The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3bfb63f6d2 advisory.

  - Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to     perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)     (CVE-2023-4427)

  - Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to     perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)     (CVE-2023-4428)

  - Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially     exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-4429)

  - Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially     exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-4430)

  - Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to     perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)     (CVE-2023-4431)

  - Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to     potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)     (CVE-2023-4572)

  - libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in     jdcoefct.c. (CVE-2021-29390)

  - Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker     who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page.
    (Chromium security severity: High) (CVE-2023-4761)

  - Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute     arbitrary code via a crafted HTML page. (Chromium security severity: High) (CVE-2023-4762)

  - Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to     potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)     (CVE-2023-4763)

  - Incorrect security UI in BFCache in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to     spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)     (CVE-2023-4764)

  - Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a     remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security     severity: Critical) (CVE-2023-4863)

  - Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a     remote attacker to obfuscate a permission prompt via a crafted HTML page. (Chromium security severity:
    Medium) (CVE-2023-4900)

  - Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker     to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium)     (CVE-2023-4901)

  - Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to     spoof security UI via a crafted HTML page. (Chromium security severity: Medium) (CVE-2023-4902)

  - Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62     allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity:
    Medium) (CVE-2023-4903)

  - Insufficient policy enforcement in Downloads in Google Chrome prior to 117.0.5938.62 allowed a remote     attacker to bypass Enterprise policy restrictions via a crafted download. (Chromium security severity:
    Medium) (CVE-2023-4904)

  - Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker     to spoof security UI via a crafted HTML page. (Chromium security severity: Medium) (CVE-2023-4905)

  - Insufficient policy enforcement in Autofill in Google Chrome prior to 117.0.5938.62 allowed a remote     attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)     (CVE-2023-4906)

  - Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a     remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)     (CVE-2023-4907)

  - Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a     remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)     (CVE-2023-4908)

  - Inappropriate implementation in Interstitials in Google Chrome prior to 117.0.5938.62 allowed a remote     attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)     (CVE-2023-4909)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Fedora 38 : chromium (2023-3bfb63f6d2)

high Nessus Plugin ID 181517

Version 1.5

Version 1.4

Version 1.3

Version 1.2

Version 1.1

Version 1.0

Version 1.5 Apr 30, 2024, 7:28 AM CVSSv3 score source (changed from "CVE-2023-4863" to none) Plugin Feed: 202404300728
Version 1.4 Apr 30, 2024, 4:27 AM CVSSv3 score source (set to "CVE-2023-4863") Plugin metadata Plugin Feed: 202404300427
Version 1.3 Feb 7, 2024, 4:20 PM CISA reference Plugin Feed: 202402071620
Version 1.2 Feb 6, 2024, 6:23 PM CISA reference Plugin Feed: 202402061823
Version 1.1 Oct 2, 2023, 2:13 PM CVSS metrics ("CVSSv3 score" changed from 9.8 to 8.8. "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C") CVSSv2 score source (changed from "CVE-2023-4763" to "CVE-2023-4863") CVSSv3 score source (set to "CVE-2023-4863") Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202310021413
Version 1.0 Sep 18, 2023, 8:04 AM New Plugin Feed: 202309180804