CVE-2023-2135

CVSS V2 None CVSS V3 None

Description

Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Overview

CVE ID
CVE-2023-2135

Assigner
chrome-cve-admin@google.com

Vulnerability Status
Undergoing Analysis

Published Version
2023-04-19T04:15:31

Last Modified Date
2023-04-23T12:15:14

References

Reference URL	Reference Tags
https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html
https://crbug.com/1424337
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4AOSGAOPXLBK4A5ZRTVZ4M6QKVLSWMWG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FEJZMAUB4XP44HSHEBDWEKFGA7DUHY42/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RJQI63HWZFL6M26Q6UOHKDY6LD2PFC5Z/
https://www.debian.org/security/2023/dsa-5393

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-2135
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2135

History

Created	Old Value	New Value	Data Type	Notes
2023-04-19 04:26:05				Added to TrackCVE
2023-04-19 13:01:15		2023-04-19T12:39:28	CVE Modified Date	updated
2023-04-19 13:01:15	Received	Awaiting Analysis	Vulnerability Status	updated
2023-04-20 08:00:52		2023-04-20T07:15:07	CVE Modified Date	updated
2023-04-20 08:00:55			References	updated
2023-04-21 04:01:17		2023-04-21T03:15:08	CVE Modified Date	updated
2023-04-21 04:01:20			References	updated
2023-04-21 05:01:07		2023-04-21T04:15:44	CVE Modified Date	updated
2023-04-21 05:01:09			References	updated
2023-04-23 13:00:45		2023-04-23T12:15:14	CVE Modified Date	updated
2023-04-23 13:00:48			References	updated
2023-04-25 13:01:01	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated