00691 https://api.first.org/data/v1/epss?cve=CVE-2023-4764
cvssv3 6.5 https://nvd.nist.gov/vuln/detail/CVE-2023-4764
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2023-4764
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2023-4764
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html
https://crbug.com/1447237
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4764
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/
https://security.gentoo.org/glsa/202312-07
https://www.debian.org/security/2023/dsa-5491
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
CVE-2023-4764 https://nvd.nist.gov/vuln/detail/CVE-2023-4764
GLSA-202311-11 https://security.gentoo.org/glsa/202311-11
GLSA-202401-34 https://security.gentoo.org/glsa/202401-34
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-4764
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-4764
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.28855
EPSS Score 0.001
Published At April 15, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.