CVE-2023-3079
published 2023-06-05CVE-2023-3079: Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page…
PriorityP187high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2023-06-28
Exploited in the wild
EPSS
32.72%
98.1th percentile
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chromium | chromium | >= 0 < 114.0.5735.106-1~deb11u1 | 114.0.5735.106-1~deb11u1 |
| chromium | chromium | >= 0 < 114.0.5735.106-1~deb12u1 | 114.0.5735.106-1~deb12u1 |
| chromium | chromium | >= 0 < 114.0.5735.106-1 | 114.0.5735.106-1 |
| chromium | chromium | >= 0 < 114.0.5735.106-1 | 114.0.5735.106-1 |
| couchbase | couchbase_server | < 7.1.5 | 7.1.5 |
| couchbase | couchbase_server | — | — |
| debian | chromium | < chromium 114.0.5735.106-1~deb12u1 (bookworm) | chromium 114.0.5735.106-1~deb12u1 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| chrome | < 114.0.5735.110 | 114.0.5735.110 | |
| chrome | >= 114.0.5735.110 < 114.0.5735.110 | 114.0.5735.110 | |
| chrome_chrome | — | — | |
| msrc | microsoft_edge | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2023-3079 is a type confusion vulnerability in the V8 JavaScript engine; exploit delivery requires a crafted HTML page — monitor for suspicious or anomalous HTML/JS content served to Chrome/Edge users, especially from untrusted sources. ↗
- →Exploitation vector is purely network-based (no authentication required); delivery is via malicious URL — monitor proxy/web gateway logs for users navigating to suspicious pages that could trigger V8 type confusion. ↗
- →Google confirmed an exploit exists in the wild; prioritize detection of Chrome/Edge processes spawning unexpected child processes or making anomalous network connections, which may indicate post-exploitation activity following heap corruption. ↗
- ·Only limited technical details were publicly available at time of initial disclosure; full exploit mechanics were not published, limiting signature-based detection specificity. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH
vulncheck8.8HIGH
cisa8.8HIGH
vendor_debian8.8HIGH
vendor_msrc8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8mwf-hvfp-6xfg: Type confusion in V8 in Google Chrome prior to 114
ghsa_unreviewed·2023-06-06
CVE-2023-3079 [HIGH] CWE-843 GHSA-8mwf-hvfp-6xfg: Type confusion in V8 in Google Chrome prior to 114
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
OSV
CVE-2023-3079: Type confusion in V8 in Google Chrome prior to 114
osv·2023-06-05·CVSS 8.8
CVE-2023-3079 [HIGH] CVE-2023-3079: Type confusion in V8 in Google Chrome prior to 114
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
VulnCheck
Google Chromium V8 Type Confusion Vulnerability
vulncheck·2023·CVSS 8.8
CVE-2023-3079 [HIGH] CWE-843 Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Affected: Google Chromium V8
Required Action: Apply updates per vendor instructions.
Exploitation References: https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://securelist.com/it-threat-evolution-q2-2023-non-mobile-statistics/110413/; https://ti.qianxin.com/uploads/2024/02/02/dcc93e586f9028c68e7ab34c3326f
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2023-3079
vendor_chrome·2023-06-21·CVSS 8.8
CVE-2023-3079 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-3079
Long Term Support Channel Update for ChromeOS
CVE-2023-3079
Microsoft
Chromium: CVE-2023-3079 Type Confusion in V8
vendor_msrc·2023-06-13·CVSS 8.8
CVE-2023-3079 [HIGH] Chromium: CVE-2023-3079 Type Confusion in V8
Chromium: CVE-2023-3079 Type Confusion in V8
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Google is aware that an exploit for CVE-2023-3079 exists in the wild.
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
Cl
CISA
Google Chromium V8 Type Confusion Vulnerability
cisa·2023-06-07·CVSS 8.8
CVE-2023-3079 [HIGH] CWE-843 Google Chromium V8 Type Confusion Vulnerability
Vulnerability: Google Chromium V8 Type Confusion Vulnerability
Affected: Google Chromium V8
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action: Apply updates per vendor instructions.
Notes: https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.html; https://nvd.nist.gov/vuln/detail/CVE-2023-3079
Remediation Due Date: 2023-06-28
Debian
CVE-2023-3079: chromium - Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote a...
vendor_debian·2023·CVSS 8.8
CVE-2023-3079 [HIGH] CVE-2023-3079: chromium - Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote a...
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Scope: local
bookworm: resolved (fixed in 114.0.5735.106-1~deb12u1)
bullseye: resolved (fixed in 114.0.5735.106-1~deb11u1)
forky: resolved (fixed in 114.0.5735.106-1)
sid: resolved (fixed in 114.0.5735.106-1)
trixie: resolved (fixed in 114.0.5735.106-1)
No detection rules found.
No public exploits indexed.
Mandiant
Intellexa’s Prolific Zero-Day Exploits Continue
blogs_mandiant·2025-12-03
Intellexa’s Prolific Zero-Day Exploits Continue
Threat Intelligence
# Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue
December 3, 2025
##### Google Threat Intelligence Group
##### Google Threat Intelligence
Visibility and context on the threats that matter most.
Contact Us & Get a Demo
### Introduction
Despite extensive scrutiny and public reporting, commercial surveillance vendors continue to operate unimpeded. A prominent name continues to surface in the world of mercenary spyware, Intellexa. Known for its “Predator” spyware, the company was sanctioned by the US Government. New Google Threat Intelligence Group (GTIG) analysis shows that Intellexa is evading restrictions and thriving.
Intellexa has adapted, evaded restrictions, and continues selling digital weapons to the highest bidders. Alongside
Mandiant
Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue
blogs_mandiant·2025-12-03
Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue
## Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue
## Google Threat Intelligence Group
## Google Threat Intelligence
Visibility and context on the threats that matter most.
## Introduction
Despite extensive scrutiny and public reporting , commercial surveillance vendors continue to operate unimpeded. A prominent name continues to surface in the world of mercenary spyware, Intellexa. Known for its “Predator” spyware, the company was sanctioned by the US Government . New Google Threat Intelligence Group (GTIG) analysis shows that Intellexa is evading restrictions and thriving .
Intellexa has adapted, evaded restrictions, and continues selling digital weapons to the highest bidders. Alongside research published by our colleagues from Recorded Future and Amne
Bleepingcomputer
Google fixes first actively exploited Chrome zero-day of 2024
blogs_bleepingcomputer·2024-01-16·CVSS 8.8
CVE-2024-0519 [HIGH] Google fixes first actively exploited Chrome zero-day of 2024
## Google fixes first actively exploited Chrome zero-day of 2024
## Sergiu Gatlan
Although Google says the security update could take days or weeks to reach all impacted users, it was available immediately when BleepingComputer checked for updates today.
Those who prefer not to update their web browser manually can rely on Chrome to automatically check for new updates and install them after the next launch.
The high-severity zero-day vulnerability ( CVE-2024-0519 ) is due to a high-severity out-of-bounds memory access weakness in the Chrome V8 JavaScript engine, which remote attackers can exploit via a crafted HTML page to gain access to data beyond the memory buffer through heap corruption, providing them access to sensitive information or triggering a crash.
"The expected sentinel
Bleepingcomputer
Google fixes 8th Chrome zero-day exploited in attacks this year
blogs_bleepingcomputer·2023-12-20·CVSS 8.8
[HIGH] Google fixes 8th Chrome zero-day exploited in attacks this year
## Google fixes 8th Chrome zero-day exploited in attacks this year
## Sergiu Gatlan
The bug was discovered and reported by Clément Lecigne and Vlad Stolyarov of Google's Threat Analysis Group (TAG), a collective of security experts whose primary goal is to defend Google customers from state-sponsored attacks.
Google's Threat Analysis Group (TAG) frequently discovers zero-day bugs exploited by government-sponsored threat actors in targeted attacks aiming to deploy spyware on the devices of high-risk individuals, including opposition politicians, dissidents, and journalists.
Even though the security update could take days or weeks to reach all users, according to Google, it was available immediately when BleepingComputer checked for updates earlier today.
Individuals who prefer not t
Bleepingcomputer
Google Chrome emergency update fixes 7th zero-day exploited in 2023
blogs_bleepingcomputer·2023-11-28·CVSS 9.6
[CRITICAL] Google Chrome emergency update fixes 7th zero-day exploited in 2023
## Google Chrome emergency update fixes 7th zero-day exploited in 2023
## Sergiu Gatlan
The vulnerability has been addressed in the Stable Desktop channel, with patched versions rolling out globally to Windows users (119.0.6045.199/.200) and Mac and Linux users (119.0.6045.199).
Although the advisory notes that the security update may take days or weeks to reach the entire user base, it was available immediately when BleepingComputer checked for updates earlier today.
Users who don't want to update manually can rely on the web browser to check for new updates automatically and install them after the next launch.
