CVE-2023-1225 — Heap-based Buffer Overflow in Google Chrome
Severity
4.3MEDIUMNVD
EPSS
0.0%
top 90.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 7
Latest updateMar 8
Description
Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 111.0.5563.64 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4