CVE-2013-6623Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Chrome

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
1.6%
top 18.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedNov 13
Latest updateJul 31

Description

The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDgoogle/chrome31.0.1650.47+43

🔴Vulnerability Details

1
GHSA
GHSA-p8h5-px5g-gh3w: The SVG implementation in Blink, as used in Google Chrome before 312022-05-17

📄Research Papers

1
arXiv
Microservice Vulnerability Analysis: A Literature Review with Empirical Insights2024-07-31