CVE-2023-4369

Reference Links

• https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-chromeos_25.html (Advisory)
• https://crbug.com/1464456

Parent vulnerabilities

(Appears in the following advisories)

• 4978345371388270778

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2023-20593
• CVE-2023-4211
• CVE-2023-4128
• CVE-2023-4147
• CVE-2023-3390
• CVE-2023-32804
• CVE-2022-40982
• CVE-2023-2312
• CVE-2023-4349
• CVE-2023-4350
• CVE-2023-4351
• CVE-2023-4352
• CVE-2023-4353
• CVE-2023-4354
• CVE-2023-4355
• CVE-2023-4356
• CVE-2023-4357
• CVE-2023-4358
• CVE-2023-4359
• CVE-2023-4360
• CVE-2023-4361
• CVE-2023-4362
• CVE-2023-4363
• CVE-2023-4364
• CVE-2023-4365
• CVE-2023-4366
• CVE-2023-4367
• CVE-2023-4368
• CVE-2023-21264
• CVE-2020-29374

Frequently Asked Questions

• What is the vulnerability ID?

  The vulnerability ID is CVE-2023-4369.

• What is the title of the vulnerability?

  The title of the vulnerability is 'Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.120'.

• How severe is CVE-2023-4369?

  CVE-2023-4369 has a severity rating of 8.8 (high).

• How does CVE-2023-4369 impact Google Chrome on ChromeOS?

  CVE-2023-4369 allows an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page.

• How can I fix CVE-2023-4369?

  To fix CVE-2023-4369, update Google Chrome on ChromeOS to version 116.0.5845.120 or newer.