First published: Sat Apr 29 2023(Updated: )
<p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2023">Google Chrome Releases</a> for more information.</p>
Credit: chrome-cve-admin@google.com chrome-cve-admin@google.com Hafiizh
Affected Software | Affected Version | How to fix |
---|---|---|
debian/chromium | <=90.0.4430.212-1~deb10u1<=116.0.5845.180-1~deb11u1<=116.0.5845.180-1~deb12u1 | 118.0.5993.70-1~deb11u1 118.0.5993.70-1~deb12u1 118.0.5993.70-1 118.0.5993.117-1 |
Google Chrome | <117.0.5938.62 | |
Fedoraproject Fedora | =37 | |
Fedoraproject Fedora | =38 | |
Fedoraproject Fedora | =39 | |
Debian Debian Linux | =11.0 | |
Debian Debian Linux | =12.0 | |
Microsoft Edge | <117.0.2045.31 | |
Microsoft Edge (Chromium-based) | ||
Google Chrome | <117.0.5938.62 | 117.0.5938.62 |
<117.0.5938.62 | ||
=37 | ||
=38 | ||
=39 | ||
=11.0 | ||
=12.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The severity of CVE-2023-4905 is Medium.
A remote attacker can exploit CVE-2023-4905 by spoofing security UI via a crafted HTML page.
Google Chrome versions prior to 117.0.5938.62 and Microsoft Edge (Chromium-based) versions up to 117.0.2045.31 are affected by CVE-2023-4905.
You can check if your version of Google Chrome or Microsoft Edge (Chromium-based) is vulnerable by verifying the version number. If it is prior to 117.0.5938.62 for Google Chrome or 117.0.2045.31 for Microsoft Edge (Chromium-based), it is vulnerable.
Update Google Chrome to version 117.0.5938.62 or later, and Microsoft Edge (Chromium-based) to version 117.0.2045.31 or later to mitigate CVE-2023-4905.