What is CVE-2023-3730?

CVE-2023-3730 is a vulnerability in Chromium that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.

What is the severity of CVE-2023-3730?

CVE-2023-3730 has a severity rating of High (8.8) according to Chromium security severity.

How can CVE-2023-3730 be exploited?

CVE-2023-3730 can be exploited by convincing a user to engage in specific UI interactions with a crafted HTML page.

Which software versions are affected by CVE-2023-3730?

Google Chrome prior to version 115.0.5790.98 and Microsoft Edge (Chromium-based) prior to version 115.0.1901.183 are affected by CVE-2023-3730.

How can I fix CVE-2023-3730?

To fix CVE-2023-3730, update Google Chrome to version 115.0.5790.98 or later and update Microsoft Edge (Chromium-based) to version 115.0.1901.183 or later.

Vulnerability/
CVE-2023-3730

high

8.8

CWE

416

9/6/2023

1/8/2023

2/8/2024

CVE-2023-3730: Use after free in Tab Groups

First published: Fri Jun 09 2023(Updated: )

<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2023">Google Chrome Releases</a> for more information.</p>

Credit: chrome-cve-admin@google.com chrome-cve-admin@google.com @ginggilBesel

Affected Software	Affected Version	How to fix
Microsoft Edge (Chromium-based) Extended Stable		fix available externally
Microsoft Edge	<115.0.1901.183
Google Chrome	<115.0.5790.98
Microsoft Edge (Chromium-based)		fix available externally
Google Chrome	<115.0.5790.98	115.0.5790.98

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

1127106949487312592

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is CVE-2023-3730?
CVE-2023-3730 is a vulnerability in Chromium that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.
What is the severity of CVE-2023-3730?
CVE-2023-3730 has a severity rating of High (8.8) according to Chromium security severity.
How can CVE-2023-3730 be exploited?
CVE-2023-3730 can be exploited by convincing a user to engage in specific UI interactions with a crafted HTML page.
Which software versions are affected by CVE-2023-3730?
Google Chrome prior to version 115.0.5790.98 and Microsoft Edge (Chromium-based) prior to version 115.0.1901.183 are affected by CVE-2023-3730.
How can I fix CVE-2023-3730?
To fix CVE-2023-3730, update Google Chrome to version 115.0.5790.98 or later and update Microsoft Edge (Chromium-based) to version 115.0.1901.183 or later.

collector/msrc
collector/msrc-cve
agent/type
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-latest
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/references
agent/severity
agent/title
agent/author
agent/first-publish-date
agent/softwarecombine
agent/event
agent/last-modified-date
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
collector/chrome-releases
vendor/microsoft
canonical/microsoft edge (chromium-based) extended stable
canonical/microsoft edge
vendor/google
canonical/google chrome
canonical/microsoft edge (chromium-based)