Description
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page. (Chromium security severity: Medium)
Published: 2023-05-02
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-5398-1 chromium security update
EUVD EUVD EUVD-2023-33945 Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page. (Chromium security severity: Medium)
History

Mon, 07 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Debian Debian Linux
Fedoraproject Fedora
Google Chrome
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2025-02-13T16:44:20.954Z

Reserved: 2023-05-01T23:09:49.405Z

Link: CVE-2023-2460

cve-icon Vulnrichment

Updated: 2024-08-02T06:26:08.967Z

cve-icon NVD

Status : Modified

Published: 2023-05-03T00:15:09.327

Modified: 2024-11-21T07:58:39.637

Link: CVE-2023-2460

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses