CVE Database · CVE-2023-2033
CVSS v3.1
8.8
EPSS
40.67%
Published
Apr 14, 2023
Modified
Oct 24, 2025
CISA Known Exploited Vulnerability
Added: 2023-04-17 · Due: 2023-05-08
Apply updates per vendor instructions.
Public PoC / Exploit (6)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HWeaknesses (CWE)
Affected Products (7)
References (20)