First published: Wed Jul 26 2023(Updated: )
<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2023">Google Chrome Releases</a> for more information.</p>
Credit: chrome-cve-admin@google.com chrome-cve-admin@google.com Axel Chong
Affected Software | Affected Version | How to fix |
---|---|---|
debian/chromium | <=90.0.4430.212-1~deb10u1 | 116.0.5845.180-1~deb11u1 118.0.5993.117-1~deb11u1 116.0.5845.180-1~deb12u1 118.0.5993.117-1~deb12u1 118.0.5993.117-1 |
Google Chrome | <116.0.5845.96 | |
Debian Debian Linux | =11.0 | |
Debian Debian Linux | =12.0 | |
Microsoft Edge | <116.0.1938.54 | |
Microsoft Edge (Chromium-based) | ||
<116.0.5845.96 | ||
=11.0 | ||
=12.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2023-4368 is a vulnerability in the Extensions API in Google Chrome and Microsoft Edge that allows an attacker to bypass an enterprise policy via a crafted HTML page.
The severity of CVE-2023-4368 is rated as high with a CVSS score of 8.8.
Google Chrome versions prior to 116.0.5845.96, Microsoft Edge versions prior to 116.0.1938.54, Debian Linux 11.0 and 12.0, and Chromium versions prior to 117.0.5938.62 are affected by CVE-2023-4368.
To fix CVE-2023-4368, update Google Chrome to version 116.0.5845.96 or later, and update Microsoft Edge to version 116.0.1938.54 or later.
The references for CVE-2023-4368 are: [MSRC Microsoft](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4368), [Chrome Releases Google Blog](https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html), and [CrBug](https://crbug.com/1467751).