CVE-2023-2133

CVE	CVE-2023-2133
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-04-19 04:15:00 UTC
Updated	2023-10-20 20:52:00 UTC
Description	Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Problem Types: CWE-787

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	11.0	All	All	All
Operating System	Fedoraproject	Fedora	36	All	All	All
Operating System	Fedoraproject	Fedora	37	All	All	All
Operating System	Fedoraproject	Fedora	38	All	All	All
Application	Google	Chrome	All	All	All	All

Reference	Source	Link	Tags
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities (GLSA 202309-17) — Gentoo security	MISC	security.gentoo.org
[SECURITY] Fedora 38 Update: chromium-112.0.5615.165-1.fc38 - package-announce - Fedora Mailing-Lists	MISC	lists.fedoraproject.org
[SECURITY] Fedora 37 Update: chromium-112.0.5615.165-1.fc37 - package-announce - Fedora Mailing-Lists	MISC	lists.fedoraproject.org
[SECURITY] Fedora 38 Update: chromium-112.0.5615.121-2.fc38 - package-announce - Fedora Mailing-Lists	MISC	lists.fedoraproject.org
[SECURITY] Fedora 37 Update: chromium-112.0.5615.121-2.fc37 - package-announce - Fedora Mailing-Lists	MISC	lists.fedoraproject.org
1429197 - chromium - An open-source project to help move the web forward. - Monorail	MISC	crbug.com
[SECURITY] Fedora 36 Update: chromium-112.0.5615.121-2.fc36 - package-announce - Fedora Mailing-Lists	MISC	lists.fedoraproject.org
Chrome Releases: Stable Channel Update for Desktop	MISC	chromereleases.googleblog.com
Debian -- Security Information -- DSA-5393-1 chromium	MISC	www.debian.org
[SECURITY] Fedora 36 Update: chromium-112.0.5615.165-1.fc36 - package-announce - Fedora Mailing-Lists	MISC	lists.fedoraproject.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

181750 Debian Security Update for chromium (DSA 5393-1)
183521 Debian Security Update for chromium (CVE-2023-2133)
283905 Fedora Security Update for chromium (FEDORA-2023-c1741c9724)
283906 Fedora Security Update for chromium (FEDORA-2023-8cc9731416)
283939 Fedora Security Update for chromium (FEDORA-2023-fa739b5753)
283942 Fedora Security Update for chromium (FEDORA-2023-2b6ba1c253)
284160 Fedora Security Update for chromium (FEDORA-2023-911c060ded)
284166 Fedora Security Update for chromium (FEDORA-2023-df075a7f85)
378426 Google Chrome Prior to 112.0.5615.137 Multiple Vulnerabilities
378442 Microsoft Edge Based on Chromium Prior to 112.0.1722.58 Multiple Vulnerabilities
691149 Free Berkeley Software Distribution (FreeBSD) Security Update for chromium (90c48c04-d549-4fc0-a503-4775e32d438e)
710759 Gentoo Linux Chromium, Google Chrome, Microsoft Edge Multiple Vulnerabilities (GLSA 202309-17)
754045 OpenSUSE Security Update for opera (openSUSE-SU-2023:0114-1)
754103 OpenSUSE Security Update for opera (openSUSE-SU-2023:0115-1)