CVE-2023-3079 (High) detected in multiple libraries #610

mend-bolt-for-github · 2023-06-07T01:17:14Z

CVE-2023-3079 - High Severity Vulnerability

Vulnerable Libraries - nodev15.3.0, qt5.14.0, v88.6.115

Vulnerability Details

Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Publish Date: 2023-06-05

URL: CVE-2023-3079

CVSS 3 Score Details (8.8)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html

Release Date: 2023-06-05

Fix Resolution: 114.0.5735.110

Step up your Open Source Security Game with Mend here

mend-bolt-for-github bot added the Mend: dependency security vulnerability Security vulnerability detected by WhiteSource label Jun 7, 2023

mend-bolt-for-github bot changed the title ~~CVE-2023-3079 (Medium) detected in multiple libraries~~ CVE-2023-3079 (High) detected in multiple libraries Jun 9, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2023-3079 (High) detected in multiple libraries #610

CVE-2023-3079 (High) detected in multiple libraries #610

mend-bolt-for-github bot commented Jun 7, 2023 •

edited

CVE-2023-3079 (High) detected in multiple libraries #610

CVE-2023-3079 (High) detected in multiple libraries #610

Comments

mend-bolt-for-github bot commented Jun 7, 2023 • edited

CVE-2023-3079 - High Severity Vulnerability

mend-bolt-for-github bot commented Jun 7, 2023 •

edited