## Likely exploited in spyware attacks
This high-severity zero-day vulnerability stems from an integer overflow weakness within the Skia open-source 2D graphics library, pos
Sentinelone
Beyond the WebP Flaw | An In-depth Look at 2023's Browser Security Challenges
blogs_sentinelone·2023-10-03
Beyond the WebP Flaw | An In-depth Look at 2023's Browser Security Challenges
This week, Firefox users were urged to apply Mozilla’s latest updates against a critical flaw that could allow attackers to take control of affected systems. It follows hard on the heels of similar updates for Microsoft Edge, Google Chrome, and Apple’s Safari browser. All have been heavily impacted by an actively exploited vulnerability in the WebP code library.
Although the WebP vulnerability affects other software as well, browsers are by far and away the most ubiquitous and widely used applications on end user devices . Having a foothold in a compromised browser gives threat actors access to sensitive information and potential avenues into targeted environments.
In this post, we take a deep dive into browser security , exploring the differences between vulnerabilities and exploits, ze
Sentinelone
Beyond the WebP Flaw | An In-depth Look at 2023's Browser Security Challenges
blogs_sentinelone·2023-10-03
Beyond the WebP Flaw | An In-depth Look at 2023's Browser Security Challenges
This week, Firefox users were urged to apply Mozilla’s latest updates against a critical flaw that could allow attackers to take control of affected systems. It follows hard on the heels of similar updates for Microsoft Edge, Google Chrome, and Apple’s Safari browser. All have been heavily impacted by an actively exploited vulnerability in the WebP code library.
Although the WebP vulnerability affects other software as well, browsers are by far and away the most ubiquitous and widely used applications on end user devices. Having a foothold in a compromised browser gives threat actors access to sensitive information and potential avenues into targeted environments.
In this post, we take a deep dive into browser security, exploring the differences between vulnerabilities and exploits, zero
Securelist
IT threat evolution in Q2 2023. Non-mobile statistics
blogs_securelist·2023-08-30
IT threat evolution in Q2 2023. Non-mobile statistics
Table of Contents
Quarterly figures
Financial threats
Financial threat statistics
Geography of financial malware attacks
Ransomware programs
Quarterly trends and highlights
MOVEit Transfer vulnerabilities exploited
Attacks on municipal organizations, educational and healthcare establishments
Most prolific groups
Number of new modifications
Number of users attacked by ransomware Trojans
Geography of attacked users
TOP 10 most common families of ransomware Trojans
Miners
Number of new miner modifications
Number of users attacked by miners
Geography of miner attacks
Vulnerable applications used by criminals during cyberattacks
Quarterly highlights
Vulnerability statistics
Attacks on macOS
Geography of threats for macOS
IoT attacks
IoT threat statistics
Attacks on IoT
Securelist
PC malware statistics, Q2 2022
blogs_securelist·2023-08-30
PC malware statistics, Q2 2022
Table of Contents
- Quarterly figures
- Financial threats
- Ransomware programs
- Most prolific groups
- Miners
- Vulnerable applications used by criminals during cyberattacks
- Attacks on macOS
- IoT attacks
- Attacks on IoT honeypots
- Attacks via web resources
- Local threats
Authors
- AMR
- IT threat evolution in Q2 2023
- IT threat evolution in Q2 2023. Non-mobile statistics
- IT threat evolution in Q2 2023. Mobile statistics
These statistics are based on detection verdicts of Kaspersky products and services received from users who consented to providing statistical data.
## Quarterly figures
According to Kaspersky Security Network, in Q2 2023:
- Kaspersky solutions blocked 801,934,281 attacks from online resources across the globe.
