Search for vulnerabilities
Vulnerability details: VCID-xzm7-krd3-aaas
Vulnerability ID VCID-xzm7-krd3-aaas
Aliases CVE-2023-4762
Summary Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
Status Published
Exploitability 2.0
Weighted Severity 7.9
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')
System Score Found at
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.11497 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.2182 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.2182 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.2182 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.2182 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.2182 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.2182 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.2182 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.2182 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.2182 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.47405 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.54297 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.54297 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.54598 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.54598 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.54598 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.60255 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.60255 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.66188 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.66188 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.66188 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.66188 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.66188 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.66194 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.66780 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
epss 0.72121 https://api.first.org/data/v1/epss?cve=CVE-2023-4762
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2023-4762
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2023-4762
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2023-4762
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html
https://crbug.com/1473247
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4764
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4762
https://security.gentoo.org/glsa/202312-07
https://www.debian.org/security/2023/dsa-5491
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
CVE-2023-4762 https://nvd.nist.gov/vuln/detail/CVE-2023-4762
GLSA-202311-11 https://security.gentoo.org/glsa/202311-11
GLSA-202401-34 https://security.gentoo.org/glsa/202401-34
Data source KEV
Date added Feb. 6, 2024
Description Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Due date Feb. 27, 2024
Note 
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html; https://nvd.nist.gov/vuln/detail/CVE-2023-4762
Ransomware campaign use Unknown
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-4762
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-4762
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.93158
EPSS Score 0.11497
Published At April 15, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.