- A total of 209,716,810 unique links were d
Qualys
Part 1: An In-Depth Look at the Latest Vulnerability Threat Landscape
blogs_qualys·2023-07-11
Part 1: An In-Depth Look at the Latest Vulnerability Threat Landscape
## Table of Contents
Access Vector: Network vs Local
Authentication/Privilege Required to Exploiting the Vulnerability
Common Weakness Exploited by High-Risk Vulnerabilities
High-Risk Vulnerabilities Vs MITRE ATT&CK Framework
High-Risk Vulns Vs CISA Known Exploited Vulns (CISA KEV)
Exploit Prediction Scoring System (EPSS) for Vulnerabilities with Weaponized Exploits
Risk-Based Prioritization with Qualys VMDR with TruRisk
Key Insights & Takeaways:
References
Additional Contributor
The number of vulnerabilities is steadily increasing over the years, as evidenced by the 206,000 vulnerabilities reported and still counting in the National Vulnerability Database (NVD). With each subsequent year, this trend has persisted since 2016, surpassing the previous vulnerability count. In 2023
Qualys
Part 1: An In-Depth Look at the Latest Vulnerability Threat Landscape | Qualys
blogs_qualys·2023-07-11
Part 1: An In-Depth Look at the Latest Vulnerability Threat Landscape | Qualys
#### Table of Contents
- Access Vector: Network vs Local
- Authentication/Privilege Required to Exploiting the Vulnerability
- Common Weakness Exploited by High-Risk Vulnerabilities
- High-Risk Vulnerabilities Vs MITRE ATT&CK Framework
- High-Risk Vulns Vs CISA Known Exploited Vulns (CISA KEV)
- Exploit Prediction Scoring System (EPSS) for Vulnerabilities with Weaponized Exploits
- Risk-Based Prioritization with Qualys VMDR with TruRisk
- Key Insights & Takeaways:
- References
- Additional Contributor
The number of vulnerabilities is steadily increasing over the years, as evidenced by the 206,000 vulnerabilities reported and still counting in the National Vulnerability Database (NVD). With each subsequent year, this trend has persisted since 2016, surpassing the previous vulnerability co
Checkpoint
12th June – Threat Intelligence Report
blogs_checkpoint·2023-06-12·CVSS 9.8
CVE-2023-34362 [CRITICAL] 12th June – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 12th June – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 12th June, please download our Threat_Intelligence Bulletin
TOP ATTACKS AND BREACHES
Cl0p ransomware gang claimed responsibility for a major exploitation of a managed file transfer tool – The gang leveraged zero-day SQL injection vulnerability (CVE-2023-34362) that potentially exposed the data of hundreds of companies. One of the victims was the payroll services provider Zellis, what caused to exposure of employe
Talos
Now’s not the time to take our foot off the gas when it comes to fighting disinformation online
blogs_talos·2023-06-08
Now’s not the time to take our foot off the gas when it comes to fighting disinformation online
## Now’s not the time to take our foot off the gas when it comes to fighting disinformation online
Welcome to this week’s edition of the Threat Source newsletter.
In the wake of the 2016 and 2020 presidential elections, it seemed like big tech companies were taking the fight against disinformation seriously. Social media outlets set up new fact-checking procedures and got more aggressive about banning or blocking pages and profiles that spread disinformation around elections.
Now I’m worried we’re already moving backward with another presidential election just around the corner (somehow).
In November, Twitter laid off a huge swath of its staff that heavily affected the teams tasked with keeping misinformation and fake news off the platform. Google reportedly laid off several experts on
Talos
Now’s not the time to take our foot off the gas when it comes to fighting disinformation online
blogs_talos·2023-06-08
Now’s not the time to take our foot off the gas when it comes to fighting disinformation online
Welcome to this week’s edition of the Threat Source newsletter.
In the wake of the 2016 and 2020 presidential elections, it seemed like big tech companies were taking the fight against disinformation seriously. Social media outlets set up new fact-checking procedures and got more aggressive about banning or blocking pages and profiles that spread disinformation around elections.
Now I’m worried we’re already moving backward with another presidential election just around the corner (somehow).
In November, Twitter laid off a huge swath of its staff that heavily affected the teams tasked with keeping misinformation and fake news off the platform. Google reportedly laid off several experts on the matter at YouTube, leaving only one person solely in charge of the platform’s misinformation po
http://packetstormsecurity.com/files/176211/Chrome-V8-Type-Confusion.htmlhttp://packetstormsecurity.com/files/176212/Chrome-V8-Type-Confusion-New-Sandbox-Escape.htmlhttps://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.htmlhttps://crbug.com/1450481https://lists.fedoraproject.org/archives/list/[email protected]/message/DYTXO5E3FI3I2ETDP3HF4SHYYTFMKMIC/https://lists.fedoraproject.org/archives/list/[email protected]/message/U4OXTNIZY4JYHJT7CVLPAJQILI6BISVM/https://security.gentoo.org/glsa/202311-11https://security.gentoo.org/glsa/202401-34https://www.couchbase.com/alerts/https://www.debian.org/security/2023/dsa-5420http://packetstormsecurity.com/files/176211/Chrome-V8-Type-Confusion.htmlhttp://packetstormsecurity.com/files/176212/Chrome-V8-Type-Confusion-New-Sandbox-Escape.htmlhttps://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop.htmlhttps://crbug.com/1450481https://lists.fedoraproject.org/archives/list/[email protected]/message/DYTXO5E3FI3I2ETDP3HF4SHYYTFMKMIC/https://lists.fedoraproject.org/archives/list/[email protected]/message/U4OXTNIZY4JYHJT7CVLPAJQILI6BISVM/https://security.gentoo.org/glsa/202311-11https://security.gentoo.org/glsa/202401-34https://www.couchbase.com/alerts/https://www.debian.org/security/2023/dsa-5420https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-3079
2023-06-05
Published
2023-06-07
Added to CISA KEV
Exploited in the wild